sytchov

Membres

Afficher le profil Afficher son activité

Compteur de contenus
35
Inscription
le 30 décembre 2010
Dernière visite
le 3 octobre 2013

sytchov's Achievements

Member (4/12)

Réputation sur la communauté

Toshiba Satellite

sytchov a répondu à un(e) sujet de sytchov dans Conseils matériel - Achats & Ventes

Je tiens à préciser qu'il était à 555€
- le 31 mars 2013
- 1 réponse
Toshiba Satellite

sytchov a posté un sujet dans Conseils matériel - Achats & Ventes

Bonjour! J'aimerais savoir ce que vous pensez du rapport qualité/prix de ce PC Toshiba Satellite P850-31T Ordinateur Portable 15,6'' (39,62 cm) Intel core i5 750 Go Mémoire RAM-5400 Mo NVIDIA GeForce Windows 8 Gris Je suis à la recherche d'un PC avec un I5 pour environ 600€ et celui-ci m'a bien tapé dans l'oeil mais j'aimerais avoir l'avis de personnes s'y connaissant bien Merci d'avance!
- le 31 mars 2013
- 1 réponse
[Résolu] Virus GEMA

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

OK, merci pour ce dernier conseil et encore merci pour ce gros nettoyage et pour le temps que t'y a consacré A bientôt
- le 20 juin 2012
- 20 réponses
[Résolu] Virus GEMA

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

Enooooorme tout est OK!! merci infiniment pour ton aide Dernière petite chose je peux garder ou supprimer quel logiciel?
- le 18 juin 2012
- 20 réponses
[Résolu] Virus GEMA

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

J'ai fait le scan avec tdsskille et jai aussi fait celui de kapersky qui a pris plusieurs heures. Il a eliminé beaucoup de trojan, jai redémarré le pc, fait un scan avec malwarebyte, il m'a détecté les mêmes infections qu'avant le scan de kapersky, je les ais supprimés, reboot le pc et là, plus rien!! J'ai juste une fenêtre qui apparait souvent en me disant que mon windows est pas authentique ce qui, bien sûre n'est pas le cas, ça peut venir d'une infection ou autre?
- le 17 juin 2012
- 20 réponses
[Résolu] Virus GEMA

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

Désolé de la réponse tardive, grosse journée de travail. J'ai fait le scan avec Purera, par contre, j'ai pas fait celui de kapersky. Jai suivi le tuto (http://www.malekal.com/2010/11/12/graver-une-image-iso-avec-imgburn/) jusque là tout va bien mais pour démarrer le CD j'y arrive pas. Le lien pour changer la séquence de démarrage dans le tuto ci dessous est mort. "Windows Unlocker depuis le CD Live de Kaspersky est aussi une solution. Vous devez graver le CD et Booter dessus, tout ceci est expliquer sur la page suivante : Malekal's forum • Kaspersky Live CD et Windows Unlocker : Tutorial Antivirus Le principe étant de graver le CD Kaspersky sur un CD ou mettre sur clef USB. Redémarrer l’ordinateur et changer la séquence de démarrage Malekal's forum • Booter sur un CD ou DVD : Tutorials Windows pour faire démarrer sur le CD ou clef USB."
- le 15 juin 2012
- 20 réponses
[Résolu] Virus GEMA

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

Après l'analyse j'ai redémarré le PC et refait une analyse et voici le résultat Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Version de la base de données: v2012.06.15.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Christophe :: CHRIS [administrateur] 15/06/2012 13:31:35 mbam-log-2012-06-15 (13-31-35).txt Type d'examen: Examen rapide Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 232465 Temps écoulé: 3 minute(s), 31 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 1 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Backdoor.Agent) -> Données: C:\Users\Christophe\AppData\Local\d92096e5\X -> Mis en quarantaine et supprimé avec succès. Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 3 C:\Users\Christophe\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. C:\Users\UpdatusUser\AppData\Local\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. C:\Windows\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. (fin)
- le 15 juin 2012
- 20 réponses
[Résolu] Virus GEMA

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

Rapport de malwarebyte: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Version de la base de données: v2012.06.15.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Christophe :: CHRIS [administrateur] 15/06/2012 13:23:48 mbam-log-2012-06-15 (13-23-48).txt Type d'examen: Examen rapide Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 232751 Temps écoulé: 2 minute(s), 27 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 1 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Backdoor.Agent) -> Données: C:\Users\Christophe\AppData\Local\d92096e5\X -> Mis en quarantaine et supprimé avec succès. Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 3 C:\Users\Christophe\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. C:\Users\UpdatusUser\AppData\Local\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. C:\Windows\temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Mis en quarantaine et supprimé avec succès. (fin)
- le 15 juin 2012
- 20 réponses
[Résolu] Virus GEMA

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

Rapport de ZHPFix: Rapport de ZHPFix 1.2.06 par Nicolas Coolman, Update du 17/05/2012 Fichier d'export Registre : Run by Christophe at 14/06/2012 22:00:25 Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com ========== Logiciel(s) ========== ABSENT Software Key: {26A24AE4-039D-4CA4-87B4-2F83216020F0} ABSENT Software Key: {26A24AE4-039D-4CA4-87B4-2F83216020FF} ABSENT Software Key: {86D4B82A-ABED-442A-BE86-96357B70F4FE} ========== Clé(s) du Registre ========== SUPPRIME Key*: HKCU\Software\AppDataLow\Software\Conduit SUPPRIME Key*: HKCU\Software\AppDataLow\Software\PriceGong SUPPRIME Key*: HKCU\Software\AppDataLow\Software\ShopperReports3 SUPPRIME Key*: HKCU\Software\AppDataLow\Software\Softonic_France ABSENT Key: HKLM\Software\AskToolbar ABSENT Key: HKLM\Software\Iminent ABSENT Key: HKLM\Software\MetaStream ABSENT Key: HKLM\Software\Softonic_France SUPPRIME Key*: SearchScopes :{63525819-C279-4725-B934-B560EE26FDBE} ========== Valeur(s) du Registre ========== ABSENT Value Key: Application ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Préférences navigateur ========== SUPPRIME Mozilla Pref: user_pref("CT2542115.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); SUPPRIME Mozilla Pref: user_pref("CT2542115.CTID", "CT2542115"); SUPPRIME Mozilla Pref: user_pref("CT2542115.CurrentServerDate", "25-7-2010"); SUPPRIME Mozilla Pref: user_pref("CT2542115.DialogsAlignMode", "LTR"); SUPPRIME Mozilla Pref: user_pref("CT2542115.EMailNotifierPollDate", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedLastCount3702671119025834822", 350); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189313", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189319", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189325", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189331", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189337", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189343", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189349", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189355", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189361", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189367", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189373", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189379", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189385", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189391", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189397", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189403", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189409", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189415", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189421", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189427", "Sun Jul 25 2010 00:55:57 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedPollDate129212453356189433", "Sun Jul 25 2010 00:55:57 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189313", 30); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189319", 2); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189325", 2); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189337", 2); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189343", 30); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189361", 5); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189367", 5); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189373", 5); SUPPRIME Mozilla Pref: user_pref("CT2542115.FeedTTL129212453356189391", 5); SUPPRIME Mozilla Pref: user_pref("CT2542115.FirstServerDate", "25-7-2010"); SUPPRIME Mozilla Pref: user_pref("CT2542115.FirstTime", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.FirstTimeFF3", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.FixPageNotFoundErrors", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.GroupingServerCheckInterval", 1440); SUPPRIME Mozilla Pref: user_pref("CT2542115.GroupingServiceUrl", "http://grouping.services.conduit.com/"); SUPPRIME Mozilla Pref: user_pref("CT2542115.Initialize", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.InitializeCommonPrefs", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.InstalledDate", "Sun Jul 25 2010 00:55:54 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.InvalidateCache", false); SUPPRIME Mozilla Pref: user_pref("CT2542115.IsGrouping", false); SUPPRIME Mozilla Pref: user_pref("CT2542115.IsMulticommunity", false); SUPPRIME Mozilla Pref: user_pref("CT2542115.IsOpenThankYouPage", false); SUPPRIME Mozilla Pref: user_pref("CT2542115.IsOpenUninstallPage", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.LanguagePackLastCheckTime", "Sun Jul 25 2010 00:55:56 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.LanguagePackReloadIntervalMM", 1440); SUPPRIME Mozilla Pref: user_pref("CT2542115.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); SUPPRIME Mozilla Pref: user_pref("CT2542115.LastLogin_2.5.8.6", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.LatestVersion", "2.1.0.18"); SUPPRIME Mozilla Pref: user_pref("CT2542115.Locale", "fr-fr"); SUPPRIME Mozilla Pref: user_pref("CT2542115.LoginCache", 4); SUPPRIME Mozilla Pref: user_pref("CT2542115.MCDetectTooltipHeight", "83"); SUPPRIME Mozilla Pref: user_pref("CT2542115.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); SUPPRIME Mozilla Pref: user_pref("CT2542115.MCDetectTooltipWidth", "295"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioIsPodcast", false); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioLastUpdateIPServer", "3"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioLastUpdateServer", "3"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioMediaID", "9962"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioMediaType", "Media Player"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioMenuSelectedID", "EBRadioMenu_CT25421159962"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioStationName", "California%20Rock"); SUPPRIME Mozilla Pref: user_pref("CT2542115.RadioStationURL", "http://feedlive.net/california.asx"); SUPPRIME Mozilla Pref: user_pref("CT2542115.SHRINK_TOOLBAR", 1); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchEngine", "Recherche||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2542115&octid=EB_O[...] SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchFromAddressBarIsInit", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&q="); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchInNewTabEnabled", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchInNewTabIntervalMM", 1440); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchInNewTabLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); SUPPRIME Mozilla Pref: user_pref("CT2542115.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_T[...] SUPPRIME Mozilla Pref: user_pref("CT2542115.SettingsCheckIntervalMin", 120); SUPPRIME Mozilla Pref: user_pref("CT2542115.SettingsLastCheckTime", "Sun Jul 25 2010 00:55:53 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.SettingsLastUpdate", "1279444348"); SUPPRIME Mozilla Pref: user_pref("CT2542115.ThirdPartyComponentsInterval", 504); SUPPRIME Mozilla Pref: user_pref("CT2542115.ThirdPartyComponentsLastCheck", "Sun Jul 25 2010 00:55:53 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.ThirdPartyComponentsLastUpdate", "1279444348"); SUPPRIME Mozilla Pref: user_pref("CT2542115.TrusteLinkUrl", "http://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112"); SUPPRIME Mozilla Pref: user_pref("CT2542115.UserID", "UN56093133060332279"); SUPPRIME Mozilla Pref: user_pref("CT2542115.ValidationData_Toolbar", 0); SUPPRIME Mozilla Pref: user_pref("CT2542115.WeatherNetwork", ""); SUPPRIME Mozilla Pref: user_pref("CT2542115.WeatherPollDate", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("CT2542115.WeatherUnit", "C"); SUPPRIME Mozilla Pref: user_pref("CT2542115.alertChannelId", "935078"); SUPPRIME Mozilla Pref: user_pref("CT2542115.clientLogIsEnabled", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); SUPPRIME Mozilla Pref: user_pref("CT2542115.myStuffEnabled", true); SUPPRIME Mozilla Pref: user_pref("CT2542115.myStuffPublihserMinWidth", 400); SUPPRIME Mozilla Pref: user_pref("CT2542115.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...] SUPPRIME Mozilla Pref: user_pref("CT2542115.myStuffServiceIntervalMM", 1440); SUPPRIME Mozilla Pref: user_pref("CT2542115.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] SUPPRIME Mozilla Pref: user_pref("CT2542115.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); SUPPRIME Mozilla Pref: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties"); SUPPRIME Mozilla Pref: user_pref("CommunityToolbar.ToolbarsList", "CT2542115"); SUPPRIME Mozilla Pref: user_pref("CommunityToolbar.ToolbarsList2", "CT2542115"); SUPPRIME Mozilla Pref: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("extensions.asktb.cbid", "NV SUPPRIME Mozilla Pref: user_pref("extensions.asktb.dtid", "YYYYYYYYFR SUPPRIME Mozilla Pref: user_pref("extensions.asktb.first-launch-url", "http://127.0.0.1:895/config/?action=connect&lang=fre&afd=1293055777&afc=C480E02551[...] SUPPRIME Mozilla Pref: user_pref("extensions.asktb.fresh-install", false); SUPPRIME Mozilla Pref: user_pref("extensions.asktb.l", "dis SUPPRIME Mozilla Pref: user_pref("extensions.asktb.last-config-req", "1294607561789 SUPPRIME Mozilla Pref: user_pref("extensions.asktb.locale", "fr_FR SUPPRIME Mozilla Pref: user_pref("extensions.asktb.o", "15666 SUPPRIME Mozilla Pref: user_pref("extensions.asktb.overlay-reloaded-using-restart", true); SUPPRIME Mozilla Pref: user_pref("extensions.asktb.qsrc", "2871 SUPPRIME Mozilla Pref: user_pref("extensions.asktb.r", "2"); SUPPRIME Mozilla Pref: user_pref("extensions.asktb.search-suggestions-enabled", true); ========== Dossier(s) ========== SUPPRIME Reboot Folder**: C:\Program Files (x86)\Conduit SUPPRIME Reboot Folder**: C:\Program Files (x86)\CrazyLoader ABSENT C:\Program Files (x86)\Iminent SUPPRIME Folder: C:\Users\Christophe\AppData\Roaming\CrazyLoader SUPPRIME Folder: C:\Users\Christophe\AppData\Roaming\teamspeak2 SUPPRIME Folder: C:\Users\Christophe\AppData\Local\crazyloader Air SUPPRIME Folder: C:\Users\Christophe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrazyLoader SUPPRIME Flash Cookies: SUPPRIME Temporaires Windows: ========== Fichier(s) ========== SUPPRIME Flash Cookies: SUPPRIME Temporaires Windows: ========== Tache planifiée ========== SUPPRIME Task: Scheduled Update for Ask Toolbar SUPPRIME Task: {5E1238AF-6253-47D3-841A-C49F902D98AF} SUPPRIME Task: {8FAB2E51-9386-481F-934A-69E9948F5087} SUPPRIME Task: {9B5E2FE5-7B55-4196-8AEB-4295F9412E56} SUPPRIME Task: {FD657B59-C17F-4BE7-B09D-A1DF9959D04B} ========== Autre ========== NON TRAITE [HKCU\Software\AppDataLow\AskToolbarIn NON TRAITE [HKCU\Software\AppDataLow\Software\AskToolba NON TRAITE [HKCU\Software\AppDataLow\Toolbar ========== Récapitulatif ========== 9 : Clé(s) du Registre 4 : Valeur(s) du Registre 9 : Dossier(s) 2 : Fichier(s) 3 : Logiciel(s) 115 : Préférences navigateur 5 : Tache planifiée 3 : Autre End of clean in 00mn 47s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 14/06/2012 22:00:25 [13619] Rapport de Adwcleaner: # AdwCleaner v1.609 - Rapport créé le 14/06/2012 à 22:22:48 # Mis à jour le 10/06/2012 par Xplode # Système d'exploitation : Windows 7 Professional Service Pack 1 (64 bits) # Nom d'utilisateur : Christophe - CHRIS # Exécuté depuis : C:\Users\Christophe\Desktop\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Users\CHRIST~1\AppData\Local\Temp\Iminent Dossier Supprimé : C:\Users\Christophe\AppData\LocalLow\AskToolbar Dossier Supprimé : C:\Users\Christophe\AppData\LocalLow\Conduit Dossier Supprimé : C:\Users\Christophe\AppData\LocalLow\PriceGong Dossier Supprimé : C:\Users\Christophe\AppData\LocalLow\ShopperReports3 Dossier Supprimé : C:\Users\Christophe\AppData\LocalLow\Toolbar4 Dossier Supprimé : C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\mghaulj5.default\Conduit Dossier Supprimé : C:\ProgramData\Viewpoint Dossier Supprimé : C:\Program Files (x86)\Conduit Dossier Supprimé : C:\Program Files (x86)\CrazyLoader Dossier Supprimé : C:\Program Files (x86)\Viewpoint Dossier Supprimé : C:\Program Files (x86)\vShare.tv plugin Dossier Supprimé : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Fichier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll ***** [Registre] ***** Clé Supprimée : HKCU\Software\Ask.com Clé Supprimée : HKCU\Software\Ask.com.tmp Clé Supprimée : HKCU\Software\Nosibay Clé Supprimée : HKCU\Software\Softonic Clé Supprimée : HKCU\Software\Spointer Clé Supprimée : HKCU\Software\StartSearch Clé Supprimée : HKCU\Software\AppDataLow\AskToolbarInfo Clé Supprimée : HKCU\Software\AppDataLow\Toolbar Clé Supprimée : HKCU\Software\AppDataLow\Software\AskToolbar Clé Supprimée : HKCU\Software\JavaSoft\Prefs\crazyloader Clé Supprimée : HKLM\SOFTWARE\AskToolbar Clé Supprimée : HKLM\SOFTWARE\Conduit Clé Supprimée : HKLM\SOFTWARE\Iminent Clé Supprimée : HKLM\SOFTWARE\MetaStream Clé Supprimée : HKLM\SOFTWARE\Viewpoint Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1 Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP [x64] Clé Supprimée : HKLM\SOFTWARE\Software [x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF ***** [Registre - GUID] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v11.0 (fr) Nom du profil : default Fichier : C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\mghaulj5.default\prefs.js Supprimée : /*user_pref("CT2542115.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");*/ Supprimée : /*user_pref("CT2542115.CTID", "CT2542115");*/ Supprimée : /*user_pref("CT2542115.CurrentServerDate", "25-7-2010");*/ Supprimée : /*user_pref("CT2542115.DialogsAlignMode", "LTR");*/ Supprimée : /*user_pref("CT2542115.EMailNotifierPollDate", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedLastCount3702671119025834822", 350);*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189313", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189319", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189325", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189331", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189337", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189343", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189349", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189355", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189361", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189367", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189373", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189379", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189385", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189391", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189397", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189403", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189409", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189415", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189421", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189427", "Sun Jul 25 2010 00:55:57 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedPollDate129212453356189433", "Sun Jul 25 2010 00:55:57 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189313", 30);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189319", 2);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189325", 2);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189337", 2);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189343", 30);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189361", 5);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189367", 5);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189373", 5);*/ Supprimée : /*user_pref("CT2542115.FeedTTL129212453356189391", 5);*/ Supprimée : /*user_pref("CT2542115.FirstServerDate", "25-7-2010");*/ Supprimée : /*user_pref("CT2542115.FirstTime", true);*/ Supprimée : /*user_pref("CT2542115.FirstTimeFF3", true);*/ Supprimée : /*user_pref("CT2542115.FixPageNotFoundErrors", true);*/ Supprimée : /*user_pref("CT2542115.GroupingServerCheckInterval", 1440);*/ Supprimée : /*user_pref("CT2542115.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");*/ Supprimée : /*user_pref("CT2542115.Initialize", true);*/ Supprimée : /*user_pref("CT2542115.InitializeCommonPrefs", true);*/ Supprimée : /*user_pref("CT2542115.InstalledDate", "Sun Jul 25 2010 00:55:54 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.InvalidateCache", false);*/ Supprimée : /*user_pref("CT2542115.IsGrouping", false);*/ Supprimée : /*user_pref("CT2542115.IsMulticommunity", false);*/ Supprimée : /*user_pref("CT2542115.IsOpenThankYouPage", false);*/ Supprimée : /*user_pref("CT2542115.IsOpenUninstallPage", true);*/ Supprimée : /*user_pref("CT2542115.LanguagePackLastCheckTime", "Sun Jul 25 2010 00:55:56 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.LanguagePackReloadIntervalMM", 1440);*/ Supprimée : /*user_pref("CT2542115.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.as[...] Supprimée : /*user_pref("CT2542115.LastLogin_2.5.8.6", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.LatestVersion", "2.1.0.18");*/ Supprimée : /*user_pref("CT2542115.Locale", "fr-fr");*/ Supprimée : /*user_pref("CT2542115.LoginCache", 4);*/ Supprimée : /*user_pref("CT2542115.MCDetectTooltipHeight", "83");*/ Supprimée : /*user_pref("CT2542115.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");*/ Supprimée : /*user_pref("CT2542115.MCDetectTooltipWidth", "295");*/ Supprimée : /*user_pref("CT2542115.RadioIsPodcast", false);*/ Supprimée : /*user_pref("CT2542115.RadioLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.RadioLastUpdateIPServer", "3");*/ Supprimée : /*user_pref("CT2542115.RadioLastUpdateServer", "3");*/ Supprimée : /*user_pref("CT2542115.RadioMediaID", "9962");*/ Supprimée : /*user_pref("CT2542115.RadioMediaType", "Media Player");*/ Supprimée : /*user_pref("CT2542115.RadioMenuSelectedID", "EBRadioMenu_CT25421159962");*/ Supprimée : /*user_pref("CT2542115.RadioStationName", "California%20Rock");*/ Supprimée : /*user_pref("CT2542115.RadioStationURL", "hxxp://feedlive.net/california.asx");*/ Supprimée : /*user_pref("CT2542115.SHRINK_TOOLBAR", 1);*/ Supprimée : /*user_pref("CT2542115.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARC[...] Supprimée : /*user_pref("CT2542115.SearchFromAddressBarIsInit", true);*/ Supprimée : /*user_pref("CT2542115.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2[...] Supprimée : /*user_pref("CT2542115.SearchInNewTabEnabled", true);*/ Supprimée : /*user_pref("CT2542115.SearchInNewTabIntervalMM", 1440);*/ Supprimée : /*user_pref("CT2542115.SearchInNewTabLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB[...] Supprimée : /*user_pref("CT2542115.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServ[...] Supprimée : /*user_pref("CT2542115.SettingsCheckIntervalMin", 120);*/ Supprimée : /*user_pref("CT2542115.SettingsLastCheckTime", "Sun Jul 25 2010 00:55:53 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.SettingsLastUpdate", "1279444348");*/ Supprimée : /*user_pref("CT2542115.ThirdPartyComponentsInterval", 504);*/ Supprimée : /*user_pref("CT2542115.ThirdPartyComponentsLastCheck", "Sun Jul 25 2010 00:55:53 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.ThirdPartyComponentsLastUpdate", "1279444348");*/ Supprimée : /*user_pref("CT2542115.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramI[...] Supprimée : /*user_pref("CT2542115.UserID", "UN56093133060332279");*/ Supprimée : /*user_pref("CT2542115.ValidationData_Toolbar", 0);*/ Supprimée : /*user_pref("CT2542115.WeatherNetwork", "");*/ Supprimée : /*user_pref("CT2542115.WeatherPollDate", "Sun Jul 25 2010 00:55:55 GMT+0200");*/ Supprimée : /*user_pref("CT2542115.WeatherUnit", "C");*/ Supprimée : /*user_pref("CT2542115.alertChannelId", "935078");*/ Supprimée : /*user_pref("CT2542115.clientLogIsEnabled", true);*/ Supprimée : /*user_pref("CT2542115.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.a[...] Supprimée : /*user_pref("CT2542115.myStuffEnabled", true);*/ Supprimée : /*user_pref("CT2542115.myStuffPublihserMinWidth", 400);*/ Supprimée : /*user_pref("CT2542115.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSource[...] Supprimée : /*user_pref("CT2542115.myStuffServiceIntervalMM", 1440);*/ Supprimée : /*user_pref("CT2542115.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?[...] Supprimée : /*user_pref("CT2542115.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/R[...] Supprimée : /*user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.[...] Supprimée : /*user_pref("CommunityToolbar.ToolbarsList", "CT2542115");*/ Supprimée : /*user_pref("CommunityToolbar.ToolbarsList2", "CT2542115");*/ Supprimée : /*user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jul 25 2010 00:55:55 GMT+0200");[...] Supprimée : user_pref("browser.search.defaultengine", "Web Search"); Supprimée : user_pref("browser.search.order.1", "Web Search"); Supprimée : /*user_pref("extensions.asktb.cbid", "NV");*/ Supprimée : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&[...] Supprimée : /*user_pref("extensions.asktb.dtid", "YYYYYYYYFR");*/ Supprimée : /*user_pref("extensions.asktb.first-launch-url", "hxxp://127.0.0.1:895/config/?action=connect&lang=f[...] Supprimée : /*user_pref("extensions.asktb.fresh-install", false);*/ Supprimée : /*user_pref("extensions.asktb.l", "dis");*/ Supprimée : /*user_pref("extensions.asktb.last-config-req", "1294607561789");*/ Supprimée : /*user_pref("extensions.asktb.locale", "fr_FR");*/ Supprimée : /*user_pref("extensions.asktb.o", "15666");*/ Supprimée : /*user_pref("extensions.asktb.overlay-reloaded-using-restart", true);*/ Supprimée : /*user_pref("extensions.asktb.qsrc", "2871");*/ Supprimée : /*user_pref("extensions.asktb.r", "2");*/ Supprimée : /*user_pref("extensions.asktb.search-suggestions-enabled", true);*/ Supprimée : user_pref("[email protected]", false); ************************* AdwCleaner[R1].txt - [29112 octets] - [14/06/2012 22:22:40] AdwCleaner[s1].txt - [25981 octets] - [14/06/2012 22:22:48] ########## EOF - C:\AdwCleaner[s1].txt - [26110 octets] ########## Tout m'a l'air nickel, je l'ai redémarré plusieurs fois
- le 14 juin 2012
- 20 réponses
[Résolu] Virus GEMA

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

J'ai redémarré le PC, j'ai accès au bureau nickel, j'ai suivi le tuto pour kapersky sauf que je n'arrive pas à le lancer en usb Jai téléchargé Kaspersky Rescue2Usb tout m'a l'air bon, sais tu le lancer?
- le 14 juin 2012
- 20 réponses
[Résolu] Virus GEMA

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

Je crois que c'est bon il faut suivre ce tuto? Malekal's forum • Kaspersky Live CD et Windows Unlocker : Tutorial Antivirus
- le 14 juin 2012
- 20 réponses
[Résolu] Virus GEMA

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

Désolé mais j'arrive pas à trouver le lien de téléchargement de kapersky
- le 14 juin 2012
- 20 réponses
[Résolu] Virus GEMA

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

rapport de roguekiller: RogueKiller V7.5.4 [07/06/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/54) Blog: tigzy-RK Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Utilisateur: Christophe [Droits d'admin] Mode: Suppression -- Date: 14/06/2012 18:55:29 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 443 ¤¤¤ [Rans.Gendarm] HKCU\[...]\Run : (C:\Users\Christophe\AppData\Local\Temp\k8h0pp.exe) -> DELETED [sUSP PATH] HKLM\[...]\Wow6432Node\Run : VquqNcaFoRB.exe (C:\ProgramData\VquqNcaFoRB.exe) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKCU\[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [sUSP PATH] HKUS\S-1-5-21-558746396-2105712398-235109265-1000[...]\Winlogon : Shell (C:\Users\Christophe\AppData\Local\d92096e5\X) -> DELETED [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2) [HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1) [WallPP] HKCU\[...]\Desktop : Wallpaper () -> REPLACED (C:\Users\Christophe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg) [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [NON CHARGE] ¤¤¤ ¤¤¤ Infection : Rans.Gendarm|Root.MBR|ZeroAccess ¤¤¤ [ZeroAccess] sys32\consrv.dll present! ¤¤¤ Fichier HOSTS: ¤¤¤ ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++ --- User --- [MBR] 114c4428f64c472397fd1babf8450773 [bSP] 0edee093aff9cfd6e440c539ca0f0fb9 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953758 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] 6ac1bdabde7b265f21ca84799170c88f [bSP] 0edee093aff9cfd6e440c539ca0f0fb9 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953758 Mo 2 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 1953521664 | Size: 1 Mo Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt rapport de ZHP: Cliquez ici. Meri beaucoup pour l'aide!
- le 14 juin 2012
- 20 réponses
[Résolu] Virus GEMA

sytchov a posté un sujet dans Analyses et éradication malwares

Bonjour, J'ai chopé un virus qui m'empêche d'avoir accès à mon bureau aprt en mode sans échec. Une page s'ouvre avec la fameuse gendarmerie qui m'en veux... Je suis parti en vacance, parlé via skype avec ma copine et quelques heures après sans pouvoir fermer skype le PC s'est rallumé avec cette page de la police. J'ai essayé avec malwarebytes il me détecte quelque chose, l'efface mais le redétecte à chaque fois. Voici le rapport de Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:38:20, on 14/06/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe C:\Windows\syswow64\cmd.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [sPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [VquqNcaFoRB.exe] C:\ProgramData\VquqNcaFoRB.exe O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [] C:\Users\Christophe\AppData\Local\Temp\k8h0pp.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe -update plugin O4 - HKUS\S-1-5-21-558746396-2105712398-235109265-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-558746396-2105712398-235109265-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe O4 - Global Startup: ButtonManager.lnk = ? O4 - Global Startup: Magic-i.lnk = C:\Program Files (x86)\ArcSoft\Magic-i 3\Magic-i.exe O4 - Global Startup: NewShortcut1.lnk = ? O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i 3\uMgiSvr.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Safety Settings Service (swmidi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 23746 bytes Merci d'avance, cordialement.
- le 14 juin 2012
- 20 réponses
[RESOLU] Virus clavier/souris

sytchov a répondu à un(e) sujet de sytchov dans Analyses et éradication malwares

C'est bon, après toutes les MAJ, il le détecte à nouveau! @++
- le 14 janvier 2011
- 32 réponses

Connexion

sytchov

Compteur de contenus

Inscription

Dernière visite

sytchov's Achievements

Member (4/12)

Réputation sur la communauté

Toshiba Satellite

Toshiba Satellite

[Résolu] Virus GEMA

[Résolu] Virus GEMA

[Résolu] Virus GEMA

[Résolu] Virus GEMA

[Résolu] Virus GEMA

[Résolu] Virus GEMA

[Résolu] Virus GEMA

[Résolu] Virus GEMA

[Résolu] Virus GEMA

[Résolu] Virus GEMA

[Résolu] Virus GEMA

[Résolu] Virus GEMA

[RESOLU] Virus clavier/souris

Zebulon

Outils en ligne

Naviguer