Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Réparez votre ordinateur gratuitement sur notre assistance en ligne.
Avatar du membre
par nat06
#24165
Bonjour,

Je vous contacte car ma clé USB a été infectée par un virus présent sur les PC de mon école.
Je l'ai insérée dans mon PC personnel et Microsoft Security Essentials a détecté la présence du virus : Worm VBS Jenxcus lnk.
Tous les fichiers et dossiers de ma clé ont été transformés en raccourcis.
J'ai alors retiré ma clé, et le lendemain en allumant mon PC, je suis allé dans Microsoft Security Essentials et j'ai supprimé le virus Worm VBS Jenxcus lnk qu'il avait mis en quarantaine.
Je ne sais pas si mon PC est infecté, et je voudrais donc le désinfecter si c'est le cas. Je voudrais également vacciner ma clé.
C'est pour cela que je fais appel à vous. Pourriez-vous m'aider SVP?

Merci d'avance pour votre réponse.
Bonnes fêtes.
Avatar du membre
par kink06
#24166
salut :noel7
  • Télécharge (de El Desaparecido) sur ton Bureau !
  • Fais clic droit dessus, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
  • Branchez toutes vos sources de données externes à votre PC (clé USB, disque dur externe, etc...) sans les ouvrir.
  • Choisis l'option Suppression

    Note : Si UsbFix bloque à 14%, démarrer en mode sans échec. (Voir >> ICI <<)

    Image
  • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse
Avatar du membre
par nat06
#24167
Salut
Merci pour la prise en charge rapide!
Voici le rapport de Usbfix :

############################## | UsbFix V 7.155 | [Suppression]

Utilisateur: Nathan (Administrateur) # NATHAN-PC
Mis à jour le 16/12/2013 par El Desaparecido - Team SosVirus
Lancé à 15:45:41 | 25/12/2013

Site Web :
Forum : https://www.sosvirus.net/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact :

PC: SAMSUNG ELECTRONICS CO., LTD. (R530/R730 )
CPU: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
RAM -> [Total : 3037 | Free : 1781]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot

OS: Microsoft Windows 7 à‰dition Familiale Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16476
WB: Google Chrome : 31.0.1650.63
WB: Mozilla Firefox : 1.9.2.6

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 297 Go (44 Go libre(s) - 15%) [] # NTFS
D:\ -> Disque fixe # 153 Go (3 Mo libre(s) - 0%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 984 Mo (397 Mo libre(s) - 40%) [DAVID] # FAT
G:\ -> Disque amovible # 4 Go (2 Go libre(s) - 62%) [] # FAT32

################## | Processus Stoppés |

Stoppé! C:\windows\system32\nvvsvc.exe (ID: 788 |ParentID: 560)
Stoppé! c:\Program Files\Microsoft Security Client\MsMpEng.exe (ID: 900 |ParentID: 560)
Stoppé! C:\windows\System32\spoolsv.exe (ID: 1436 |ParentID: 560)
Stoppé! C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1588 |ParentID: 560)
Stoppé! C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 1616 |ParentID: 560)
Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (ID: 1700 |ParentID: 560)
Stoppé! C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe (ID: 1916 |ParentID: 560)
Stoppé! C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (ID: 1988 |ParentID: 560)
Stoppé! C:\Program Files\CyberLink\Shared files\RichVideo.exe (ID: 2012 |ParentID: 560)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 320 |ParentID: 560)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 1284 |ParentID: 320)
Stoppé! c:\Program Files\Microsoft Security Client\NisSrv.exe (ID: 2104 |ParentID: 560)
Stoppé! C:\windows\system32\nvvsvc.exe (ID: 3424 |ParentID: 788)
Stoppé! C:\windows\system32\taskhost.exe (ID: 3560 |ParentID: 560)
Stoppé! C:\windows\system32\taskeng.exe (ID: 3604 |ParentID: 1136)
Stoppé! C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (ID: 3928 |ParentID: 3604)
Stoppé! C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (ID: 3940 |ParentID: 3604)
Stoppé! C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (ID: 3980 |ParentID: 3604)
Stoppé! C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (ID: 4060 |ParentID: 3640)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 4076 |ParentID: 3640)
Stoppé! C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (ID: 4092 |ParentID: 3640)
Stoppé! C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (ID: 2232 |ParentID: 3640)
Stoppé! C:\Program Files\AnyPC Client\APLangApp.exe (ID: 2408 |ParentID: 3640)
Stoppé! C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (ID: 2660 |ParentID: 3604)
Stoppé! C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (ID: 244 |ParentID: 3640)
Stoppé! C:\Program Files\Microsoft Security Client\msseces.exe (ID: 2692 |ParentID: 3640)
Stoppé! C:\Program Files\Real\RealPlayer\Update\realsched.exe (ID: 2904 |ParentID: 3640)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 3036 |ParentID: 4076)
Stoppé! C:\Program Files\iTunes\iTunesHelper.exe (ID: 3016 |ParentID: 3640)
Stoppé! C:\Program Files\Windows Sidebar\sidebar.exe (ID: 3080 |ParentID: 3640)
Stoppé! C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (ID: 3180 |ParentID: 3640)
Stoppé! C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (ID: 3240 |ParentID: 3640)
Stoppé! C:\Users\Nathan\AppData\Roaming\Dropbox\bin\Dropbox.exe (ID: 1644 |ParentID: 3640)
Stoppé! C:\Users\Nathan\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (ID: 3736 |ParentID: 3640)
Stoppé! C:\Program Files\iPod\bin\iPodService.exe (ID: 3808 |ParentID: 560)
Stoppé! C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (ID: 3724 |ParentID: 3640)
Stoppé! C:\windows\system32\SearchIndexer.exe (ID: 2148 |ParentID: 560)
Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3060 |ParentID: 560)
Stoppé! C:\windows\system32\DllHost.exe (ID: 4412 |ParentID: 732)
Stoppé! C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (ID: 4568 |ParentID: 560)
Stoppé! C:\Program Files\Mozilla Firefox\firefox.exe (ID: 5432 |ParentID: 3640)
Stoppé! C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (ID: 4920 |ParentID: 5432)
Stoppé! C:\windows\system32\taskhost.exe (ID: 4472 |ParentID: 560)
Stoppé! C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (ID: 3496 |ParentID: 732)
Stoppé! C:\windows\System32\WUDFHost.exe (ID: 5368 |ParentID: 1052)

################## | Regedit Run |

04 - HKLM\SOFTWARE | Run : [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
04 - HKLM\SOFTWARE | Run : [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\SOFTWARE | Run : [UpdateLBPShortCut] - "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
04 - HKLM\SOFTWARE | Run : [CLMLServer] - "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
04 - HKLM\SOFTWARE | Run : [UpdateP2GoShortCut] - "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
04 - HKLM\SOFTWARE | Run : [UpdatePDRShortCut] - "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
04 - HKLM\SOFTWARE | Run : [RemoteControl8] - "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
04 - HKLM\SOFTWARE | Run : [PDVD8LanguageShortcut] - "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
04 - HKLM\SOFTWARE | Run : [UpdatePPShortCut] - "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
04 - HKLM\SOFTWARE | Run : [UpdatePSTShortCut] - "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
04 - HKLM\SOFTWARE | Run : [APLangApp] - "C:\Program Files\AnyPC Client\APLangApp.exe"
04 - HKLM\SOFTWARE | Run : [UCam_Menu] - "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
04 - HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\SOFTWARE | Run : [NvCplDaemon] - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
04 - HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Java\jre6\bin\jusched.exe"
04 - HKLM\SOFTWARE | Run : [MSC] - "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
04 - HKLM\SOFTWARE | Run : [TkBellExe] - "c:\program files\real\realplayer\Update\realsched.exe" -osboot
04 - HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files\iTunes\iTunesHelper.exe"
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-1072828290-3828818215-1948454868-1000\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Recherche générique |

Supprimé! G:\MSR.lnk
Supprimé! G:\L3.lnk
Supprimé! G:\CESAM.lnk
Supprimé! G:\.lnk
Supprimé! G:\PPTsoutenanceV9.lnk
Supprimé! G:\Rapport_Final.lnk
Supprimé! G:\Lettre de motivation DITCHI Nathan ISUP.lnk
Supprimé! G:\ISUP.lnk
Supprimé! G:\CV DITCHI Nathan ISUP.lnk
Supprimé! G:\CV Nathan DITCHI.lnk
Supprimé! G:\Lettre de motivation Nathan DITCHI.lnk
Supprimé! G:\CV - NATHAN DITCHI - ISUP.lnk
Supprimé! G:\DUT STID.lnk
Supprimé! G:\Modeles mixtes.lnk
Supprimé! G:\Formation NI.lnk
Supprimé! G:\.Trashes.lnk
Supprimé! G:\.Spotlight-V100.lnk
Supprimé! G:\.fseventsd.lnk
Supprimé! G:\TP estimation fonctionnelle.lnk
Supprimé! G:\Economie de la santé.lnk

################## | Registre |


################## | Listing |

[25/12/2013 - 15:47:46 | A | 9 Ko] - C:\UsbFix [Clean 2] NATHAN-PC.txt
[10/06/2009 - 22:42:20 | N | 0 Ko] - C:\config.sys
[25/12/2013 - 13:49:34 | ASH | 2332116 Ko] - C:\hiberfil.sys
[25/12/2013 - 13:50:47 | ASH | 3109492 Ko] - C:\pagefile.sys
[25/12/2013 - 13:49:34 | D] - C:\Config.Msi
[21/02/2010 - 10:52:02 | N | 2 Ko] - C:\RHDSetup.log
[21/02/2010 - 10:52:02 | N | 0 Ko] - C:\setup.log
[20/02/2010 - 19:52:03 | SHD] - C:\$Recycle.Bin
[10/06/2009 - 22:42:20 | A | 0 Ko] - C:\autoexec.bat
[14/07/2009 - 03:37:05 | D] - C:\PerfLogs
[14/07/2009 - 05:53:55 | SHD] - C:\Documents and Settings
[05/12/2009 - 00:50:37 | D] - C:\Intel
[20/02/2010 - 19:32:45 | SHD] - C:\Recovery
[20/02/2010 - 19:33:58 | D] - C:\Users
[20/02/2010 - 19:40:56 | RHD] - C:\MSOCache
[10/03/2013 - 22:31:00 | D] - C:\SAS Software Depot
[18/11/2013 - 18:54:29 | HD] - C:\ProgramData
[16/12/2013 - 15:56:19 | D] - C:\Program Files
[25/12/2013 - 13:38:43 | SHD] - C:\System Volume Information
[25/12/2013 - 13:40:10 | D] - C:\Windows
[25/12/2013 - 15:47:31 | D] - C:\UsbFix
[20/02/2010 - 20:33:58 | SHD] - D:\$RECYCLE.BIN
[20/02/2010 - 22:09:30 | N | 1 Ko] - D:\MediaID.bin
[20/02/2010 - 22:10:48 | D] - D:\WindowsImageBackup
[27/02/2010 - 13:17:28 | D] - D:\SamsungRecovery
[22/05/2011 - 18:03:05 | D] - D:\NATHAN-PC
[09/10/2011 - 11:50:03 | SHD] - D:\System Volume Information
[06/01/2011 - 16:06:08 | HD] - F:\.Trashes
[06/01/2011 - 16:06:08 | AH | 4 Ko] - F:\._.Trashes
[22/10/2011 - 21:08:20 | N | 4 Ko] - F:\._Grey's anatomy 8x06.srt
[06/11/2011 - 20:29:32 | N | 4 Ko] - F:\._Greys_Anatomy_S08E08_xfrz83ms8dcx5.srt
[06/11/2011 - 20:29:42 | N | 4 Ko] - F:\._Desperate Housewives - 08x06 - Witch's Lament.LOL.srt
[20/11/2011 - 18:07:22 | N | 4 Ko] - F:\._Desperate.Housewives.S08E08.HDTV.XviD-LOL.srt
[06/01/2011 - 16:06:08 | HD] - F:\.Spotlight-V100
[20/11/2011 - 18:04:44 | HD] - F:\.fseventsd
[06/11/2011 - 20:28:16 | N | 4 Ko] - F:\._Desperate Housewives - 08x06 - Witch's Lament.LOL.flv
[18/11/2011 - 14:42:30 | N | 60 Ko] - F:\COMMISSIONS ET INSTANCES DE L'EPLE.docx
[20/11/2011 - 14:06:02 | N | 29 Ko] - F:\Rapport d'activité Concours Per Dir 2012.docx
[20/11/2011 - 15:04:36 | N | 21 Ko] - F:\Lettre de Motivation Concours PERDIR 2012.docx
[20/11/2011 - 15:06:06 | N | 76 Ko] - F:\CV Concours Per Dir 2012.docx
[09/10/2011 - 11:17:34 | N | 30 Ko] - F:\fin de l historique de carriere.doc
[09/10/2011 - 12:08:06 | N | 34 Ko] - F:\lettremotivdelph.doc
[09/10/2011 - 12:08:12 | N | 29 Ko] - F:\fin de la lettre de motivation.doc
[20/11/2011 - 15:00:14 | D] - F:\save
[25/11/2011 - 10:08:42 | D] - F:\Pascale DITCHI
[09/04/2013 - 12:55:30 | SHD] - G:\.Trashes
[09/04/2013 - 12:55:30 | SH | 4 Ko] - G:\._.Trashes
[09/04/2013 - 12:55:30 | SHD] - G:\.Spotlight-V100
[25/06/2013 - 15:07:02 | N | 655 Ko] - G:\PPTsoutenanceV9.pptx
[19/12/2013 - 04:29:04 | N | 81 Ko] - G:\Levonorgestrel Intrauterine System versus Medical Therapy for Menorrhagia.pptx
[09/04/2013 - 13:10:14 | N | 4 Ko] - G:\._Health effects of coffee.pdf
[23/06/2013 - 18:13:30 | N | 175 Ko] - G:\CV Nathan DITCHI.pdf
[29/10/2013 - 19:48:44 | N | 708 Ko] - G:\nejmoa1204724.pdf
[09/04/2013 - 12:55:30 | SHD] - G:\.fseventsd
[17/10/2012 - 13:10:12 | N | 15 Ko] - G:\Lettre de motivation DITCHI Nathan ISUP.docx
[17/10/2012 - 14:00:40 | N | 23 Ko] - G:\CV DITCHI Nathan ISUP.docx
[23/06/2013 - 18:12:42 | N | 25 Ko] - G:\CV - NATHAN DITCHI - ISUP.docx
[23/06/2013 - 19:06:24 | N | 15 Ko] - G:\Lettre de motivation Nathan DITCHI.docx
[28/06/2013 - 11:03:46 | N | 279 Ko] - G:\Rapport_Final.docx
[28/03/2012 - 15:03:38 | D] - G:\ISUP
[29/04/2012 - 17:05:52 | D] - G:\L3
[29/04/2012 - 17:07:00 | D] - G:\DUT STID
[07/02/2013 - 18:04:22 | D] - G:\CESAM
[15/10/2013 - 17:46:38 | D] - G:\TP estimation fonctionnelle
[29/10/2013 - 14:11:04 | D] - G:\Modeles mixtes
[15/11/2013 - 15:04:12 | D] - G:\MSR
[26/11/2013 - 19:59:40 | D] - G:\Economie de la santé
[11/12/2013 - 16:09:32 | D] - G:\Formation NI

################## | Vaccin |

D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | - https://www.sosvirus.net |
Avatar du membre
par kink06
#24168
ok ça donne quai pour les clé usb ?

on va contrôle le pc fais ceci =>
  • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
  • Installe le logiciel.
  • Lance ZHPDiag, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
  • Clique sur Configurer
  • Clique sur l'icône représentant une loupe avec un + ( Lancer le diagnostic »)

    Note : Ne pas fermer le programme même si il est indiqué qu'il ne répond plus.

    Image
  • Une fois le scan terminé rends toi sur le bureau, le fichier à été créé.
  • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
Avatar du membre
par Invité
#24175
Il n'y a plus de fichiers en raccourci sur les clés USB.
Y a-t-il une manip à faire pour être sà»r que les clés sont vaccinées?

C'était long parce que ZHPdiag ramait...
Par contre, le bouton parcourir pour uploader le rapport ne marche pas...
Je te poste donc le rapport ci-dessous :

~ Rapport de ZHPDiag v2013.12.14.22 - Nicolas Coolman (14/12/2013)
~ Lancé par Nathan (25/12/2013 16:42:00)
~ Adresse du Site Web
~ Forums gratuits d'Assistance à la désinfection :
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox v3.6.6 (fr)
GCIE: Google Chrome v31.0.1650.63 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 2BT4J
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
McAfee Security Scan Plus v3.8.130.10
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3036 MB (66% free)
System Restore: Activé (Enable)
System drive C: has 45 GB (15%) free of 297 GB

---\\ Mode de connexion au système
~ Computer Name: NATHAN-PC
~ User Name: Nathan
~ All Users Names: Nathan, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Nathan\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Nathan\AppData\Roaming\
~ %Desktop% : C:\Users\Nathan\Desktop\
~ %Favorites% : C:\Users\Nathan\Favorites\
~ %LocalAppData% : C:\Users\Nathan\AppData\Local\
~ %StartMenu% : C:\Users\Nathan\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 297 Go)
D: Hard drive, Flash drive, Thumb drive (Free 0 Go of 153 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Free 0 Go of 1 Go)
G: Floppy drive, Flash card reader, USB Key (Free 2 Go of 4 Go)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.927FA6456AD6D7630F6854828D2FD16B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 07:33:33.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d&#130;ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 01:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes musiques (My Musics) : 1/2208
~ Mes Videos (My Videos) : 1/8
~ Mes Favoris (My Favorites) : 1/27
~ Mes Documents (My Documents) : 1/21925
~ Mon Bureau (My Desktop) : 1/347
~ Menu demarrer (Programs) : 1/60
~ Hidden Files: Scanned in 00mn 14s



---\\ Processus lancés
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.3896]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\windows\system32\DllHost.exe [7168] [PID.744]
[MD5.8FC4306F0FFAA592BBA29F9273293D22] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296] [PID.3240]
[MD5.5D60EE718D0C708D69DFF4B3336B68BF] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe [1862536] [PID.1696]
[MD5.2330B5A4A3824F042DC96D524893A6B5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8295936] [PID.2640]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 13 Legitimates Filtered in 00mn 17s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\xzd88nwn.default\prefs.js
M2 - MFEP: prefs.js [Nathan - xzd88nwn.default\{DDC359D1-844A-42a7-9AA1-88A850A938A8}] [] v (..)
~ Firefox Browser: 56 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee.) -- C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Norton Security Scan.lnk . (.Symantec Corporation - Norton Security Scan.) -- C:\Program Files\Norton Security Scan\Engine\3.5.3.1\Nss.exe
O4 - GS\Desktop [Public]: R i386 2.15.0.lnk . (...) -- C:\Program Files\R\R-2.15.0\bin\i386\Rgui.exe
O4 - GS\Desktop [Public]: SAS Enterprise Guide 4.3.lnk . (.SAS Institute Inc. - SAS Enterprise Guide 4.3.) -- C:\Program Files\SAS\EnterpriseGuide\4.3\SEGuide.exe
O4 - GS\QuickLaunch [Nathan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Nathan]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Nathan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Nathan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Nathan]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Nathan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Nathan]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Nathan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Global Startup: 70 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O4 - GS\Startup [Nathan]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Nathan\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - GS\Startup [Nathan]: Notification de cadeaux MSN.lnk . (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Users\Nathan\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - GS\Startup [Nathan]: OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePDRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [UpdatePPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [APLangApp] . (.DoctorSoft - AnyPC Language Application.) -- C:\Program Files\AnyPC Client\APLangApp.exe
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (.not file.) =>.Oracle Corporation
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1072828290-3828818215-1948454868-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1072828290-3828818215-1948454868-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) -
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} ((no name)) -
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F10D586-98AF-418C-835D-A02DADD1B341}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F10D586-98AF-418C-835D-A02DADD1B341}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{1F10D586-98AF-418C-835D-A02DADD1B341}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Plenadis 2 - (.Plenadis 2.) [HKCU] -- Plenadis 2
O42 - Logiciel: SAS Versioned Jar Repository 9.2 - (...) [HKLM] -- febb569a337f725f5f8607711f665d3b
~ Logic: 21 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\ASK]
~ Key Software: 223 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/03/2013 - 23:41:50 - [-1966,052] ----D C:\Program Files\SASHome
O43 - CFD: 20/03/2010 - 18:28:02 - [0,001] ----D C:\ProgramData\Partner
~ 238 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 409 Legitimates Filtered in 01mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0A5AD13AF9F5BA4E0E1DC5F4BE34B3C1] - 25/12/2013 - 15:47:47 ---A- . (...) -- C:\UsbFix [Clean 2] NATHAN-PC.txt [13979]
~ Files: 53 Legitimates Filtered in 00mn 10s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.6E421CCC57059B0186C6259CA3B6DFC9] - 13/12/2012 - 13:50:38 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [45056]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in 00mn 03s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 25/12/2013 - 16:44:19 ---A- . (...) -- C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [4]
O61 - LFC: 25/12/2013 - 16:44:42 ---A- . (...) -- C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Local State [60545]
O61 - LFC: 25/12/2013 - 16:46:07 ---A- . (...) -- C:\Users\Nathan\AppData\Roaming\ZHP\Log.txt [19699] =>.Nicolas Coolman
O61 - LFC: 25/12/2013 - 16:46:07 ---A- . (...) -- C:\Users\Nathan\AppData\Roaming\ZHP\TestsZHPDiag.txt [2837] =>.Nicolas Coolman
~ 2 Fichiers temporaires (Temporary files)
~ Files: 66 Legitimates Filtered in 10mn 41s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - - https://www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) -
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) -
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) -
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) -
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][17/08/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.6403311401E9739B34218C919D22C59C] [SPRF][27/10/2013] (.Dropbox, Inc. - Dropbox 2.4.4 Installer.) -- C:\Users\Nathan\Desktop\Dropbox 2.4.4.exe [35336112]
[MD5.9AF443EF47830A431655AA63C197DA46] [SPRF][24/02/2013] (.SAS - SAS Download Manager Setup.) -- C:\Users\Nathan\Desktop\esdclient__93500__win__xx__web__1.exe [33402968]
[MD5.2037085825B999FE8A7AFC92A004F78D] [SPRF][12/11/2009] (...) -- C:\Windows\Downloaded Program Files\JuniperExt.exe [398632]
~ Files: 11 Legitimates Filtered in 00mn 13s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 16/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 20/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 20/02/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 21/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 02/11/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 06/09/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
SS - | Auto 10/02/2010 219752 | (nvsvc) . (.NVIDIA Corporation.) - C:\windows\system32\nvvsvc.exe
SS - | Auto 13/08/2009 44312 | (OberonGameConsoleService) . (...) - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
SS - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SS - | Auto 07/07/2009 247152 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SS - | Demand 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 23/10/2013 22208 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 17s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer,
Run by Nathan at 25/12/2013 16:57:15

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
C:\windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 nt!IofCallDriver[0x83442FC6] >> \Device\Harddisk0\DR0[0x871AC218]
kernel: MBR read successfully
user & kernel MBR OK

~ MBR: 13 Legitimates Filtered in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13,
Run by Nathan at 25/12/2013 16:57:17

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13013 - (14/12/2013)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 0

[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
C:\ProgramData\Partner =>Spyware.Partner
~ Additionnel Scan: 438486 Items scanned in 00mn 25s



---\\ Récapitulatif des détections trouvées sur votre station
~ =>PUP.BProtector
~ =>Spyware.Partner
~ MSI: 2 link(s) detected in 00mn 25s



~ 1427 Legitimates filtered by white list
End of the scan (456 lines in 15mn 43s)(0)

Merci d'avance!
Avatar du membre
par kink06
#24178
Y a-t-il une manip à faire pour être sà»r que les clés sont vaccinées?
ce fais déjà la vaccination ! regarde en bas du rapport de suppression de usbfix;)
Code : Tout sélectionner
################## | Vaccin |
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
puis fais ceci =>

Tu as des adwares fais ce qui suit, dans l'ordre =>

1)
  • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
  • Fais clic droit dessus, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista,sinon double-clique pour XP
    1. Choisis l'option Scanner
    2. Choisis l'option Nettoyer
  • Accepte l'avertissement en cliquant sur OK

    Image
  • Accepte les avertissements/informations en cliquant sur OK
  • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC
2)
  • Télécharge Junkware Removal Tool (de thisisu) sur ton bureau.
  • Lance Junkware Removal Tool, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
  • Appuie sur n'importe quelle touche.

    Image
  • Une fois le scan terminé rends toi sur le bureau, le fichier JRT.txt à été créé.
  • Héberge le rapport JRT.txt surSosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
Avatar du membre
par nat06
#24183
Pour la clé USB, tu m'avais demandé ce que ça donnait, c'est pour ça que je t'ai demandé ce qu'il fallait que je fasse pour te répondre (à part regarder si les fichiers n'étaient plus en raccourcis).
Merci encore pour ton suivi!
Voici le rapport AdwCleaner :

# AdwCleaner v3.016 - Rapport créé le 25/12/2013 à 17:31:57
# Mis à jour le 23/12/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)
# Nom d'utilisateur : Nathan - NATHAN-PC
# Exécuté depuis : C:\Users\Nathan\Desktop\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\Partner
Fichier Supprimé : C:\Program Files\Mozilla Firefox\.autoreg

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v3.6.6 (fr)

[ Fichier : C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\xzd88nwn.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ Fichier : C:\Users\Nathan\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1635 octets] - [25/12/2013 17:29:32]
AdwCleaner[S0].txt - [1567 octets] - [25/12/2013 17:31:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1627 octets] ##########



Et le rapport JRT :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x86
Ran by Nathan on 25/12/2013 at 17:41:05,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{01ACF689-8F56-4CC0-945C-132B0D9250C5}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{0224310B-EFA3-4C5A-A386-90541091E6BE}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{0396C6C7-A2DA-4904-B17B-975BB234310D}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{04BC5DAE-7DDB-47D0-B6BB-1FE133DD706F}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{0520295B-0218-4580-B570-B9539A1F4D5A}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{093F2CA1-62EB-4783-B7B1-3FC79FEE3F28}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{0986FC03-8909-4419-B059-B0F78F49BFBF}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{09B3EB2B-4658-4398-A16A-D4E6BCA0646C}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{0A43BF8B-39C4-4716-AE39-D32536A69C1F}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{0AC6C8CD-6ACA-412B-BBD6-5B237674C5FC}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{10DADA48-0DD3-4B2F-9866-72A0AB85469D}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{113BDDDB-2B04-4878-9566-7283687EC5DF}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{13729C38-40D8-4462-A2CC-96088737BAB1}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{14911C7D-C6EC-40D2-8914-A83D90BF7661}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{14BABE49-EC25-4CB4-8AB0-3B60FCB5D883}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{14C1AC9D-867D-4BC1-B6CA-6A1C1EB14F86}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{159323BE-B637-4FCB-AB84-3A9F95556CD3}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{159B8049-8420-47F1-BCAB-4A54174C82E0}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{15CDC1AB-9EF2-494A-BE33-354E40418F01}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{1732B7C6-8F09-4E00-B3D4-8A5D045BD470}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{17D9E30F-39D1-4857-A099-14191C33F47F}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{18464046-6AD6-4042-97A7-1476251166B7}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{18CEEB43-25B4-453C-A330-4A83FA5BABB2}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{191E0FBE-BD04-41B8-A465-4E4CD664C87C}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{193F30E7-9CB3-46CA-89B0-7BDFD0A27AE3}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{1B043F00-62BF-4390-93C4-BD5B0C94AC00}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{1B51C06D-FD98-4FE7-882E-86FE5735094A}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{1E186789-9221-4A4F-A19B-F0364B0419D6}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{1E674300-71B8-48E7-B82F-D5E5E22A7486}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{1EFB701C-592F-47A9-8FFC-A8070FCF93FF}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{2009F667-49F7-4E53-89C0-F20650EF883C}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{2019FD8D-4BDC-4A7E-8C6A-ABE8992B7E53}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{21E835FA-00C9-4AB4-B92D-2DD77C7A3AE4}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{22EAA896-EE01-4C57-A5DF-DD926F08FF28}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{24643B74-646D-48DD-83C0-60B16C34A6F9}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{248DE5A0-00CD-4FAF-A1BB-4BFC1D1D61E6}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{257F44C0-3AB7-473A-B639-FC57DD17D155}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{260F7ED5-2C39-4222-99E6-48FCEBFE1E34}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{275B15E6-944A-4D31-81C0-3333557E7242}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{2ADACD9E-A6FB-4F5B-B45A-A3072D9DF4D6}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{2B070A59-11D4-4EF3-94EB-206019D1A590}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{2B1437D5-AF85-442A-976B-0EDF099C303D}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{2B862F50-C366-48E3-99BF-C5260C1E1BC5}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{2C3D9796-6188-43C0-A060-0AC3DC36833D}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{2C80696A-90D0-4DDA-A8D5-1E810BDA73D6}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{2DE025B4-35C8-4B80-8459-3124F1BB5A07}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{2EEA4FAB-08E2-4A2A-92E3-B62C27B09592}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{31F14438-3DC8-4077-BB76-A4D4C3484A12}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{321C61B0-5508-4EBF-A30F-69EDAF3AAB2C}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{32A34FC4-C5CF-42A6-A6F1-474EFDB6444D}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{32DD0168-2146-4AA1-89D4-AEE2D76CDF15}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{337256DC-1966-4C96-AAAF-77ED81E7C50E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{35A3A59F-1393-4084-83A0-58B61D123812}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{35D76A15-1464-4BA0-AD8A-8835FA05ABD8}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{362474B8-1563-4A08-B430-8C3FD4124B50}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{372C3230-BCA2-462E-864A-F5B3D6A701CD}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{3746F2E8-8BE6-4017-B96C-024BD07388A9}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{3A7D4A9F-3AC6-4573-A9A9-F507256E263E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{3C9EE8CA-9ED6-40E7-8053-1F17818FB2BE}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{3D3B868D-8135-4BFD-9489-BA0DBDB69DE6}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{3DC6B4DE-C141-4434-AC9F-884981B75F66}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{3E79A411-B0BF-4AAB-BE96-D75A28B4AF9D}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{3E915E01-D881-49DE-8E39-5CA00DA9061F}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{3F0B13D3-E519-4C97-A5AC-F8A3FEC3F7CB}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{3F3C5F6F-C824-4EFA-9531-C7DC54082BD0}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{3F970322-4292-43B0-B4EE-0DE94921905E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{415230B4-8C27-47D4-9E5F-3B4F8FFD15DA}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{41BDE7AC-BA4D-4149-86BC-46E5B992ACB1}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{42B578D6-ACF5-4DF9-9B1E-2FFEEC550A4C}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{42F4ECDD-6245-448F-9B10-0A5F59C5B9B3}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{42FD7436-E6E9-42BA-92E8-E862AF756C27}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{4310FB30-A2EA-40AF-AC57-8701615419C7}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{444B52A7-30F5-42BD-ABB5-F838497FA870}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{4694AE0B-6DB2-45E1-8FC6-529D4C75ECE4}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{46D712AD-C1F8-43F5-ADE0-0BB073DEA86E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{46F49EF1-D6FC-45B2-A2EF-151502D79FE9}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{47C96759-2AC3-4AA0-AA55-291E3F43B4F9}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{47CE7BC6-B55B-48F6-B545-4E9C6D491155}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{48B2C71E-79EB-4DA9-86C4-16F3996E1AEB}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{48D1A300-FC0B-4F65-9F9B-1C027B63AA3D}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{490CEC0F-BDB4-4D62-98C8-C93E58524108}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{495B6179-5CAF-4EF2-977F-F09B7DAADDD7}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{49717363-1D65-43D9-B192-7118177E1480}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{4BED33B3-388E-4F53-A50A-2A33C3EE8116}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{4C51A536-5B4C-405B-BD7A-DC8D509C6AFF}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{4CABECD4-CE4B-4723-9A61-18E9ACBF2F1B}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{4DE16539-9436-488B-A81E-723FD38F0A1D}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{502DC513-3839-4441-B32C-86675E417278}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{524535A7-D970-48A7-8D21-26E71F82BD1E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{56A963AC-4D29-49F2-A47F-68E610BAE3BA}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{56C73EA3-DD9F-42DB-8951-F1C7162ADDC7}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{5718905E-186D-4DB8-B131-7968AB1B0D56}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{582A5255-F28C-4C91-9F83-0FEE3BFF87C1}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{58CCC8B9-7E9D-4849-ADD2-C1031EAB639F}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{59193CD5-E82D-40D8-A269-C559CFFE00AB}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{5957A140-DEAC-403A-A4BA-D775D33F2A81}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{59C7D78C-E214-4FA7-8E08-F5095B1B10A9}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{59EAB535-457A-4E03-BE95-221C66850778}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{5ABB1FEF-6E0E-4E82-9836-21897638160C}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{5B926F50-DD72-4EEE-B065-B2C9D8C3DE24}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{5F5BB0B2-F99A-41BB-9D02-2DBB7D3481E6}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{5FE855A8-BEE9-4667-AD3F-E8C247290C50}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{60C5BCDC-2F05-4CA3-AEF5-95C0089216F2}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{61F41E8D-D4D0-4263-A110-FB11C3B78E12}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{640D6F72-4053-4F62-9080-C58C5E617D82}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{666DAFED-41C7-457F-A455-ECEC30B06432}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{66E9D91C-8FA6-4821-B1FF-7B24B58227E8}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{674C328B-B057-45BA-BD09-B1CB08D77CA3}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{679406DC-C9C0-43C9-A4F9-04621FD73035}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{686DE9EA-5431-4E5B-A3A9-CD96C394AD22}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{687ECFA6-175A-4923-8760-50144457B328}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{68F2306C-7CEC-42D1-8EF9-10C3FC994AB6}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{694E2D34-F5B3-4EF8-818E-D806B6A125B3}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{6A6C119B-D1F9-488C-AFDA-9C8913603E9B}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{6AE0369F-68D0-4BC7-8907-911A322F4C8D}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{6CF68EF2-6286-42C6-9A88-BE5ABF86112B}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{6E10CA7A-50D1-4346-BE2C-B868C7E8F92C}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{6FE6BF87-34E2-48F3-894A-B660DBBBFBA1}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{71326918-FFE4-4EED-8F35-8A1BCA6AD372}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{72867B2B-72F4-4919-BD15-522C6DD0B167}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{72F4F497-EEC6-4163-B802-03899680798B}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{739CD769-707A-45FA-B376-B3B996E211F2}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{73F5BE3F-D219-47F8-A5EC-1C68E9963F16}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{77A7528B-C097-46D5-BEB2-1AEA9AB4DF16}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{7AA9FA10-72CF-45EF-B2A7-F27F0B0C169E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{7AD540F7-B4D9-46CB-9025-6E0BF49B773C}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{7B7B9BFB-8CC3-4123-AAEE-6F1C1D47F33E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{7C363690-94ED-4AE1-889D-BE7534982FEB}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{7E9E94C3-873C-456E-827F-66BAE187E7CB}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{7F6E191D-ECB3-4D62-A0F0-9B790CF2747B}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{7FF4F3E6-7DDC-465C-BB3C-CB0E16250FC9}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{801F2E7C-9805-45CF-A028-8F5C0B005047}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{80522A8F-AFA7-406C-8B58-0BA4200E7DDB}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{81103857-E245-454E-BC65-7CF369FF46B2}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{83614899-25CD-4F4B-A5CB-D65CDFEEA488}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{84F73423-77D4-4394-8A34-991540F919E9}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{8858E1BF-E8E6-4704-AA8F-57057F4185E8}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{8CB21B91-AABF-4FFB-BEB4-E6C752E26EEA}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{8CDB0EDF-341D-4496-8567-82BDD31E2C63}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{8D204B6F-3293-4F7E-A8C0-708D3895FCF6}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{8E400199-FBB4-4D2C-97F8-D5CDEE94FA42}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{9107D859-E289-4F64-82E3-DF513B5E87CB}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{92127C2B-9306-4B54-AF7C-F0F0D105D850}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{92E1CCF4-B0C8-469E-9A47-C0D7ADC271F4}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{944948BF-809E-4FFA-AAA8-EB1D76B6C5D8}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{96234AD3-DD6E-4D4A-A8F9-B919261EBAE5}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{964437C2-4577-4A7B-8A8B-BA90F3E4D540}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{96845C33-EAED-4D29-9C1F-265B24498914}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{97AAB68C-F10F-4ECD-ACA4-9904589CDBC2}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{981BA63D-9CBE-46FC-A22A-B05305146623}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{983B286B-2AAD-4AA5-8AD6-B210EFC0B075}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{989C17E1-492A-4F29-8B73-C8F2679E087F}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{993B8E58-359A-4C59-9B2E-62F785EDF491}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{9BF70CC8-159B-4631-B56A-962DE7AB211F}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{9C6CFF92-D359-431C-84C8-7B3B7DEB8089}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{9CBCAEB9-1BF3-4FE8-BBB0-2D52A6158F54}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{9E6F085C-6B80-43A0-A38E-46D7E9427DBC}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{9FB74A93-6E0A-4937-89ED-6D708D8616AF}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{9FC3011E-0A98-4289-8F59-F61D3EAF0A69}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{A1921FCC-781E-4C41-AF62-9F9A1BE0DFE5}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{A243FD87-341B-41F3-9F55-8296F8328332}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{A5CD9410-9AF8-49F1-9C85-0BFFF18B3FD3}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{A745F965-193C-4CE8-80BB-5D9E33755106}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{A8E42F9A-4EE7-4147-863E-EF52FA8BDCFE}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{A9150223-7650-4BF7-9764-D037E02685C4}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{AD3A4484-BD7E-4255-BC18-F2E9C8B3F8B6}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{AD5A3FFA-B986-4C51-8889-BEDCF989185E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{AF4A54BF-45C7-4BB1-9775-596F1C1C1A46}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{AFD84A40-E5E2-44E9-8665-46F2C7E3DC9C}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{AFF1AB2A-C742-4390-A534-050BFA6F1D9B}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B009E6CB-CCC9-4267-B267-50B36019BFDD}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B09DC104-7A33-4041-BA27-A7F501F639E4}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B0D169C4-D5C6-4811-BA6A-6954F46617C4}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B36C9ADE-3262-415D-BD17-D6DFF1A41855}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B3A204EA-F5A8-47F6-BF81-C9972C1F0FFD}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B3A23508-BEA9-4666-A960-E426C5AEB9A1}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B3FD23FA-2374-4586-AC36-055163BF861E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B4492398-3A08-49BC-A220-349DFF09047B}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B6E22323-169A-4506-B198-9CB5C84F9686}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B9188AC3-0CD1-46E5-858A-398F7DC57869}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B9445981-078B-404F-BF68-24A2AE23278B}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{B9CC998D-C899-4158-B11C-6C4DE650673D}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{BA337DE3-EB28-4AD0-8675-CC64147BAC7F}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{BAC195DF-377A-403C-A760-64071CAB2C1E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{BB0088D2-CB35-4916-989B-9B018B2E3CC8}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{BC24AFF9-77B6-4BBC-A791-99045E012B08}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{BF366E78-9CEF-47CB-91C0-0169E033E4E7}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{C2FB7DC4-A5E1-4751-8E89-A69FF78870A7}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{C3DD9933-C555-4E46-BCDE-2D640C658AE9}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{C89E5B68-BE15-4600-BD6A-8500DDDA71B1}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{C8D7C909-2BDA-4C74-8728-F957B2554FE5}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{C90C6BA9-FEA0-4EBF-9F8F-C36ADA53E3DF}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{C9FF572B-928B-40B2-9F51-709D3A34434A}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{CB6D49D0-2B0B-4C13-906C-C30FC66BDF36}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{CC506956-39DE-408D-92E1-89451C0A5339}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{CC9B28A4-1B5C-4EF6-B33A-4EFEEA24E538}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{CDD056EB-FCEB-4035-8649-B4D56A20746C}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{CF261FF4-2559-4801-B66B-FC47B552B0A9}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{CFAD5D44-F875-4F6A-9958-CED8409C6F88}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{D20D0694-859F-47AB-A9E9-034C345D6520}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{D2FC211C-F5BB-41B2-BDF3-F9915F083CD5}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{D3E657E3-8EF7-4FE0-A066-5D27DF47D0EE}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{D3F21E66-D9FD-4F78-84A2-F6D8A2AA8888}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{D49B0072-53FC-4C97-98B1-C5DDA1D16329}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{D600FE8E-9C99-484A-B19F-C759B5FC3B27}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{D7E97E79-392D-45EA-8EB9-AF3BC3B33F69}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{D8003E6F-0E8D-4FDB-B6F2-6B750DF96599}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{DC0DF56C-390E-4103-B23E-AE4EE0B3B20E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{DC6A0934-E9CC-4B64-A6B2-8AF17E55C567}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{DDC89289-1693-4AC2-AE36-2CA38370EC60}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{DEF20BFE-5243-4121-A512-730637AC5FB2}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{DF047A54-478B-41EF-9BBD-032E45A5D0CA}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{DF3A0EFC-235E-4745-92D6-55293E980980}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{DF455863-A116-4271-B692-166DAFABC0EF}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{E04156EB-E5D9-4B24-B32F-BC7793270FA4}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{E23747E9-AA4D-447B-88B7-6F726BF68B11}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{E2470A73-6561-447C-B041-FCB8B79B6C25}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{E414AADF-D718-4C58-9B77-43DD02ECBDAE}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{E4613013-3DA5-46ED-9C74-72165C152174}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{E477C372-8801-4001-99AB-7118B915E03A}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{E6B5A6DE-E5E0-4349-9474-5C6FBAA77D26}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{E722A975-9C00-4270-9974-BF9CDEFD4F9A}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{E7C9C83D-CC87-4DBE-9694-A0FED9875B36}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{E7FD958E-1A69-405B-A866-9D4186A39AF9}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{EB939664-045F-493A-9442-314508E3D2CC}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{EBCE3874-D30D-4106-8A29-25D7CE587F7A}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{EC4107ED-8B3A-4F1B-94F5-BA6551ACAE8B}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{EC902845-B023-4B6E-8BDF-B3E2A1A8B3FD}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{EE4EFC6E-498F-40A8-8A88-5F0841815CFC}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{EE6840B9-C9C7-49F1-955B-735211379E61}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{EE86C3C9-770F-4DF6-9A8F-5BE20B4E5AF1}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{EFFFE377-6D86-4F8C-A3FE-2547FBB3719B}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{F0169152-24A4-46AB-AE38-283FF032A759}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{F17FAB5C-F0E4-450A-AE4D-5020039CB4DF}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{F208EBD7-29DE-4183-8C8C-A561948E10F6}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{F2D95750-CFC1-470D-AEE2-4EBA1D0AC824}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{F427694A-8366-4287-9718-598B8BA2430F}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{F53834BF-28CC-4BEC-9A39-AD4C62B57EED}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{F64181E5-1CCA-4D95-A25A-15A43A509F0F}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{F714CC6B-38AD-41F6-8075-5CC93E0BA6B5}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{F772E9AD-1BBE-44F5-81A0-08B0C13D4EBE}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{F83EED39-8C49-49B9-AC75-59252BCD099F}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{F8A17BDE-1DE3-4FEF-8554-2F799EC6D9FC}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{FB61A1D0-3050-42CB-906A-BBDCB18B5485}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{FC8F1C8A-653D-433E-ACAA-65DF059AE995}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{FEA40427-1A7D-46DF-8C5D-44CC9BBD4528}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{FEF977B6-05D2-4060-B426-E9F603200420}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{FF27EF33-03D1-4B80-B8EE-2D786B97E51E}
Successfully deleted: [Empty Folder] C:\Users\Nathan\appdata\local\{FFA66E9A-E519-4D37-8FC3-138716757186}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/12/2013 at 17:43:30,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Avatar du membre
par kink06
#24185
ok super :super:

donc pour tes clé ce bon alors :interro:

Ensuite Fais ceci ==>
  • Télécharge MalwareBytes
  • Procède à l'installation de celui çi Décocher "Activer l'essai gratuit de Malwarebytes Anti-Malware PRO"
  • Sélectionne Examen complet
  • Clic sur Rechercher
  • Supprime tout les éléments trouvés !
  • Poste le rapport sur le forum

    Image
Avatar du membre
par Invité
#24195
L'examen complet de Malwarebytes est en cours. Cela fait déjà 1h et c'est pas près d'être fini...
Je t'enverrai le rapport quand ce sera fini mais je ne pense pas que ce soit aujourd'hui...

Pour la clé USB, j'ai juste regardé si les fichiers n'étaient plus en raccourcis. De ce point de vue là c'est OK.
Y'a-t-il autre chose à faire pour savoir si c'est bon pour les clés USB?
(tu me demandes si c'est bon pour les clés mais je ne sais pas quoi faire pour te répondre...)
Merci d'avance pour ta réponse.
Bonne soirée.
Avatar du membre
par kink06
#24196
Y'a-t-il autre chose à faire pour savoir si c'est bon pour les clés USB?
non y a plus rien a faire pour le clé usb ce cote là ce bon ;):super:

j'attend le rapport de MBAM pour la suite :bye:

Coucou, :) J'ai fait une capture d'écran,[…]

Suspicion de virus crypto

Ok bonne route :)

Problème avec Adsfix

bonsoir ok , à te lire prochainement :)

suspicion de contamination

ok très bien, merci