Virus transforme fichiers en raccourci et usbfix bloqué

[Formaldehyyde]

Bonjour,


Je vous contacte car j'ai un problème sur mon pc. En effet, j'ai remarqué que sur ma clé usb, tous les fichiers étaient dupliqués en raccourcis et d'autres fichiers aux noms inconnus à ma connaissance ("autorun.inf",..).
Je me suis donc dit que j'avais un virus. Mon copain l'avait sur son ordinateur et clé usb également, il a enclenché usbfix qui a réglé son problème. Par contre, usbfix ne marche pas sur mon ordinateur: même pour la "recherche", le logiciel bloque à 22% ... Nous avons essayé plusieurs versions, même la plus récente, et rien ne marche, même en mode sans échec.

Nous avons donc analysé l'ordinateur avec ces logiciels: RSIT, ZHPDiag, Malware, Adwcleaner.
Voici les rapports:

Code: Tout sélectionner

Logfile of random's system information tool 1.09 (written by random/random)
Run by Audrey at 2013-11-01 14:01:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 217 GB (47%) free of 457 GB
Total RAM: 3578 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:02:10, on 1/11/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe
C:\Windows\Explorer.EXE
C:\Program Files\Genie-Soft\Genie Timeline\WebServer\PHP\php-cgi.exe
C:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
C:\Program Files\Genie-Soft\Genie Timeline\WebServer\nginx\GSTimeLineSearch.exe
C:\Windows\system32\conhost.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\System32\wscript.exe
C:\Users\Audrey\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Audrey\Downloads\RSIT.exe
C:\Program Files\trend micro\Audrey.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.bing.com?pc=HPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPCDD75652-ADA7-4361-9F76-6596D2A22DFF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar_FR Toolbar - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll
O2 - BHO: uTorrentBar_FR - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O3 - Toolbar: uTorrentBar_FR Toolbar - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Genie TimeLine Tray] C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto
O4 - HKLM\..\Run: [LaCie Desktop Manager Launcher] "C:\Program Files\LaCie\Desktop Manager\lacie_launcherd.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [bdruninstaller] "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Audrey\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Audrey\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [LaCie Desktop Manager Startup] "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
O4 - HKCU\..\Run: [iTunesHelper] wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe"
O4 - HKCU\..\Run: [06Qm1DhN] wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\06Qm1DhN.vbs"
O4 - HKCU\..\Run: [TPydqkb8] wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\TPydqkb8.vbs"
O4 - HKCU\..\Run: [MSa2emHR] wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\MSa2emHR.vbs"
O4 - HKCU\..\Run: [qAuPnVQM] wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\qAuPnVQM.vbs"
O4 - HKCU\..\Run: [LU86st0c] wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\LU86st0c.vbs"
O4 - HKCU\..\Run: [G9zxsaPJ] wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\G9zxsaPJ.vbs"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Audrey\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: iTunesHelper.vbe
O4 - Startup: qAuPnVQM.vbs
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Manager - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie-Soft - C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe
O23 - Service: HP Support Assistant Service - Unknown owner - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe (file missing)
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Service de l‚iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LaCieDesktopManagerService - Unknown owner - C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe

--
End of file - 14929 bytes

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1190468337-140412576-3729368624-1002Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1190468337-140412576-3729368624-1002UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1190468337-140412576-3729368624-1002Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1190468337-140412576-3729368624-1002UA.job
C:\Windows\tasks\HPCeeScheduleForAUDREY-HP$.job
C:\Windows\tasks\HPCeeScheduleForAudrey.job
C:\Windows\tasks\Norton Product InstallerIdle.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
uTorrentBar_FR Toolbar - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-01 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-14 3843232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192]
{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - uTorrentBar_FR Toolbar - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll [2011-05-09 176936]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-01 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-10 336384]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-12-17 536668]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-23 2049320]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2011-02-15 20899408]
"HPQuickWebProxy"=C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-03-16 76344]
"HPConnectionManager"=C:\Program Files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-02-15 94264]
""= []
"HP Quick Launch"=C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
"Easybits Recovery"=C:\Program Files\EasyBits For Kids\ezRecover.exe [2011-02-10 61112]
"HPOSD"=C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-06-07 421776]
"Genie TimeLine Tray"=C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe [2011-02-02 1051264]
"LaCie Desktop Manager Launcher"=C:\Program Files\LaCie\Desktop Manager\lacie_launcherd.exe []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-01 3568312]
"bdruninstaller"=C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe [2013-06-19 676568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Audrey\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-23 136176]
"Facebook Update"=C:\Users\Audrey\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-05 138096]
"LaCie Desktop Manager Startup"=C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe [2011-07-29 2456576]
"iTunesHelper"=wscript.exe //B C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe []
"06Qm1DhN"=wscript.exe //B C:\Users\Audrey\AppData\Local\Temp\06Qm1DhN.vbs []
"TPydqkb8"=wscript.exe //B C:\Users\Audrey\AppData\Local\Temp\TPydqkb8.vbs []
"MSa2emHR"=wscript.exe //B C:\Users\Audrey\AppData\Local\Temp\MSa2emHR.vbs []
"qAuPnVQM"=wscript.exe //B C:\Users\Audrey\AppData\Local\Temp\qAuPnVQM.vbs []
"LU86st0c"=wscript.exe //B C:\Users\Audrey\AppData\Local\Temp\LU86st0c.vbs []
"G9zxsaPJ"=wscript.exe //B C:\Users\Audrey\AppData\Local\Temp\G9zxsaPJ.vbs []

C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Audrey\AppData\Roaming\Dropbox\bin\Dropbox.exe
iTunesHelper.vbe
qAuPnVQM.vbs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\system32\EZUPBH~1.DLL [2011-04-22 52920]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-01 14:01:47 ----D---- C:\Program Files\trend micro
2013-11-01 14:01:46 ----D---- C:\rsit
2013-11-01 08:44:22 ----A---- C:\UsbFix [Scan 2] AUDREY-HP.txt
2013-11-01 08:36:36 ----A---- C:\UsbFix [Scan 1] AUDREY-HP.txt
2013-11-01 08:27:07 ----D---- C:\Users\Audrey\AppData\Roaming\AVAST Software
2013-11-01 08:25:26 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-11-01 08:25:25 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-11-01 08:25:24 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-11-01 08:25:23 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-11-01 08:25:21 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-11-01 08:25:20 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-11-01 08:25:16 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-11-01 08:25:14 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-11-01 08:25:05 ----A---- C:\Windows\system32\aswBoot.exe
2013-11-01 08:24:45 ----A---- C:\Windows\avastSS.scr
2013-11-01 08:24:01 ----D---- C:\Program Files\AVAST Software
2013-11-01 08:22:56 ----D---- C:\ProgramData\AVAST Software
2013-11-01 07:10:33 ----HD---- C:\_Exception1
2013-11-01 07:10:24 ----D---- C:\Backup_2013-10-31 221024
2013-10-31 22:03:58 ----D---- C:\Program Files\Common Files\Bitdefender
2013-10-31 21:27:13 ----A---- C:\UsbFix [Clean 2] AUDREY-HP.txt
2013-10-31 21:12:16 ----A---- C:\UsbFix [Clean 1] AUDREY-HP.txt
2013-10-31 21:12:04 ----D---- C:\UsbFix
2013-10-02 20:53:53 ----N---- C:\bootsqm.dat

======List of files/folders modified in the last 1 month======

2013-11-01 14:01:47 ----RD---- C:\Program Files
2013-11-01 13:59:16 ----D---- C:\Windows\System32
2013-11-01 13:59:16 ----D---- C:\Windows\inf
2013-11-01 13:59:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-01 13:54:46 ----D---- C:\Users\Audrey\AppData\Roaming\Dropbox
2013-11-01 12:16:01 ----D---- C:\Windows\Temp
2013-11-01 10:11:10 ----SHD---- C:\System Volume Information
2013-11-01 08:25:26 ----D---- C:\Windows\system32\drivers
2013-11-01 08:25:06 ----D---- C:\Windows\winsxs
2013-11-01 08:25:05 ----D---- C:\Windows
2013-11-01 08:22:56 ----HD---- C:\ProgramData
2013-11-01 08:20:10 ----D---- C:\Windows\system32\config
2013-11-01 08:05:36 ----D---- C:\Users\Audrey\AppData\Roaming\uTorrent
2013-11-01 07:59:46 ----D---- C:\Users\Audrey\AppData\Roaming\dclogs
2013-11-01 07:29:17 ----D---- C:\Windows\Tasks
2013-11-01 07:29:17 ----D---- C:\Windows\system32\wfp
2013-11-01 07:29:17 ----D---- C:\Windows\system32\en-US
2013-11-01 07:29:17 ----D---- C:\Windows\system32\DriverStore
2013-11-01 07:29:17 ----D---- C:\Windows\system32\catroot2
2013-11-01 07:29:17 ----D---- C:\Program Files\Internet Explorer
2013-11-01 07:29:15 ----D---- C:\Windows\system32\wbem
2013-11-01 07:29:15 ----D---- C:\Windows\system32\Tasks
2013-11-01 07:29:14 ----D---- C:\Windows\system32\drivers\UMDF
2013-11-01 07:29:14 ----D---- C:\Windows\system32\drivers\NIS
2013-11-01 07:29:14 ----D---- C:\Windows\system32\CodeIntegrity
2013-11-01 07:29:09 ----SHD---- C:\Windows\Installer
2013-11-01 07:29:04 ----D---- C:\Users\Audrey\AppData\Roaming\PhotoFiltre 7
2013-11-01 07:29:00 ----D---- C:\ProgramData\Norton
2013-11-01 07:29:00 ----D---- C:\ProgramData\FLEXnet
2013-11-01 07:28:57 ----D---- C:\Program Files\Symantec
2013-11-01 07:28:56 ----D---- C:\Program Files\Norton Internet Security
2013-11-01 07:28:54 ----D---- C:\Program Files\Microsoft Silverlight
2013-11-01 07:28:51 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-11-01 07:28:51 ----D---- C:\Program Files\Common Files\microsoft shared
2013-11-01 07:28:24 ----D---- C:\Windows\registration
2013-11-01 07:28:07 ----D---- C:\Windows\system32\catroot
2013-11-01 07:27:58 ----D---- C:\Windows\Microsoft.NET
2013-11-01 07:27:33 ----RSD---- C:\Windows\assembly
2013-11-01 07:26:36 ----D---- C:\Program Files\NortonInstaller
2013-11-01 07:26:07 ----D---- C:\Program Files\Common Files
2013-10-31 22:05:05 ----D---- C:\ProgramData\NortonInstaller
2013-10-13 22:37:00 ----D---- C:\Users\Audrey\AppData\Roaming\vlc
2013-10-12 15:20:35 ----D---- C:\Windows\system32\MRT
2013-10-12 15:09:44 ----A---- C:\Windows\system32\MRT.exe
2013-10-12 15:09:17 ----D---- C:\ProgramData\Microsoft Help
2013-10-03 07:23:11 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-05 64128]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-05 32384]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-01 178304]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-27 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NIS\1207020.003\SYMDS.SYS [2011-01-27 340088]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1207020.003\SYMEFA.SYS [2011-03-15 744568]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-11-01 79720]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-01 774392]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-01 57672]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2011-11-11 374392]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20111222.001\IDSvix86.sys [2011-10-21 368248]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1207020.003\SRTSPX.SYS [2011-03-31 50168]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1207020.003\Ironx86.SYS [2011-01-27 136312]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NIS\1207020.003\SYMNETS.SYS [2011-04-21 299640]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-01 35656]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-01 70384]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-27 35896]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-10 6574080]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-10 229888]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-09-24 102416]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 27632]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2011-07-19 1295360]
R3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32); C:\Windows\system32\DRIVERS\OXSDIDRV_x32.sys [2009-09-28 52656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-02 197224]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-09-21 279656]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136]
R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10305; C:\Windows\system32\DRIVERS\stwrt.sys [2010-12-17 435200]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2011-10-24 126584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-23 1321904]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-04-29 30464]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-01 49944]
S1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-01 403440]
S1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20111221.003\BHDrvx86.sys [2011-11-14 819320]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-13 1131008]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btmaudio;Motorola Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys [2010-10-14 33280]
S3 BTMCOM;Bluetooth Serial Port; C:\Windows\System32\Drivers\btmcom.sys [2010-06-30 41344]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\Windows\System32\Drivers\btmusb.sys [2011-02-08 403968]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20111222.032\NAVENG.SYS [2011-12-05 86136]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20111222.032\NAVEX15.SYS [2011-12-05 1576312]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1207020.003\SRTSP.SYS [2011-03-31 516216]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-02-15 43520]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Stuurprogramma voor VIA C7-processor; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-01 50344]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2011-02-15 509520]
R2 GenieTimelineService;Genie Timeline Service; C:\Program Files\Genie-Soft\Genie Timeline\GenieTimelineService.exe [2011-02-02 362624]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2011-02-08 3512400]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2011-02-28 902224]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-25 647680]
R3 hpCMSrv;HP Connection Manager 4.0 Service; C:\Program Files\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
R3 iPod Service;Service de l‚iPod; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 821648]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
S2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-11-10 176128]
S2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-11-10 284160]
S2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 140224]
S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
S2 ezSharedSvc;Easybits Services for Windows; C:\Windows\System32\ezSharedSvcHost.exe [2010-04-23 514232]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe []
S2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 246840]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-27 26168]
S2 HPWMISVC;HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 LaCieDesktopManagerService;LaCieDesktopManagerService; C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe [2011-07-29 822272]
S2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 STacSV;@%SystemRoot%\system32\stlang.dll,-10101; C:\Program Files\IDT\WDM\STacSV.exe [2010-12-17 262226]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-28 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[Formaldehyyde]

Code: Tout sélectionner

info.txt logfile of random's system information tool 1.09 2013-11-01 14:02:19

======Uninstall list======

-->"C:\Program Files\HP Games\Game Explorer Categories - genres\Uninstall.exe"
-->"C:\Program Files\HP Games\Game Explorer Categories - main\Uninstall.exe"
-->"C:\Program Files\HP Games\Web Link - Club Penguin\Uninstall.exe"
-->"C:\Program Files\HP Games\Web Link - Crush the Castle 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Web Link - Dark Orbit\Uninstall.exe"
-->"C:\Program Files\HP Games\Web Link - Free Realms\Uninstall.exe"
-->"C:\Program Files\HP Games\Web Link - Seafight\Uninstall.exe"
-->"C:\Program Files\HP Games\Web Link - Shaiya\Uninstall.exe"
-->"C:\Program Files\HP Games\Web Link - World of Warcraft\Uninstall.exe"
-->"C:\Program Files\Motorola\Bluetooth\unins000.exe"
-->"C:\Program Files\Motorola\Bluetooth\unins000.exe"
-->"C:\Program Files\Motorola\Bluetooth\unins000.exe"
-->"C:\Program Files\Motorola\Bluetooth\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.exe -maintain activex
Adobe Reader X (10.1.8) - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Agatha Christie - Peril at End House-->"C:\Program Files\HP Games\Agatha Christie - Peril at End House\Uninstall.exe"
Apple Application Support-->MsiExec.exe /I{122ADF8C-DDA1-480C-9936-C88F2825B265}
Apple Mobile Device Support-->MsiExec.exe /I{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ATI Catalyst Install Manager-->msiexec /q/x{26DC39B4-88B0-52AE-7FD7-9B50011F2DED} REBOOT=ReallySuppress
Audacity 2.0.3-->"C:\Program Files\Audacity\unins000.exe"
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
Bejeweled 2 Deluxe-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
Big Rig Europe-->"C:\Program Files\HP Games\Big Rig Europe\Uninstall.exe"
Blasterball 3-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}
Bounce Symphony-->"C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe"
Cake Mania-->"C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{52DE3AF0-1C26-4258-9A04-9AEBF3E145F7}
Chuzzle Deluxe-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
Contrôle ActiveX Windows Live Mesh pour connexions à distance-->MsiExec.exe /I{55D003F4-9599-44BF-BA9E-95D060730DD3}
Crazy Chicken Kart 2-->"C:\Program Files\HP Games\Crazy Chicken Kart 2\Uninstall.exe"
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Diner Dash 2 Restaurant Rescue-->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
Energy Star Digital Logo-->MsiExec.exe /I{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
ESU for Microsoft Windows 7-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
Evernote v. 4.2.2-->MsiExec.exe /X{F761359C-9CED-45AE-9A51-9D6605CD55C4}
Facebook Video Calling 1.2.0.287-->MsiExec.exe /X{B92C5909-1D37-4C51-8397-A28BB28E5DC3}
Farm Frenzy-->"C:\Program Files\HP Games\Farm Frenzy\Uninstall.exe"
FATE-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
Fishdom-->"C:\Program Files\HP Games\Fishdom\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}
HP 3D DriveGuard-->MsiExec.exe /X{5601F151-A69F-4E30-8C60-37928124CD07}
HP Auto-->MsiExec.exe /I{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
HP Client Services-->MsiExec.exe /I{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
HP Connection Manager-->MsiExec.exe /X{795AADBF-58C2-42D0-B779-E730702A247E}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP Documentation-->MsiExec.exe /X{4A814238-6D3B-45F8-ACA6-B90AC6ED4EA7}
HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
HP On Screen Display-->MsiExec.exe /I{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}
HP Power Manager-->MsiExec.exe /I{B97E3520-C726-475E-BC0C-7561952633AB}
HP Quick Launch-->MsiExec.exe /I{EB58480C-0721-483C-B354-9D35A147999F}
HP QuickWeb-->MsiExec.exe /X{20976B1F-E910-404D-9261-C16EE7E12DC8}
HP Setup Manager-->MsiExec.exe /I{AE856388-AFAD-4753-81DF-D96B19D0A17C}
HP Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{210A03F5-B2ED-4947-B27E-516F50CBB292}\setup.exe" -l0x9 -removeonly
HP Software Framework-->MsiExec.exe /X{64D467CB-8FF3-44C4-AD50-759D742ACD73}
IDT Audio-->"C:\Program Files\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
iTunes-->MsiExec.exe /I{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}
Java 7 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217017FF}
Jewel Quest Solitaire-->"C:\Program Files\HP Games\Jewel Quest Solitaire\Uninstall.exe"
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
LaCie Desktop Manager 1.4.1.84-->"C:\Program Files\LaCie\Desktop Manager\unins000.exe"
LaCie Genie Timeline 2.1-->C:\Program Files\Genie-Soft\Genie Timeline\uninstall.exe
Last.fm Scrobbler 2.1.30-->"C:\Program Files\Last.fm\UninsHs.exe" /u0=LastFM
Le Sphinx-->C:\SphinxME\Licence\UNWISE.EXE C:\SphinxME\Licence\install.log
Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe
Mah Jong Medley-->"C:\Program Files\HP Games\Mah Jong Medley\Uninstall.exe"
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Click-to-Run 2010-->"C:\PROGRA~1\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Microsoft Office Click-to-Run 2010-->MsiExec.exe /I{90140000-006D-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Starter 2010 - English-->C:\Program Files\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft PowerPoint Viewer-->MsiExec.exe /X{95140000-00AF-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Music NFO Builder version 1.21a-->"C:\Program Files\Music NFO Builder\unins000.exe"
Mystery P.I. - The London Caper-->"C:\Program Files\HP Games\Mystery P.I. - The London Caper\Uninstall.exe"
Namco All-Stars PAC-MAN-->"C:\Program Files\HP Games\Namco All-Stars PAC-MAN\Uninstall.exe"
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.7.2.3\InstStub.exe /X /ARP
Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
Penguins!-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
Plants vs. Zombies - Game of the Year-->"C:\Program Files\HP Games\Plants vs. Zombies - Game of the Year\Uninstall.exe"
Polar Bowler-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
Ralink Motorola BC8 Bluetooth 3.0+HS Adapter-->"C:\Program Files\Motorola\Bluetooth\unins000.exe"
Ralink RT5390 802.11b/g/n WiFi Adapter-->C:\Program Files\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}\setup.exe -runfromtemp -l0x0013 -removeonly
Realtek Ethernet Controller Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek USB 2.0 Card Reader-->"C:\Program Files\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
Recovery Manager-->MsiExec.exe /I{DBCD5E64-7379-4648-9444-8A6558DCB614}
RemoteComms driver-->MsiExec.exe /I{43BEEE26-01A8-4EEE-8632-2353261E3B55}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CD6D9B8A-BBC4-3FA7-B24D-D74CE90630CF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {ECBEE23D-AB7E-3DAA-B66B-CD52003198F1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B7C20E16-9A3A-3F05-A6B5-E15AA09200E0} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CF581973-77E0-3093-A1AC-A03130DE990F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {576C07F8-777C-3981-B8BF-063A6B57254E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {90EA7C4E-7F03-31FD-BE27-B1A9B4AE56BD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {1E88AFAE-CEF7-3540-8FF6-6D00877B2767} /parameterfolder Client
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E949D8B9-24FD-4AB7-B427-FC42AA8BB2D9}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5}
Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B308C21C-A3EC-4DC8-8F78-0AA0E9C1ACBE}
Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDF9EAC9-3BB0-4F7F-9968-86DE581051D6}
Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5CB8B4D5-8202-4C5C-85CB-705BAEDE3B08}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A0E1177-574A-4F26-AD24-B003699C35FA}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {9D689455-5858-4AE4-A3CA-6E4149FE3F70}
Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B7B13E7-52F2-44C8-84BC-5B9C563AA572}
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skypeâ„¢ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
Slingo Deluxe-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {0160BA31-409C-3FD0-9C87-C7D95BF46986} /parameterfolder Client
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C}
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C}
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {ED38F8A3-4F61-494E-8BCA-E3AC7760C924}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {11C9B057-27FF-4BC1-82F6-DC4B15E70A2E}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update Installer for WildTangent Games App-->"C:\Program Files\WildTangent Games\App\Uninstall.exe"
UsbFix By El Desaparecido-->C:\UsbFix\Un-UsbFix.exe
uTorrentBar_FR Toolbar-->C:\Program Files\uTorrentBar_FR\uninstall.exe toolbar
Virtual Villagers - The Secret City-->"C:\Program Files\HP Games\Virtual Villagers - The Secret City\Uninstall.exe"
VLC media player 2.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Wedding Dash-->"C:\Program Files\HP Games\Wedding Dash\Uninstall.exe"
WildTangent Games App (HP Games)-->"C:\Program Files\WildTangent Games\Touchpoints\hp\Uninstall.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live Essentials-->MsiExec.exe /I{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Fotogalerie-->MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
Windows Live Mail-->MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen-->MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh ActiveX control for remote connections-->MsiExec.exe /I{C5398A89-516C-4DAF-BA07-EE7949090E56}
Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
Windows Live Mesh-->MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger-->MsiExec.exe /X{6057E21C-ABE9-4059-AE3E-3BEB9925E660}
Windows Live Messenger-->MsiExec.exe /X{6A563426-3474-41C6-B847-42B39F1485B2}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Movie Maker-->MsiExec.exe /X{E4E88B54-4777-4659-967A-2EED1E6AFD83}
Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}
Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{02602409-9189-4567-BC07-562605243B69}
Windows Live Remote Client Resources-->MsiExec.exe /I{464B3406-A4D0-4914-910F-7CA4380DCC13}
Windows Live Remote Client Resources-->MsiExec.exe /I{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
Windows Live Remote Client Resources-->MsiExec.exe /I{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}
Windows Live Remote Client-->MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
Windows Live Remote Service Resources-->MsiExec.exe /I{17504ED4-DB08-40A8-81C2-27D8C01581DA}
Windows Live Remote Service Resources-->MsiExec.exe /I{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}
Windows Live Remote Service Resources-->MsiExec.exe /I{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}
Windows Live Remote Service Resources-->MsiExec.exe /I{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
Windows Live Remote Service-->MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer Resources-->MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}
Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F}
Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer-->MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live-->MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
WinRAR 4.01 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
WMV9/VC-1 Video Playback-->MsiExec.exe /X{301AFE5D-74CB-DD97-CA3E-8CFA4B30D2F7}
Zuma Deluxe-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"

======System event log======

Computer Name: Audrey-HP
Event Code: 10009
Message: DCOM was unable to communicate with the computer localilililili using any of the configured protocols.
Record Number: 498351
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20131019102409.000000-000
Event Type: Error
User:

Computer Name: Audrey-HP
Event Code: 10009
Message: DCOM was unable to communicate with the computer localBenjamin using any of the configured protocols.
Record Number: 498350
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20131019102408.000000-000
Event Type: Error
User:

Computer Name: Audrey-HP
Event Code: 10009
Message: DCOM was unable to communicate with the computer localilililili using any of the configured protocols.
Record Number: 498349
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20131019102407.000000-000
Event Type: Error
User:

Computer Name: Audrey-HP
Event Code: 10009
Message: DCOM was unable to communicate with the computer localilililili using any of the configured protocols.
Record Number: 498348
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20131019102403.000000-000
Event Type: Error
User:

Computer Name: Audrey-HP
Event Code: 10009
Message: DCOM was unable to communicate with the computer localilililili using any of the configured protocols.
Record Number: 498347
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20131019102357.000000-000
Event Type: Error
User:

=====Application event log=====

Computer Name: Audrey-HP
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledEvent 21623860
Record Number: 39887
Source Name: Bonjour Service
Time Written: 20121119231458.000000-000
Event Type: Error
User:

Computer Name: Audrey-HP
Event Code: 100
Message: Task Scheduling Error: Continuously busy for more than a second
Record Number: 39886
Source Name: Bonjour Service
Time Written: 20121119231458.000000-000
Event Type: Error
User:

Computer Name: Audrey-HP
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledSPRetry 21622861
Record Number: 39885
Source Name: Bonjour Service
Time Written: 20121119231457.000000-000
Event Type: Error
User:

Computer Name: Audrey-HP
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledEvent 21622861
Record Number: 39884
Source Name: Bonjour Service
Time Written: 20121119231457.000000-000
Event Type: Error
User:

Computer Name: Audrey-HP
Event Code: 100
Message: Task Scheduling Error: Continuously busy for more than a second
Record Number: 39883
Source Name: Bonjour Service
Time Written: 20121119231457.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: Audrey-HP
Event Code: 5061
Message: Cryptographic operation.

Subject:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5

Cryptographic Parameters:
Provider Name: Microsoft Software Key Storage Provider
Algorithm Name: RSA
Key Name: bb453961-58f5-4e6c-8102-be12cfa7b5ac
Key Type: Machine key.

Cryptographic Operation:
Operation: Open Key.
Return Code: 0x0
Record Number: 26634
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121124151729.779816-000
Event Type: Audit Success
User:

Computer Name: Audrey-HP
Event Code: 5058
Message: Key file operation.

Subject:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5

Cryptographic Parameters:
Provider Name: Microsoft Software Key Storage Provider
Algorithm Name: Not Available.
Key Name: bb453961-58f5-4e6c-8102-be12cfa7b5ac
Key Type: Machine key.

Key File Operation Information:
File Path: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\75e29bcffb8d8c7c68e6a610e2b8035e_98707322-dc57-4bf1-a2c4-3c90ea0754e1
Operation: Read persisted key from file.
Return Code: 0x0
Record Number: 26633
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121124151729.778816-000
Event Type: Audit Success
User:

Computer Name: Audrey-HP
Event Code: 5061
Message: Cryptographic operation.

Subject:
Security ID: S-1-5-18
Account Name: AUDREY-HP$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Cryptographic Parameters:
Provider Name: Microsoft Software Key Storage Provider
Algorithm Name: RSA
Key Name: {1456547E-C2AC-48FA-B0D3-001E19C4C30C}
Key Type: Machine key.

Cryptographic Operation:
Operation: Open Key.
Return Code: 0x0
Record Number: 26632
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121124151724.418510-000
Event Type: Audit Success
User:

Computer Name: Audrey-HP
Event Code: 5058
Message: Key file operation.

Subject:
Security ID: S-1-5-18
Account Name: AUDREY-HP$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Cryptographic Parameters:
Provider Name: Microsoft Software Key Storage Provider
Algorithm Name: Not Available.
Key Name: {1456547E-C2AC-48FA-B0D3-001E19C4C30C}
Key Type: Machine key.

Key File Operation Information:
File Path: C:\ProgramData\Microsoft\Crypto\Keys\de06bae8ef7cd92c07bbada7bca424bd_98707322-dc57-4bf1-a2c4-3c90ea0754e1
Operation: Read persisted key from file.
Return Code: 0x0
Record Number: 26631
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121124151724.417510-000
Event Type: Audit Success
User:

Computer Name: Audrey-HP
Event Code: 5061
Message: Cryptographic operation.

Subject:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5

Cryptographic Parameters:
Provider Name: Microsoft Software Key Storage Provider
Algorithm Name: RSA
Key Name: bb453961-58f5-4e6c-8102-be12cfa7b5ac
Key Type: Machine key.

Cryptographic Operation:
Operation: Open Key.
Return Code: 0x0
Record Number: 26630
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121124151723.450454-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=20
"PROCESSOR_IDENTIFIER"=x86 Family 20 Model 1 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0100
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Pavilion
"asl.log"=Destination=file

-----------------EOF-----------------

Code: Tout sélectionner

# AdwCleaner v3.010 - Report created 02/11/2013 at 15:46:08
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Audrey - AUDREY-HP
# Running from : C:\Users\Audrey\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\uTorrentBar_FR
Folder Deleted : C:\Users\Audrey\chat-land
Folder Deleted : C:\Users\Audrey\Qtrax
Folder Deleted : C:\Users\Audrey\AppData\Local\Conduit
Folder Deleted : C:\Users\Audrey\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Audrey\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Audrey\AppData\LocalLow\uTorrentBar_FR
Folder Deleted : C:\Users\Audrey\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Audrey\AppData\Roaming\DSite
File Deleted : C:\Windows\System32\Tasks\DSite

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C67E02F-AEF5-4FCC-9213-9CFB07BAA8C9}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C67E02F-AEF5-4FCC-9213-9CFB07BAA8C9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKCU\Software\526da8bb63ebe13
Key Deleted : HKCU\Software\a5db6ead06d0476114c01b9f7c7ed7a6
Key Deleted : HKLM\SOFTWARE\526da8bb63ebe13
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2851639
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D6533F74-218B-41BE-9D91-5BD471FECFFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D6533F74-218B-41BE-9D91-5BD471FECFFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0A80E610-913A-416C-A967-10C7F640D885}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB5451C2-EB25-4120-AF01-C00566421F82}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar_FR
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\uTorrentBar_FR
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_FR Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Google Chrome v

[ File : C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6202 octets] - [02/11/2013 15:42:02]
AdwCleaner[S0].txt - [5965 octets] - [02/11/2013 15:46:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6025 octets] ##########

[Formaldehyyde]

Voici donc les différents rapports obtenus avec les différents programmes.

Merci d'avance de votre aide!

Code: Tout sélectionner

[spoiler]Malwarebytes Anti-Malware (Essai) 1.75.0.1300
https://www.malwarebytes.org

Version de la base de données: v2013.11.02.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
Audrey :: AUDREY-HP [administrateur]

Protection: Activé

2/11/2013 15:02:09
mbam-log-2013-11-02 (15-02-09).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 227745
Temps écoulé: 35 minute(s), 28 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 6
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Aucune action effectuée.
HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Aucune action effectuée.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Aucune action effectuée.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Aucune action effectuée.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Aucune action effectuée.
HKCU\Software\DC3_FEXEC (Malware.Trace) -> Mis en quarantaine et supprimé avec succès.

Valeur(s) du Registre détectée(s): 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Données: 0L1N1H2O1S -> Aucune action effectuée.

Elément(s) de données du Registre détecté(s): 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Mauvais: (https://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPCDD75652-ADA7-4361-9F76-6596D2A22DFF) Bon: (https://www.google.com) -> Aucune action effectuée.

Dossier(s) détecté(s): 8
C:\Users\Audrey\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Aucune action effectuée.
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Aucune action effectuée.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Aucune action effectuée.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.10.0 (PUP.Optional.Delta.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Roaming\dclogs (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.

Fichier(s) détecté(s): 155
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\uttA558.tmp.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\nsa6E15.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\nsc63F4.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\nsf5FE.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\nsfA91.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\nsp7527.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\is357113909\DeltaTB.exe (PUP.Optional.Babylon.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\9E8DFCB7-BAB0-7891-BE3D-90DFCF746EAC\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\9E8DFCB7-BAB0-7891-BE3D-90DFCF746EAC\MyBabylonTB.exe (PUP.Optional.Delta) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\AB34BAEA-BAB0-7891-9910-1456E012C32D\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Temp\AB34BAEA-BAB0-7891-9910-1456E012C32D\MyBabylonTB.exe (PUP.Optional.Delta) -> Aucune action effectuée.
C:\Users\Audrey\Downloads\La Roux - Bulletproof (Tiborg Radio Remix) - [MP3Juices.com].exe (PUP.Optional.Installex) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Local\Conduit\CT2851639\uTorrentBar_FRAutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
C:\Users\Audrey\Local Settings\Temporary Internet Files\Content.IE5\F06HXK7M\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
C:\Users\Audrey\Local Settings\Temporary Internet Files\Content.IE5\FRFWQFMM\spstub[1].exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Aucune action effectuée.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Aucune action effectuée.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Aucune action effectuée.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Aucune action effectuée.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> Aucune action effectuée.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-10-29-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-10-30-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-10-31-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-01-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-02-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-03-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-04-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-05-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-06-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-07-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-08-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-09-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-10-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-11-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-12-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-13-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-16-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-17-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-18-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-19-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-20-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-21-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-22-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-23-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-24-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-25-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-26-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-27-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-28-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-29-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-30-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-01-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-02-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-04-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-05-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-06-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-07-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-08-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-09-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-10-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-11-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-12-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-13-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-14-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-15-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-16-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-17-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-18-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-19-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-20-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-22-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-23-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-24-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-25-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-26-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-27-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-28-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-29-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-30-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-31-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-01-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-02-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-03-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-04-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-11-14-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-03-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2012-12-21-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-05-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-23-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-11-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-12-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-06-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-07-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-08-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-09-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-10-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-11-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-12-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-13-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-14-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-15-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-16-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-17-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-18-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-19-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-20-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-21-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-22-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-24-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-26-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-27-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-28-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-29-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-30-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-01-31-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-01-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-02-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-03-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-04-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-05-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-06-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-07-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-08-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-09-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-10-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-12-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-02-13-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-09-28-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-09-29-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-09-30-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-01-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-02-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-03-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-04-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-05-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-06-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-07-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-08-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-09-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-13-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-14-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-16-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-17-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-19-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-20-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-21-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-23-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-24-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-27-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-28-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-29-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-30-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-10-31-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Audrey\AppData\Roaming\dclogs\2013-11-01-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.

(fin)

[/spoiler]
[/spoiler]

[El Desaparecido]

Hello ,

Bienvenue sur SosVirus :welcome:

Désinstalle UsbFix , installe cette version : , lance le mode recherche et dis moi si elle bloque et à combien stp.
Il faudra me poster quand même le rapport ( si elle est bloquée ) il sera ici : C:\UsbFix [Scan 3] AUDREY-HP.txt

[Formaldehyyde]

Salut!

Voilà je viens de lancer la recherche de USFix. Mon PC est actuellement en mode sans échecs.
Et la recherche reste toujours bloquée à 22%. Elle cale légèrement au niveau des 14%, puis monte vite jusqu'à 22 et y reste.

Je te joins le rapport de la recherche (que je n'ai pas interrompue).

Code: Tout sélectionner

############################## | UsbFix V 7.148 | [Research]

User: Audrey (Administrator) # AUDREY-HP
Updated 01/11/2013 by El Desaparecido - Team SosVirus
Started at 16:37:11 | 03/11/2013

Website: https://www.usbfix.net/
Forum : https://www.sosvirus.net/
Upload Malware: https://www.sosvirus.net/upload_malware.php
Contact: https://www.usbfix.net/contact/

PC: Hewlett-Packard (1611)
CPU: AMD E-350 Processor
RAM -> [Total : 3578 | Free : 2241]
Bios: Hewlett-Packard
Boot: Fail-safe with network boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: BitDefender Antivirus [(!) Disabled | (!) Outdated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 447 Gb (208 Mb free - 47%) [] # NTFS
D:\ -> Fixed drive # 15 Gb (2 Mb free - 10%) [RECOVERY] # NTFS
E:\ -> Fixed drive # 4 Gb (1 Mb free - 28%) [HP_TOOLS] # FAT32
F:\ -> Removable drive # 2 Gb (2 Mb free - 97%) [] # FAT

################## | Reference of comparison MD5 |

Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\8i7asystemmD.vbe
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\97asystemD.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9eimmD.vbe
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9emmD.vbe
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9stemD.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9stiemD.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\sysfftem7.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\systefm34.vbe
Md5 : aed4faf279abf7d7605e81707be3ce64 -> C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:\Users\Audrey\AppData\Local\Temp\flashmemory.vbe
Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe
Md5 : c9b8fa51c889f97dc5c4deb274b1fbf2 -> C:\Users\Audrey\AppData\Local\Temp\Nj99.vbs
Md5 : DENIED -> F:\iTunesHelper.vbe

################## | Active Processes |

C:\Windows\system32\csrss.exe (ID: 360 |ParentID: 348)
C:\Windows\system32\csrss.exe (ID: 396 |ParentID: 388)
C:\Windows\system32\wininit.exe (ID: 416 |ParentID: 348)
C:\Windows\system32\services.exe (ID: 472 |ParentID: 416)
C:\Windows\system32\winlogon.exe (ID: 488 |ParentID: 388)
C:\Windows\system32\lsass.exe (ID: 516 |ParentID: 416)
C:\Windows\system32\lsm.exe (ID: 524 |ParentID: 416)
C:\Windows\system32\svchost.exe (ID: 624 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 696 |ParentID: 472)
C:\Windows\System32\svchost.exe (ID: 804 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 840 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 920 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 956 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 1032 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 1072 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 1340 |ParentID: 472)
C:\Windows\Explorer.EXE (ID: 1416 |ParentID: 1408)
C:\Windows\system32\ctfmon.exe (ID: 1488 |ParentID: 1416)
C:\Windows\system32\DllHost.exe (ID: 1724 |ParentID: 624)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 348 |ParentID: 1416)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 1632 |ParentID: 348)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 1892 |ParentID: 348)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 2432 |ParentID: 348)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3012 |ParentID: 624)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3160 |ParentID: 624)
C:\Windows\System32\wscript.exe (ID: 2056 |ParentID: 3236)
C:\UsbFix\Go.exe (ID: 1688 |ParentID: 2244)

################## | Regedit Run |

HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe
HKLM\SOFTWARE | Run : [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM\SOFTWARE | Run : [BTMTrayAgent] - rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\SOFTWARE | Run : [HPQuickWebProxy] - "C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
HKLM\SOFTWARE | Run : [HPConnectionManager] - C:\Program Files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
HKLM\SOFTWARE | Run : [Easybits Recovery] - C:\Program Files\EasyBits For Kids\ezRecover.exe
HKLM\SOFTWARE | Run : [HPOSD] - C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe"
HKLM\SOFTWARE | Run : [Genie TimeLine Tray] - C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [AvastUI.exe] - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKLM\SOFTWARE | Run : [bdruninstaller] - "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart"
HKLM\SOFTWARE | Run : [BitDefender Antiphishing Helper] - "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
HKLM\SOFTWARE | Run : [BDAgent] - "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [Google Update] - "C:\Users\Audrey\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [Facebook Update] - "C:\Users\Audrey\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [LaCie Desktop Manager Startup] - "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [MSa2emHR] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\MSa2emHR.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [qAuPnVQM] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\qAuPnVQM.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [LU86st0c] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\LU86st0c.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [G9zxsaPJ] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\G9zxsaPJ.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe"
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Generic Research |

[Formaldehyyde]

Au temps pour moi
Le recherche vient d'atteindre les 51% sous mes yeux! :bravo1:

Je poste le rapport final d'ici peu alors!

[Formaldehyyde]

Ici le rapport de la recherche de USBFix en mode sans échecs avec accès au réseau.

Code: Tout sélectionner

############################## | UsbFix V 7.148 | [Research]

User: Audrey (Administrator) # AUDREY-HP
Updated 01/11/2013 by El Desaparecido - Team SosVirus
Started at 16:37:11 | 03/11/2013

Website: https://www.usbfix.net/
Forum : https://www.sosvirus.net/
Upload Malware: https://www.sosvirus.net/upload_malware.php
Contact: https://www.usbfix.net/contact/

PC: Hewlett-Packard (1611)
CPU: AMD E-350 Processor
RAM -> [Total : 3578 | Free : 2241]
Bios: Hewlett-Packard
Boot: Fail-safe with network boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: BitDefender Antivirus [(!) Disabled | (!) Outdated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 447 Gb (208 Mb free - 47%) [] # NTFS
D:\ -> Fixed drive # 15 Gb (2 Mb free - 10%) [RECOVERY] # NTFS
E:\ -> Fixed drive # 4 Gb (1 Mb free - 28%) [HP_TOOLS] # FAT32
F:\ -> Removable drive # 2 Gb (2 Mb free - 97%) [] # FAT

################## | Reference of comparison MD5 |

Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\8i7asystemmD.vbe
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\97asystemD.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9eimmD.vbe
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9emmD.vbe
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9stemD.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9stiemD.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\sysfftem7.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\systefm34.vbe
Md5 : aed4faf279abf7d7605e81707be3ce64 -> C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:\Users\Audrey\AppData\Local\Temp\flashmemory.vbe
Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe
Md5 : c9b8fa51c889f97dc5c4deb274b1fbf2 -> C:\Users\Audrey\AppData\Local\Temp\Nj99.vbs
Md5 : DENIED -> F:\iTunesHelper.vbe

################## | Active Processes |

C:\Windows\system32\csrss.exe (ID: 360 |ParentID: 348)
C:\Windows\system32\csrss.exe (ID: 396 |ParentID: 388)
C:\Windows\system32\wininit.exe (ID: 416 |ParentID: 348)
C:\Windows\system32\services.exe (ID: 472 |ParentID: 416)
C:\Windows\system32\winlogon.exe (ID: 488 |ParentID: 388)
C:\Windows\system32\lsass.exe (ID: 516 |ParentID: 416)
C:\Windows\system32\lsm.exe (ID: 524 |ParentID: 416)
C:\Windows\system32\svchost.exe (ID: 624 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 696 |ParentID: 472)
C:\Windows\System32\svchost.exe (ID: 804 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 840 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 920 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 956 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 1032 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 1072 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 1340 |ParentID: 472)
C:\Windows\Explorer.EXE (ID: 1416 |ParentID: 1408)
C:\Windows\system32\ctfmon.exe (ID: 1488 |ParentID: 1416)
C:\Windows\system32\DllHost.exe (ID: 1724 |ParentID: 624)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 348 |ParentID: 1416)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 1632 |ParentID: 348)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 1892 |ParentID: 348)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 2432 |ParentID: 348)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3012 |ParentID: 624)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3160 |ParentID: 624)
C:\Windows\System32\wscript.exe (ID: 2056 |ParentID: 3236)
C:\UsbFix\Go.exe (ID: 1688 |ParentID: 2244)

################## | Regedit Run |

HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe
HKLM\SOFTWARE | Run : [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM\SOFTWARE | Run : [BTMTrayAgent] - rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\SOFTWARE | Run : [HPQuickWebProxy] - "C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
HKLM\SOFTWARE | Run : [HPConnectionManager] - C:\Program Files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
HKLM\SOFTWARE | Run : [Easybits Recovery] - C:\Program Files\EasyBits For Kids\ezRecover.exe
HKLM\SOFTWARE | Run : [HPOSD] - C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe"
HKLM\SOFTWARE | Run : [Genie TimeLine Tray] - C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [AvastUI.exe] - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKLM\SOFTWARE | Run : [bdruninstaller] - "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart"
HKLM\SOFTWARE | Run : [BitDefender Antiphishing Helper] - "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
HKLM\SOFTWARE | Run : [BDAgent] - "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [Google Update] - "C:\Users\Audrey\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [Facebook Update] - "C:\Users\Audrey\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [LaCie Desktop Manager Startup] - "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [MSa2emHR] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\MSa2emHR.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [qAuPnVQM] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\qAuPnVQM.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [LU86st0c] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\LU86st0c.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [G9zxsaPJ] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\G9zxsaPJ.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe"
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Generic Research |

Found ! F:\iTunesHelper.vbe
Found ! C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe
Found ! C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Found ! F:\Autorun.inf.lnk
Found ! F:\BitDefender.lnk
Found ! F:\Usbfix.lnk
Found ! C:\Users\Public\8i7asystemmD.vbe
Found ! C:\Users\Public\97asystemD.VBE
Found ! C:\Users\Public\9eimmD.vbe
Found ! C:\Users\Public\9emmD.vbe
Found ! C:\Users\Public\9stemD.VBE
Found ! C:\Users\Public\9stiemD.VBE
Found ! C:\Users\Public\sysfftem7.VBE
Found ! C:\Users\Public\systefm34.vbe
Found ! C:\Users\Public\9iaD12_Loading.zip
Found ! C:\Users\Public\D7_Loading.zip
Found ! C:\Users\Audrey\AppData\Local\Temp\Intel(R)s7.exe.tmp
Found ! C:\Users\Audrey\AppData\Local\Temp\Musiques.pif
Found ! C:\Users\Audrey\AppData\Local\Temp\utt19CA.tmp.exe
Found ! C:\Users\Audrey\AppData\Local\Temp\uttA558.tmp.exe
Found ! C:\Users\Audrey\AppData\Local\Temp\uttEDD3.tmp.exe
Found ! C:\Users\Audrey\AppData\Local\Temp\flashmemory.vbe
Found ! C:\Users\Audrey\AppData\Local\Temp\Nj99.vbs
Found ! C:\Users\Audrey\AppData\Local\Temp\1477.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\7777i.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\77u.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\97.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\DC7.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\dcyyt.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\ddddddddddd.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\HY.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\iiiii9.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\iiiiiiiiiiiiz7.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\sssssssssi.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\zzzz7.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\zzzzzzzzzzzz5.hta
Found ! D:\desktop.ini

################## | Comparison MD5 |

Found ! Md5 : C9B8FA51C889F97DC5C4DEB274B1FBF2 -> C:\Users\Audrey\AppData\Local\Temp\Nj99.vbs
Found ! Md5 : B7019418D79D26CEF0D0EA8C04A39337 -> C:\Users\Public\8i7asystemmD.vbe
Found ! Md5 : B7019418D79D26CEF0D0EA8C04A39337 -> C:\Users\Public\97asystemD.VBE

################## | Registry |

Found ! HKU\S-1-5-21-1190468337-140412576-3729368624-1002\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKU\S-1-5-21-1190468337-140412576-3729368624-1002\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKU\S-1-5-21-1190468337-140412576-3729368624-1002\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper

################## | Vaccin |

F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | https://www.usbfix.net - https://www.sosvirus.net |

[El Desaparecido]

Lance l'option suppression et post le rapport stp

[Formaldehyyde]

Ca a marché!

Voici le rapport.

Code: Tout sélectionner

############################## | UsbFix V 7.148 | [Research]

User: Audrey (Administrator) # AUDREY-HP
Updated 01/11/2013 by El Desaparecido - Team SosVirus
Started at 16:37:11 | 03/11/2013

Website: https://www.usbfix.net/
Forum : https://www.sosvirus.net/
Upload Malware: https://www.sosvirus.net/upload_malware.php
Contact: https://www.usbfix.net/contact/

PC: Hewlett-Packard (1611)
CPU: AMD E-350 Processor
RAM -> [Total : 3578 | Free : 2241]
Bios: Hewlett-Packard
Boot: Fail-safe with network boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16721

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: BitDefender Antivirus [(!) Disabled | (!) Outdated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes' Anti-Malware : 1.75.0001
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 447 Gb (208 Mb free - 47%) [] # NTFS
D:\ -> Fixed drive # 15 Gb (2 Mb free - 10%) [RECOVERY] # NTFS
E:\ -> Fixed drive # 4 Gb (1 Mb free - 28%) [HP_TOOLS] # FAT32
F:\ -> Removable drive # 2 Gb (2 Mb free - 97%) [] # FAT

################## | Reference of comparison MD5 |

Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\8i7asystemmD.vbe
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\97asystemD.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9eimmD.vbe
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9emmD.vbe
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9stemD.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\9stiemD.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\sysfftem7.VBE
Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:\Users\Public\systefm34.vbe
Md5 : aed4faf279abf7d7605e81707be3ce64 -> C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:\Users\Audrey\AppData\Local\Temp\flashmemory.vbe
Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe
Md5 : c9b8fa51c889f97dc5c4deb274b1fbf2 -> C:\Users\Audrey\AppData\Local\Temp\Nj99.vbs
Md5 : DENIED -> F:\iTunesHelper.vbe

################## | Active Processes |

C:\Windows\system32\csrss.exe (ID: 360 |ParentID: 348)
C:\Windows\system32\csrss.exe (ID: 396 |ParentID: 388)
C:\Windows\system32\wininit.exe (ID: 416 |ParentID: 348)
C:\Windows\system32\services.exe (ID: 472 |ParentID: 416)
C:\Windows\system32\winlogon.exe (ID: 488 |ParentID: 388)
C:\Windows\system32\lsass.exe (ID: 516 |ParentID: 416)
C:\Windows\system32\lsm.exe (ID: 524 |ParentID: 416)
C:\Windows\system32\svchost.exe (ID: 624 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 696 |ParentID: 472)
C:\Windows\System32\svchost.exe (ID: 804 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 840 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 920 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 956 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 1032 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 1072 |ParentID: 472)
C:\Windows\system32\svchost.exe (ID: 1340 |ParentID: 472)
C:\Windows\Explorer.EXE (ID: 1416 |ParentID: 1408)
C:\Windows\system32\ctfmon.exe (ID: 1488 |ParentID: 1416)
C:\Windows\system32\DllHost.exe (ID: 1724 |ParentID: 624)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 348 |ParentID: 1416)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 1632 |ParentID: 348)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 1892 |ParentID: 348)
C:\Users\Audrey\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 2432 |ParentID: 348)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3012 |ParentID: 624)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3160 |ParentID: 624)
C:\Windows\System32\wscript.exe (ID: 2056 |ParentID: 3236)
C:\UsbFix\Go.exe (ID: 1688 |ParentID: 2244)

################## | Regedit Run |

HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe
HKLM\SOFTWARE | Run : [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM\SOFTWARE | Run : [BTMTrayAgent] - rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\SOFTWARE | Run : [HPQuickWebProxy] - "C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
HKLM\SOFTWARE | Run : [HPConnectionManager] - C:\Program Files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
HKLM\SOFTWARE | Run : [Easybits Recovery] - C:\Program Files\EasyBits For Kids\ezRecover.exe
HKLM\SOFTWARE | Run : [HPOSD] - C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe"
HKLM\SOFTWARE | Run : [Genie TimeLine Tray] - C:\Program Files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe -auto
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | Run : [AvastUI.exe] - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKLM\SOFTWARE | Run : [bdruninstaller] - "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart"
HKLM\SOFTWARE | Run : [BitDefender Antiphishing Helper] - "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
HKLM\SOFTWARE | Run : [BDAgent] - "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [Google Update] - "C:\Users\Audrey\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [Facebook Update] - "C:\Users\Audrey\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [LaCie Desktop Manager Startup] - "C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [MSa2emHR] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\MSa2emHR.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [qAuPnVQM] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\qAuPnVQM.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [LU86st0c] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\LU86st0c.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [G9zxsaPJ] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\G9zxsaPJ.vbs"
HKU\S-1-5-21-1190468337-140412576-3729368624-1002\SOFTWARE | Run : [iTunesHelper] - wscript.exe //B "C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe"
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Generic Research |

Found ! F:\iTunesHelper.vbe
Found ! C:\Users\Audrey\AppData\Local\Temp\iTunesHelper.vbe
Found ! C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iTunesHelper.vbe
Found ! F:\Autorun.inf.lnk
Found ! F:\BitDefender.lnk
Found ! F:\Usbfix.lnk
Found ! C:\Users\Public\8i7asystemmD.vbe
Found ! C:\Users\Public\97asystemD.VBE
Found ! C:\Users\Public\9eimmD.vbe
Found ! C:\Users\Public\9emmD.vbe
Found ! C:\Users\Public\9stemD.VBE
Found ! C:\Users\Public\9stiemD.VBE
Found ! C:\Users\Public\sysfftem7.VBE
Found ! C:\Users\Public\systefm34.vbe
Found ! C:\Users\Public\9iaD12_Loading.zip
Found ! C:\Users\Public\D7_Loading.zip
Found ! C:\Users\Audrey\AppData\Local\Temp\Intel(R)s7.exe.tmp
Found ! C:\Users\Audrey\AppData\Local\Temp\Musiques.pif
Found ! C:\Users\Audrey\AppData\Local\Temp\utt19CA.tmp.exe
Found ! C:\Users\Audrey\AppData\Local\Temp\uttA558.tmp.exe
Found ! C:\Users\Audrey\AppData\Local\Temp\uttEDD3.tmp.exe
Found ! C:\Users\Audrey\AppData\Local\Temp\flashmemory.vbe
Found ! C:\Users\Audrey\AppData\Local\Temp\Nj99.vbs
Found ! C:\Users\Audrey\AppData\Local\Temp\1477.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\7777i.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\77u.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\97.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\DC7.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\dcyyt.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\ddddddddddd.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\HY.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\iiiii9.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\iiiiiiiiiiiiz7.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\sssssssssi.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\zzzz7.hta
Found ! C:\Users\Audrey\AppData\Local\Temp\zzzzzzzzzzzz5.hta
Found ! D:\desktop.ini

################## | Comparison MD5 |

Found ! Md5 : C9B8FA51C889F97DC5C4DEB274B1FBF2 -> C:\Users\Audrey\AppData\Local\Temp\Nj99.vbs
Found ! Md5 : B7019418D79D26CEF0D0EA8C04A39337 -> C:\Users\Public\8i7asystemmD.vbe
Found ! Md5 : B7019418D79D26CEF0D0EA8C04A39337 -> C:\Users\Public\97asystemD.VBE

################## | Registry |

Found ! HKU\S-1-5-21-1190468337-140412576-3729368624-1002\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKU\S-1-5-21-1190468337-140412576-3729368624-1002\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKU\S-1-5-21-1190468337-140412576-3729368624-1002\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper
Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|iTunesHelper

################## | Vaccin |

F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | https://www.usbfix.net - https://www.sosvirus.net |

Est-ce que mon pc est tiré d'affaire?

[El Desaparecido]

C'est le rapport de recherche ça