Virus transforme fichiers en raccourci et usbfix bloqué 2013-11-02T21:31:58+00:00

SOSVirus : Dépannage PC Gratuit Support Aide à la désinfection – Forum Virus Sécurité Virus transforme fichiers en raccourci et usbfix bloqué

  • Auteur
    Messages
  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    Bonjour,

    Je vous contacte car j’ai un problème sur mon pc. En effet, j’ai remarqué que sur ma clé usb, tous les fichiers étaient dupliqués en raccourcis et d’autres fichiers aux noms inconnus à ma connaissance (“autorun.inf”,..).
    Je me suis donc dit que j’avais un virus. Mon copain l’avait sur son ordinateur et clé usb également, il a enclenché usbfix qui a réglé son problème. Par contre, usbfix ne marche pas sur mon ordinateur: même pour la “recherche”, le logiciel bloque à 22% … Nous avons essayé plusieurs versions, même la plus récente, et rien ne marche, même en mode sans échec.

    Nous avons donc analysé l’ordinateur avec ces logiciels: RSIT, ZHPDiag, Malware, Adwcleaner.
    Voici les rapports:

    [spoiler:3c49hdra]Logfile of random's system information tool 1.09 (written by random/random)
    Run by Audrey at 2013-11-01 14:01:46
    Microsoft Windows 7 Home Premium Service Pack 1
    System drive C: has 217 GB (47%) free of 457 GB
    Total RAM: 3578 MB (39% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 14:02:10, on 1/11/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v10.0 (10.00.9200.16686)
    Boot mode: Normal

    Running processes:
    C:Windowssystem32taskhost.exe
    C:Windowssystem32Dwm.exe
    C:Program FilesGenie-SoftGenie TimelineGSTimeLineAgent.exe
    C:WindowsExplorer.EXE
    C:Program FilesGenie-SoftGenie TimelineWebServerPHPphp-cgi.exe
    C:Program FilesGenie-SoftGenie TimelineWebServernginxGSTimeLineSearch.exe
    C:Program FilesGenie-SoftGenie TimelineWebServernginxGSTimeLineSearch.exe
    C:Windowssystem32conhost.exe
    C:Program FilesIDTWDMsttray.exe
    C:Program FilesSynapticsSynTPSynTPEnh.exe
    C:WindowsSystem32rundll32.exe
    C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe
    C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe
    C:Program FilesHewlett-PackardHP Connection ManagerhpConnectionManager.exe
    C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe
    C:Program FilesiTunesiTunesHelper.exe
    C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
    C:Program FilesSynapticsSynTPSynTPHelper.exe
    C:Program FilesCommon FilesJavaJava Updatejusched.exe
    C:Program FilesAVAST SoftwareAvastAvastUI.exe
    C:Program FilesLaCieDesktop ManagerLaCieDesktopManagerStatusItem.exe
    C:Program FilesMotorolaBluetoothbtplayerctrl.exe
    C:Windowssystem32taskeng.exe
    C:Program FilesCyberLinkYouCamYCMMirage.exe
    C:Program FilesHewlett-PackardSharedhpCaslNotification.exe
    C:WindowsSystem32wscript.exe
    C:UsersAudreyAppDataRoamingDropboxbinDropbox.exe
    C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
    C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe
    C:Windowssystem32SearchFilterHost.exe
    C:UsersAudreyDownloadsRSIT.exe
    C:Program Filestrend microAudrey.exe

    R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.bing.com?pc=HPNTDF” onclick=”window.open(this.href);return false;
    R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896” onclick=”window.open(this.href);return false;
    R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPCDD75652-ADA7-4361-9F76-6596D2A22DFF” onclick=”window.open(this.href);return false;
    R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141” onclick=”window.open(this.href);return false;
    R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896” onclick=”window.open(this.href);return false;
    R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896” onclick=”window.open(this.href);return false;
    R0 – HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141” onclick=”window.open(this.href);return false;
    R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
    R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
    R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
    R3 – URLSearchHook: uTorrentBar_FR Toolbar – {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} – C:Program FilesuTorrentBar_FRprxtbuTor.dll
    O2 – BHO: uTorrentBar_FR – {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} – C:Program FilesuTorrentBar_FRprxtbuTor.dll
    O2 – BHO: Symantec NCO BHO – {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} – C:Program FilesNorton Internet SecurityEngine18.7.2.3coIEPlg.dll
    O2 – BHO: Symantec Intrusion Prevention – {6D53EC84-6AAE-4787-AEEE-F4628F01010C} – C:Program FilesNorton Internet SecurityEngine18.7.2.3IPSIPSBHO.DLL
    O2 – BHO: Groove GFS Browser Helper – {72853161-30C5-4D22-B7F9-0BBC1D38A37E} – C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
    O2 – BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:Program FilesJavajre7binssv.dll
    O2 – BHO: avast! Online Security – {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} – C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll
    O2 – BHO: Windows Live ID Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
    O2 – BHO: SkypeIEPluginBHO – {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} – C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
    O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:Program FilesJavajre7binjp2ssv.dll
    O3 – Toolbar: Norton Toolbar – {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} – C:Program FilesNorton Internet SecurityEngine18.7.2.3coIEPlg.dll
    O3 – Toolbar: uTorrentBar_FR Toolbar – {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} – C:Program FilesuTorrentBar_FRprxtbuTor.dll
    O3 – Toolbar: avast! Online Security – {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} – C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll
    O4 – HKLM..Run: [StartCCC] “C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    O4 – HKLM..Run: [SysTrayApp] C:Program FilesIDTWDMsttray.exe
    O4 – HKLM..Run: [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    O4 – HKLM..Run: [BTMTrayAgent] rundll32.exe “C:Program FilesMotorolaBluetoothbtmshell.dll”,TrayApp
    O4 – HKLM..Run: [HPQuickWebProxy] “C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe”
    O4 – HKLM..Run: [HPConnectionManager] C:Program FilesHewlett-PackardHP Connection ManagerHPCMDelayStart.exe
    O4 – HKLM..Run: [HP Quick Launch] C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe
    O4 – HKLM..Run: [Easybits Recovery] C:Program FilesEasyBits For KidsezRecover.exe
    O4 – HKLM..Run: [HPOSD] C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe
    O4 – HKLM..Run: [APSDaemon] “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    O4 – HKLM..Run: [Adobe ARM] “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    O4 – HKLM..Run: [iTunesHelper] “C:Program FilesiTunesiTunesHelper.exe”
    O4 – HKLM..Run: [Genie TimeLine Tray] C:Program FilesGenie-SoftGenie TimelineGSTimeLineAgent.exe -auto
    O4 – HKLM..Run: [LaCie Desktop Manager Launcher] “C:Program FilesLaCieDesktop Managerlacie_launcherd.exe”
    O4 – HKLM..Run: [GrooveMonitor] “C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe”
    O4 – HKLM..Run: [SunJavaUpdateSched] “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
    O4 – HKLM..Run: [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    O4 – HKLM..Run: [bdruninstaller] “C:Program FilesCommon FilesBitdefenderSetupInformationdownloadersetuplauncher.exe” /run:”C:Program FilesCommon FilesBitdefenderSetupInformationdownloadersetupdownloader.exe” /args:”/after_restart”
    O4 – HKCU..Run: [Google Update] “C:UsersAudreyAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    O4 – HKCU..Run: [Facebook Update] “C:UsersAudreyAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    O4 – HKCU..Run: [LaCie Desktop Manager Startup] “C:Program FilesLaCieDesktop ManagerLaCieDesktopManagerStatusItem.exe”
    O4 – HKCU..Run: [iTunesHelper] wscript.exe //B “C:UsersAudreyAppDataLocalTempiTunesHelper.vbe”
    O4 – HKCU..Run: [06Qm1DhN] wscript.exe //B “C:UsersAudreyAppDataLocalTemp6Qm1DhN.vbs”
    O4 – HKCU..Run: [TPydqkb8] wscript.exe //B “C:UsersAudreyAppDataLocalTempTPydqkb8.vbs”
    O4 – HKCU..Run: [MSa2emHR] wscript.exe //B “C:UsersAudreyAppDataLocalTempMSa2emHR.vbs”
    O4 – HKCU..Run: [qAuPnVQM] wscript.exe //B “C:UsersAudreyAppDataLocalTempqAuPnVQM.vbs”
    O4 – HKCU..Run: [LU86st0c] wscript.exe //B “C:UsersAudreyAppDataLocalTempLU86st0c.vbs”
    O4 – HKCU..Run: [G9zxsaPJ] wscript.exe //B “C:UsersAudreyAppDataLocalTempG9zxsaPJ.vbs”
    O4 – HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'LOCAL SERVICE')
    O4 – HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'NETWORK SERVICE')
    O4 – Startup: Dropbox.lnk = AudreyAppDataRoamingDropboxbinDropbox.exe
    O4 – Startup: iTunesHelper.vbe
    O4 – Startup: qAuPnVQM.vbs
    O8 – Extra context menu item: E&xport to Microsoft Excel – res://C” onclick=”window.open(this.href);return false;:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
    O8 – Extra context menu item: Télécharger avec Mipony – file://C” onclick=”window.open(this.href);return false;:Program FilesMiPonyBrowserIEContext.htm
    O9 – Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
    O9 – Extra 'Tools' menuitem: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
    O9 – Extra button: Send to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:PROGRA~1MICROS~2Office12ONBttnIE.dll
    O9 – Extra 'Tools' menuitem: S&end to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:PROGRA~1MICROS~2Office12ONBttnIE.dll
    O9 – Extra button: Skype Click to Call – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} – C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
    O9 – Extra 'Tools' menuitem: Skype Click to Call – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} – C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
    O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
    O9 – Extra button: @C:Program FilesEvernoteEvernoteResource.dll,-101 – {A95fe080-8f5d-11d2-a20b-00aa003c157a} – res://C” onclick=”window.open(this.href);return false;:Program FilesEvernoteEvernoteEvernoteIE.dll/204 (file missing)
    O9 – Extra 'Tools' menuitem: @C:Program FilesEvernoteEvernoteResource.dll,-101 – {A95fe080-8f5d-11d2-a20b-00aa003c157a} – res://C” onclick=”window.open(this.href);return false;:Program FilesEvernoteEvernoteEvernoteIE.dll/204 (file missing)
    O9 – Extra button: @C:Program FilesMotorolaBluetoothbtmshell.dll,-247 – {bd707fe6-39f6-4bda-9265-86a76719bdc5} – C:Program FilesMotorolaBluetoothbtmiesend.htm
    O9 – Extra 'Tools' menuitem: @C:Program FilesMotorolaBluetoothbtmshell.dll,-247 – {bd707fe6-39f6-4bda-9265-86a76719bdc5} – C:Program FilesMotorolaBluetoothbtmiesend.htm
    O10 – Unknown file in Winsock LSP: c:program filescommon filesmicrosoft sharedwindows livewlidnsp.dll
    O10 – Unknown file in Winsock LSP: c:program filescommon filesmicrosoft sharedwindows livewlidnsp.dll
    O11 – Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 – Protocol: grooveLocalGWS – {88FED34C-F0CA-4636-A375-3CB6248B04CD} – C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
    O18 – Protocol: skype-ie-addon-data – {91774881-D725-4E58-B298-07617B9B86A8} – C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll
    O18 – Protocol: skype4com – {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} – C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
    O18 – Protocol: wlpg – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} – C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
    O23 – Service: Adobe Acrobat Update Service (AdobeARMservice) – Adobe Systems Incorporated – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
    O23 – Service: Andrea ST Filters Service (AESTFilters) – Andrea Electronics Corporation – C:Program FilesIDTWDMaestsrv.exe
    O23 – Service: AMD External Events Utility – AMD – C:Windowssystem32atiesrxx.exe
    O23 – Service: AMD FUEL Service – Advanced Micro Devices, Inc. – C:Program FilesATI TechnologiesATI.ACEFuelFuel.Service.exe
    O23 – Service: AMD Reservation Manager – Advanced Micro Devices – C:Program FilesATI TechnologiesATI.ACEReservation ManagerAMD Reservation Manager.exe
    O23 – Service: Apple Mobile Device – Apple Inc. – C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    O23 – Service: avast! Antivirus – AVAST Software – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
    O23 – Service: Bluetooth Device Manager – Motorola Solutions, Inc. – C:Program FilesMotorolaBluetoothdevmgrsrv.exe
    O23 – Service: Bluetooth Media Service – Motorola Solutions, Inc. – C:Program FilesMotorolaBluetoothaudiosrv.exe
    O23 – Service: Bluetooth OBEX Service – Motorola Solutions, Inc. – C:Program FilesMotorolaBluetoothobexsrv.exe
    O23 – Service: Service Bonjour (Bonjour Service) – Apple Inc. – C:Program FilesBonjourmDNSResponder.exe
    O23 – Service: Easybits Services for Windows (ezSharedSvc) – EasyBits Software AS – C:WindowsSystem32ezSharedSvcHost.exe
    O23 – Service: FLEXnet Licensing Service – Macrovision Europe Ltd. – C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
    O23 – Service: GamesAppService – WildTangent, Inc. – C:Program FilesWildTangent GamesAppGamesAppService.exe
    O23 – Service: Genie Timeline Service (GenieTimelineService) – Genie-Soft – C:Program FilesGenie-SoftGenie TimelineGenieTimelineService.exe
    O23 – Service: HP Support Assistant Service – Unknown owner – C:Program FilesHewlett-PackardHP Support Frameworkhpsa_service.exe (file missing)
    O23 – Service: HP Client Services (HPClientSvc) – Hewlett-Packard Company – C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe
    O23 – Service: HP Connection Manager 4.0 Service (hpCMSrv) – Hewlett-Packard Development Company L.P. – C:Program FilesHewlett-PackardHP Connection ManagerhpCMSrv.exe
    O23 – Service: HP Software Framework Service (hpqwmiex) – Hewlett-Packard Company – C:Program FilesHewlett-PackardSharedhpqWmiEx.exe
    O23 – Service: HP Service (hpsrv) – Hewlett-Packard Company – C:Windowssystem32Hpservice.exe
    O23 – Service: HPWMISVC – Hewlett-Packard Development Company, L.P. – C:Program FilesHewlett-PackardHP Quick LaunchHPWMISVC.exe
    O23 – Service: Service de l’iPod (iPod Service) – Apple Inc. – C:Program FilesiPodbiniPodService.exe
    O23 – Service: LaCieDesktopManagerService – Unknown owner – C:Program FilesLaCieDesktop Managerlacie_dm_service.exe
    O23 – Service: Norton Internet Security (NIS) – Symantec Corporation – C:Program FilesNorton Internet SecurityEngine18.7.2.3ccSvcHst.exe
    O23 – Service: Skype Updater (SkypeUpdate) – Skype Technologies – C:Program FilesSkypeUpdaterUpdater.exe
    O23 – Service: @%SystemRoot%system32stlang.dll,-10101 (STacSV) – IDT, Inc. – C:Program FilesIDTWDMSTacSV.exe


    End of file – 14929 bytes

    ======Scheduled tasks folder======

    C:WindowstasksFacebookUpdateTaskUserS-1-5-21-1190468337-140412576-3729368624-1002Core.job
    C:WindowstasksFacebookUpdateTaskUserS-1-5-21-1190468337-140412576-3729368624-1002UA.job
    C:WindowstasksGoogleUpdateTaskUserS-1-5-21-1190468337-140412576-3729368624-1002Core.job
    C:WindowstasksGoogleUpdateTaskUserS-1-5-21-1190468337-140412576-3729368624-1002UA.job
    C:WindowstasksHPCeeScheduleForAUDREY-HP$.job
    C:WindowstasksHPCeeScheduleForAudrey.job
    C:WindowstasksNorton Product InstallerIdle.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]
    uTorrentBar_FR Toolbar – C:Program FilesuTorrentBar_FRprxtbuTor.dll [2011-05-09 176936]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
    Symantec NCO BHO – C:Program FilesNorton Internet SecurityEngine18.7.2.3coIEPlg.dll [2012-06-07 436192]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
    Symantec Intrusion Prevention – C:Program FilesNorton Internet SecurityEngine18.7.2.3IPSIPSBHO.DLL [2011-03-31 210872]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper – C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2009-02-26 2217832]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper – C:Program FilesJavajre7binssv.dll [2013-04-04 462752]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
    avast! Online Security – C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll [2013-11-01 606544]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live ID Sign-in Helper – C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2010-09-21 439168]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    Skype Browser Helper – C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll [2011-11-14 3843232]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper – C:Program FilesJavajre7binjp2ssv.dll [2013-04-04 171424]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} – Norton Toolbar – C:Program FilesNorton Internet SecurityEngine18.7.2.3coIEPlg.dll [2012-06-07 436192]
    {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} – uTorrentBar_FR Toolbar – C:Program FilesuTorrentBar_FRprxtbuTor.dll [2011-05-09 176936]
    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} – avast! Online Security – C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll [2013-11-01 606544]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
    “StartCCC”=C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe [2010-11-10 336384]
    “SysTrayApp”=C:Program FilesIDTWDMsttray.exe [2010-12-17 536668]
    “SynTPEnh”=C:Program FilesSynapticsSynTPSynTPEnh.exe [2010-12-23 2049320]
    “BTMTrayAgent”=C:Program FilesMotorolaBluetoothbtmshell.dll [2011-02-15 20899408]
    “HPQuickWebProxy”=C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe [2011-03-16 76344]
    “HPConnectionManager”=C:Program FilesHewlett-PackardHP Connection ManagerHPCMDelayStart.exe [2011-02-15 94264]
    “”= []
    “HP Quick Launch”=C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe [2010-11-09 586296]
    “Easybits Recovery”=C:Program FilesEasyBits For KidsezRecover.exe [2011-02-10 61112]
    “HPOSD”=C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe [2011-01-27 318520]
    “APSDaemon”=C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe [2012-05-30 59280]
    “Adobe ARM”=C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [2013-04-04 958576]
    “iTunesHelper”=C:Program FilesiTunesiTunesHelper.exe [2012-06-07 421776]
    “Genie TimeLine Tray”=C:Program FilesGenie-SoftGenie TimelineGSTimeLineAgent.exe [2011-02-02 1051264]
    “LaCie Desktop Manager Launcher”=C:Program FilesLaCieDesktop Managerlacie_launcherd.exe []
    “GrooveMonitor”=C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe [2009-02-26 30040]
    “SunJavaUpdateSched”=C:Program FilesCommon FilesJavaJava Updatejusched.exe [2013-03-12 253816]
    “AvastUI.exe”=C:Program FilesAVAST SoftwareAvastAvastUI.exe [2013-11-01 3568312]
    “bdruninstaller”=C:Program FilesCommon FilesBitdefenderSetupInformationdownloadersetuplauncher.exe [2013-06-19 676568]

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
    “Google Update”=C:UsersAudreyAppDataLocalGoogleUpdateGoogleUpdate.exe [2011-10-23 136176]
    “Facebook Update”=C:UsersAudreyAppDataLocalFacebookUpdateFacebookUpdate.exe [2012-10-05 138096]
    “LaCie Desktop Manager Startup”=C:Program FilesLaCieDesktop ManagerLaCieDesktopManagerStatusItem.exe [2011-07-29 2456576]
    “iTunesHelper”=wscript.exe //B C:UsersAudreyAppDataLocalTempiTunesHelper.vbe []
    “06Qm1DhN”=wscript.exe //B C:UsersAudreyAppDataLocalTemp6Qm1DhN.vbs []
    “TPydqkb8″=wscript.exe //B C:UsersAudreyAppDataLocalTempTPydqkb8.vbs []
    “MSa2emHR”=wscript.exe //B C:UsersAudreyAppDataLocalTempMSa2emHR.vbs []
    “qAuPnVQM”=wscript.exe //B C:UsersAudreyAppDataLocalTempqAuPnVQM.vbs []
    “LU86st0c”=wscript.exe //B C:UsersAudreyAppDataLocalTempLU86st0c.vbs []
    “G9zxsaPJ”=wscript.exe //B C:UsersAudreyAppDataLocalTempG9zxsaPJ.vbs []

    C:UsersAudreyAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
    Dropbox.lnk – C:UsersAudreyAppDataRoamingDropboxbinDropbox.exe
    iTunesHelper.vbe
    qAuPnVQM.vbs

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad]
    WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
    “{E54729E8-BB3D-4270-9D49-7389EA579090}”=C:Windowssystem32EZUPBH~1.DLL [2011-04-22 52920]
    “{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll [2009-02-26 2217832]

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsecurityproviders]
    “SecurityProviders”=credssp.dll

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkAFD]

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
    “ConsentPromptBehaviorAdmin”=5
    “ConsentPromptBehaviorUser”=3
    “EnableUIADesktopToggle”=0
    “dontdisplaylastusername”=0
    “legalnoticecaption”=
    “legalnoticetext”=
    “shutdownwithoutlogon”=1
    “undockwithoutlogon”=1
    “EnableLinkedConnections”=1

    [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    “NoDriveAutoRun”=3
    “NoDriveTypeAutoRun”=0

    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
    “EnableShellExecuteHooks”=1
    “NoDriveAutoRun”=3
    “NoDriveTypeAutoRun”=0

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

    [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionDrivers32]
    “vidc.mrle”=msrle32.dll
    “vidc.msvc”=msvidc32.dll
    “msacm.imaadpcm”=imaadp32.acm
    “msacm.msg711″=msg711.acm
    “msacm.msgsm610″=msgsm32.acm
    “msacm.msadpcm”=msadp32.acm
    “midimapper”=midimap.dll
    “wavemapper”=msacm32.drv
    “VIDC.UYVY”=msyuv.dll
    “VIDC.YUY2″=msyuv.dll
    “VIDC.YVYU”=msyuv.dll
    “VIDC.IYUV”=iyuv_32.dll
    “vidc.i420″=iyuv_32.dll
    “VIDC.YVU9″=tsbyuv.dll
    “msacm.l3acm”=C:WindowsSystem32l3codeca.acm
    “vidc.cvid”=iccvid.dll
    “MSVideo8″=VfWWDM32.dll
    “msacm.siren”=sirenacm.dll
    “wave”=wdmaud.drv
    “midi”=wdmaud.drv
    “mixer”=wdmaud.drv
    “aux”=wdmaud.drv
    “wave1″=wdmaud.drv
    “midi1″=wdmaud.drv
    “mixer1″=wdmaud.drv
    “wave2″=wdmaud.drv
    “midi2″=wdmaud.drv
    “mixer2″=wdmaud.drv

    ======File associations======

    .js – edit – C:WindowsSystem32Notepad.exe %1
    .js – open – C:WindowsSystem32WScript.exe “%1” %*

    ======List of files/folders created in the last 1 month======

    2013-11-01 14:01:47 —-D—- C:Program Filestrend micro
    2013-11-01 14:01:46 —-D—- C:rsit
    2013-11-01 08:44:22 —-A—- C:UsbFix [Scan 2] AUDREY-HP.txt
    2013-11-01 08:36:36 —-A—- C:UsbFix [Scan 1] AUDREY-HP.txt
    2013-11-01 08:27:07 —-D—- C:UsersAudreyAppDataRoamingAVAST Software
    2013-11-01 08:25:26 —-A—- C:Windowssystem32driversaswTdi.sys
    2013-11-01 08:25:25 —-A—- C:Windowssystem32driversaswVmm.sys
    2013-11-01 08:25:24 —-A—- C:Windowssystem32driversaswSP.sys
    2013-11-01 08:25:23 —-A—- C:Windowssystem32driversaswRvrt.sys
    2013-11-01 08:25:21 —-A—- C:Windowssystem32driversaswSnx.sys
    2013-11-01 08:25:20 —-A—- C:Windowssystem32driversaswMonFlt.sys
    2013-11-01 08:25:16 —-A—- C:Windowssystem32driversaswFsBlk.sys
    2013-11-01 08:25:14 —-A—- C:Windowssystem32driversaswRdr2.sys
    2013-11-01 08:25:05 —-A—- C:Windowssystem32aswBoot.exe
    2013-11-01 08:24:45 —-A—- C:WindowsavastSS.scr
    2013-11-01 08:24:01 —-D—- C:Program FilesAVAST Software
    2013-11-01 08:22:56 —-D—- C:ProgramDataAVAST Software
    2013-11-01 07:10:33 —-HD—- C:_Exception1
    2013-11-01 07:10:24 —-D—- C:Backup_2013-10-31 221024
    2013-10-31 22:03:58 —-D—- C:Program FilesCommon FilesBitdefender
    2013-10-31 21:27:13 —-A—- C:UsbFix [Clean 2] AUDREY-HP.txt
    2013-10-31 21:12:16 —-A—- C:UsbFix [Clean 1] AUDREY-HP.txt
    2013-10-31 21:12:04 —-D—- C:UsbFix
    2013-10-02 20:53:53 —-N—- C:bootsqm.dat

    ======List of files/folders modified in the last 1 month======

    2013-11-01 14:01:47 —-RD—- C:Program Files
    2013-11-01 13:59:16 —-D—- C:WindowsSystem32
    2013-11-01 13:59:16 —-D—- C:Windowsinf
    2013-11-01 13:59:16 —-A—- C:Windowssystem32PerfStringBackup.INI
    2013-11-01 13:54:46 —-D—- C:UsersAudreyAppDataRoamingDropbox
    2013-11-01 12:16:01 —-D—- C:WindowsTemp
    2013-11-01 10:11:10 —-SHD—- C:System Volume Information
    2013-11-01 08:25:26 —-D—- C:Windowssystem32drivers
    2013-11-01 08:25:06 —-D—- C:Windowswinsxs
    2013-11-01 08:25:05 —-D—- C:Windows
    2013-11-01 08:22:56 —-HD—- C:ProgramData
    2013-11-01 08:20:10 —-D—- C:Windowssystem32config
    2013-11-01 08:05:36 —-D—- C:UsersAudreyAppDataRoaminguTorrent
    2013-11-01 07:59:46 —-D—- C:UsersAudreyAppDataRoamingdclogs
    2013-11-01 07:29:17 —-D—- C:WindowsTasks
    2013-11-01 07:29:17 —-D—- C:Windowssystem32wfp
    2013-11-01 07:29:17 —-D—- C:Windowssystem32en-US
    2013-11-01 07:29:17 —-D—- C:Windowssystem32DriverStore
    2013-11-01 07:29:17 —-D—- C:Windowssystem32catroot2
    2013-11-01 07:29:17 —-D—- C:Program FilesInternet Explorer
    2013-11-01 07:29:15 —-D—- C:Windowssystem32wbem
    2013-11-01 07:29:15 —-D—- C:Windowssystem32Tasks
    2013-11-01 07:29:14 —-D—- C:Windowssystem32driversUMDF
    2013-11-01 07:29:14 —-D—- C:Windowssystem32driversNIS
    2013-11-01 07:29:14 —-D—- C:Windowssystem32CodeIntegrity
    2013-11-01 07:29:09 —-SHD—- C:WindowsInstaller
    2013-11-01 07:29:04 —-D—- C:UsersAudreyAppDataRoamingPhotoFiltre 7
    2013-11-01 07:29:00 —-D—- C:ProgramDataNorton
    2013-11-01 07:29:00 —-D—- C:ProgramDataFLEXnet
    2013-11-01 07:28:57 —-D—- C:Program FilesSymantec
    2013-11-01 07:28:56 —-D—- C:Program FilesNorton Internet Security
    2013-11-01 07:28:54 —-D—- C:Program FilesMicrosoft Silverlight
    2013-11-01 07:28:51 —-D—- C:Program FilesCommon FilesSymantec Shared
    2013-11-01 07:28:51 —-D—- C:Program FilesCommon Filesmicrosoft shared
    2013-11-01 07:28:24 —-D—- C:Windowsregistration
    2013-11-01 07:28:07 —-D—- C:Windowssystem32catroot
    2013-11-01 07:27:58 —-D—- C:WindowsMicrosoft.NET
    2013-11-01 07:27:33 —-RSD—- C:Windowsassembly
    2013-11-01 07:26:36 —-D—- C:Program FilesNortonInstaller
    2013-11-01 07:26:07 —-D—- C:Program FilesCommon Files
    2013-10-31 22:05:05 —-D—- C:ProgramDataNortonInstaller
    2013-10-13 22:37:00 —-D—- C:UsersAudreyAppDataRoamingvlc
    2013-10-12 15:20:35 —-D—- C:Windowssystem32MRT
    2013-10-12 15:09:44 —-A—- C:Windowssystem32MRT.exe
    2013-10-12 15:09:17 —-D—- C:ProgramDataMicrosoft Help
    2013-10-03 07:23:11 —-D—- C:WindowsPrefetch

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 amd_sata;amd_sata; C:Windowssystem32DRIVERSamd_sata.sys [2010-11-05 64128]
    R0 amd_xata;amd_xata; C:Windowssystem32DRIVERSamd_xata.sys [2010-11-05 32384]
    R0 aswVmm;avast! VM Monitor; C:Windowssystem32driversaswVmm.sys [2013-11-01 178304]
    R0 hpdskflt;HP Filter; C:Windowssystem32DRIVERShpdskflt.sys [2011-05-27 25656]
    R0 rdyboost;ReadyBoost; C:WindowsSystem32driversrdyboost.sys [2010-11-20 173440]
    R0 SymDS;Symantec Data Store; C:Windowssystem32driversNIS1207020.003SYMDS.SYS [2011-01-27 340088]
    R0 SymEFA;Symantec Extended File Attributes; C:Windowssystem32driversNIS1207020.003SYMEFA.SYS [2011-03-15 744568]
    R1 aswRdr;aswRdr; ??C:Windowssystem32driversaswRdr2.sys [2013-11-01 79720]
    R1 aswSnx;aswSnx; ??C:Windowssystem32driversaswSnx.sys [2013-11-01 774392]
    R1 aswTdi;aswTdi; ??C:Windowssystem32driversaswTdi.sys [2013-11-01 57672]
    R1 eeCtrl;Symantec Eraser Control driver; ??C:Program FilesCommon FilesSymantec SharedEENGINEeeCtrl.sys [2011-11-11 374392]
    R1 IDSVix86;IDSVix86; ??C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_18.5.0.125DefinitionsIPSDefs20111222.001IDSvix86.sys [2011-10-21 368248]
    R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:Windowssystem32driversNIS1207020.003SRTSPX.SYS [2011-03-31 50168]
    R1 SymIRON;Symantec Iron Driver; C:Windowssystem32driversNIS1207020.003Ironx86.SYS [2011-01-27 136312]
    R1 SymNetS;Symantec Network Security WFP Driver; C:WindowsSystem32DriversNIS1207020.003SYMNETS.SYS [2011-04-21 299640]
    R1 vwififlt;Virtual WiFi Filter Driver; C:Windowssystem32DRIVERSvwififlt.sys [2009-07-14 48128]
    R2 aswFsBlk;aswFsBlk; ??C:Windowssystem32driversaswFsBlk.sys [2013-11-01 35656]
    R2 aswMonFlt;aswMonFlt; ??C:Windowssystem32driversaswMonFlt.sys [2013-11-01 70384]
    R3 Accelerometer;HP Mobile Data Protection Sensor; C:Windowssystem32DRIVERSAccelerometer.sys [2011-05-27 35896]
    R3 amdiox86;AMD IO Driver; C:Windowssystem32DRIVERSamdiox86.sys [2010-02-18 37944]
    R3 amdkmdag;amdkmdag; C:Windowssystem32DRIVERSatikmdag.sys [2010-11-10 6574080]
    R3 amdkmdap;amdkmdap; C:Windowssystem32DRIVERSatikmpag.sys [2010-11-10 229888]
    R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:Windowssystem32driversAtihdW73.sys [2010-09-24 102416]
    R3 clwvd;CyberLink WebCam Virtual Driver; C:Windowssystem32DRIVERSclwvd.sys [2010-07-28 27632]
    R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:Windowssystem32DRIVERSnetr28.sys [2011-07-19 1295360]
    R3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32); C:Windowssystem32DRIVERSOXSDIDRV_x32.sys [2009-09-28 52656]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:WindowsSystem32DriversRtsUStor.sys [2010-12-02 197224]
    R3 RTL8167;Realtek 8167 NT Driver; C:Windowssystem32DRIVERSRt86win7.sys [2010-09-21 279656]
    R3 Sftfs;Sftfs; C:Windowssystem32DRIVERSSftfslh.sys [2013-06-26 583848]
    R3 Sftplay;Sftplay; C:Windowssystem32DRIVERSSftplaylh.sys [2013-06-26 197800]
    R3 Sftredir;Sftredir; C:Windowssystem32DRIVERSSftredirlh.sys [2013-06-26 24232]
    R3 Sftvol;Sftvol; C:Windowssystem32DRIVERSSftvollh.sys [2013-06-26 20136]
    R3 STHDA;@%SystemRoot%system32stlang.dll,-10305; C:Windowssystem32DRIVERSstwrt.sys [2010-12-17 435200]
    R3 SymEvent;SymEvent; ??C:Windowssystem32DriversSYMEVENT.SYS [2011-10-24 126584]
    R3 SynTP;Synaptics TouchPad Driver; C:Windowssystem32DRIVERSSynTP.sys [2010-12-23 1321904]
    R3 usbfilter;AMD USB Filter Driver; C:Windowssystem32DRIVERSusbfilter.sys [2010-04-29 30464]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:Windowssystem32DRIVERSvwifimp.sys [2009-07-14 14336]
    S0 aswRvrt;avast! Revert; C:Windowssystem32driversaswRvrt.sys [2013-11-01 49944]
    S1 aswSP;aswSP; ??C:Windowssystem32driversaswSP.sys [2013-11-01 403440]
    S1 BHDrvx86;BHDrvx86; ??C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_18.5.0.125DefinitionsBASHDefs20111221.003BHDrvx86.sys [2011-11-14 819320]
    S2 Parvdm;Parvdm; C:Windowssystem32driversparvdm.sys [2009-07-14 8704]
    S3 aic78xx;aic78xx; C:Windowssystem32driversdjsvs.sys [2009-07-14 70720]
    S3 amdagp;AMD AGP Bus Filter Driver; C:Windowssystem32driversamdagp.sys [2009-07-14 53312]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet – NDIS 6.0; C:Windowssystem32DRIVERSb57nd60x.sys [2009-07-13 229888]
    S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:Windowssystem32DRIVERSbcmwl6.sys [2009-07-13 1131008]
    S3 BthEnum;Bluetooth Request Block Driver; C:Windowssystem32driversBthEnum.sys [2009-07-14 34816]
    S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:Windowssystem32DRIVERSbthpan.sys [2009-07-14 93696]
    S3 BTHPORT;Bluetooth Port Driver; C:WindowsSystem32DriversBTHport.sys [2012-07-06 393728]
    S3 BTHUSB;Bluetooth Radio USB Driver; C:WindowsSystem32DriversBTHUSB.sys [2011-04-28 60416]
    S3 btmaudio;Motorola Bluetooth Audio Service; C:Windowssystem32driversbtmaud.sys [2010-10-14 33280]
    S3 BTMCOM;Bluetooth Serial Port; C:WindowsSystem32Driversbtmcom.sys [2010-06-30 41344]
    S3 BTMUSB;Motorola Bluetooth Radio Service; C:WindowsSystem32Driversbtmusb.sys [2011-02-08 403968]
    S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:Windowssystem32DRIVERSGEARAspiWDM.sys [2009-05-18 26600]
    S3 NAVENG;NAVENG; ??C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_18.5.0.125DefinitionsVirusDefs20111222.032NAVENG.SYS [2011-12-05 86136]
    S3 NAVEX15;NAVEX15; ??C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_18.5.0.125DefinitionsVirusDefs20111222.032NAVEX15.SYS [2011-12-05 1576312]
    S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:Windowssystem32DRIVERSnvm62x32.sys [2009-07-13 347264]
    S3 pciide;pciide; C:Windowssystem32driverspciide.sys [2009-07-14 12368]
    S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:Windowssystem32DRIVERSrfcomm.sys [2009-07-14 129536]
    S3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys [2010-11-20 84992]
    S3 sisagp;SIS AGP Bus Filter; C:Windowssystem32driverssisagp.sys [2009-07-14 52304]
    S3 SRTSP;Symantec Real Time Storage Protection; C:WindowsSystem32DriversNIS1207020.003SRTSP.SYS [2011-03-31 516216]
    S3 SrvHsfHDA;SrvHsfHDA; C:Windowssystem32DRIVERSVSTAZL3.SYS [2009-07-13 207360]
    S3 SrvHsfV92;SrvHsfV92; C:Windowssystem32DRIVERSVSTDPV3.SYS [2009-07-13 980992]
    S3 SrvHsfWinac;SrvHsfWinac; C:Windowssystem32DRIVERSVSTCNXT3.SYS [2009-07-13 661504]
    S3 TsUsbFlt;@%SystemRoot%system32driverstsusbflt.sys,-1; C:WindowsSystem32driverstsusbflt.sys [2010-11-20 52224]
    S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:Windowssystem32driversTsUsbGD.sys [2010-11-20 27264]
    S3 USBAAPL;Apple Mobile USB Driver; C:WindowsSystem32Driversusbaapl.sys [2012-02-15 43520]
    S3 viaagp;VIA AGP Bus Filter; C:Windowssystem32driversviaagp.sys [2009-07-14 53328]
    S3 ViaC7;Stuurprogramma voor VIA C7-processor; C:Windowssystem32driversviac7.sys [2009-07-14 52736]
    S3 WinUsb;WinUsb; C:Windowssystem32DRIVERSWinUsb.sys [2010-11-20 35968]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [2012-05-24 55184]
    R2 avast! Antivirus;avast! Antivirus; C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2013-11-01 50344]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:Program FilesMotorolaBluetoothobexsrv.exe [2011-02-15 509520]
    R2 GenieTimelineService;Genie Timeline Service; C:Program FilesGenie-SoftGenie TimelineGenieTimelineService.exe [2011-02-02 362624]
    R2 NIS;Norton Internet Security; C:Program FilesNorton Internet SecurityEngine18.7.2.3ccSvcHst.exe [2011-04-17 130008]
    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE [2010-09-21 1710464]
    R3 Bluetooth Device Manager;Bluetooth Device Manager; C:Program FilesMotorolaBluetoothdevmgrsrv.exe [2011-02-08 3512400]
    R3 Bluetooth Media Service;Bluetooth Media Service; C:Program FilesMotorolaBluetoothaudiosrv.exe [2011-02-28 902224]
    R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [2011-06-25 647680]
    R3 hpCMSrv;HP Connection Manager 4.0 Service; C:Program FilesHewlett-PackardHP Connection ManagerhpCMSrv.exe [2011-02-15 1071160]
    R3 hpqwmiex;HP Software Framework Service; C:Program FilesHewlett-PackardSharedhpqWmiEx.exe [2011-03-28 799800]
    R3 iPod Service;Service de l’iPod; C:Program FilesiPodbiniPodService.exe [2012-06-07 821648]
    S2 AdobeARMservice;Adobe Acrobat Update Service; C:Program FilesCommon FilesAdobeARM1.0armsvc.exe [2013-05-10 65640]
    S2 AESTFilters;Andrea ST Filters Service; C:Program FilesIDTWDMaestsrv.exe [2009-03-03 81920]
    S2 AMD External Events Utility;AMD External Events Utility; C:Windowssystem32atiesrxx.exe [2010-11-10 176128]
    S2 AMD FUEL Service;AMD FUEL Service; C:Program FilesATI TechnologiesATI.ACEFuelFuel.Service.exe [2010-11-10 284160]
    S2 AMD Reservation Manager;AMD Reservation Manager; C:Program FilesATI TechnologiesATI.ACEReservation ManagerAMD Reservation Manager.exe [2010-06-17 140224]
    S2 Bonjour Service;Service Bonjour; C:Program FilesBonjourmDNSResponder.exe [2011-08-30 390504]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-03-18 130384]
    S2 cvhsvc;Client Virtualization Handler; C:Program FilesCommon FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE [2013-04-22 822504]
    S2 ezSharedSvc;Easybits Services for Windows; C:WindowsSystem32ezSharedSvcHost.exe [2010-04-23 514232]
    S2 HP Support Assistant Service;HP Support Assistant Service; C:Program FilesHewlett-PackardHP Support Frameworkhpsa_service.exe []
    S2 HPClientSvc;HP Client Services; C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe [2010-10-11 246840]
    S2 hpsrv;HP Service; C:Windowssystem32Hpservice.exe [2011-05-27 26168]
    S2 HPWMISVC;HPWMISVC; C:Program FilesHewlett-PackardHP Quick LaunchHPWMISVC.exe [2010-11-09 26680]
    S2 LaCieDesktopManagerService;LaCieDesktopManagerService; C:Program FilesLaCieDesktop Managerlacie_dm_service.exe [2011-07-29 822272]
    S2 sftlist;Application Virtualization Client; C:Program FilesMicrosoft Application Virtualization Clientsftlist.exe [2013-06-26 523944]
    S2 SkypeUpdate;Skype Updater; C:Program FilesSkypeUpdaterUpdater.exe [2012-07-13 160944]
    S2 STacSV;@%SystemRoot%system32stlang.dll,-10101; C:Program FilesIDTWDMSTacSV.exe [2010-12-17 262226]
    S3 GamesAppService;GamesAppService; C:Program FilesWildTangent GamesAppGamesAppService.exe [2010-10-12 206072]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program FilesMicrosoft OfficeOffice12GrooveAuditService.exe [2009-02-26 64856]
    S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesCommon FilesMicrosoft SharedOFFICE12ODSERV.EXE [2011-07-20 440696]
    S3 ose;Office Source Engine; C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE [2010-01-09 149352]
    S3 osppsvc;Office Software Protection Platform; C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [2010-01-09 4640000]
    S3 sftvsa;Application Virtualization Service Agent; C:Program FilesMicrosoft Application Virtualization Clientsftvsa.exe [2013-06-26 207528]
    S3 WatAdminSvc;@%SystemRoot%system32WatWatUX.exe,-601; C:Windowssystem32WatWatAdminSvc.exe [2011-10-28 1343400]
    S4 wlcrasvc;Windows Live Mesh remote connections service; C:Program FilesWindows LiveMeshwlcrasvc.exe [2010-09-22 51040]


    EOF


    [/spoiler:3c49hdra]

  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    [spoiler:2fagm2p9]info.txt logfile of random's system information tool 1.09 2013-11-01 14:02:19

    ======Uninstall list======

    –>”C:Program FilesHP GamesGame Explorer Categories – genresUninstall.exe”
    –>”C:Program FilesHP GamesGame Explorer Categories – mainUninstall.exe”
    –>”C:Program FilesHP GamesWeb Link – Club PenguinUninstall.exe”
    –>”C:Program FilesHP GamesWeb Link – Crush the Castle 2Uninstall.exe”
    –>”C:Program FilesHP GamesWeb Link – Dark OrbitUninstall.exe”
    –>”C:Program FilesHP GamesWeb Link – Free RealmsUninstall.exe”
    –>”C:Program FilesHP GamesWeb Link – SeafightUninstall.exe”
    –>”C:Program FilesHP GamesWeb Link – ShaiyaUninstall.exe”
    –>”C:Program FilesHP GamesWeb Link – World of WarcraftUninstall.exe”
    –>”C:Program FilesMotorolaBluetoothunins000.exe”
    –>”C:Program FilesMotorolaBluetoothunins000.exe”
    –>”C:Program FilesMotorolaBluetoothunins000.exe”
    –>”C:Program FilesMotorolaBluetoothunins000.exe”
    Adobe Flash Player 10 ActiveX–>C:Windowssystem32MacromedFlashFlashUtil10n_ActiveX.exe -maintain activex
    Adobe Reader X (10.1.8) – Français–>MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AA1000000001}
    Adobe Shockwave Player 11.6–>”C:Windowssystem32AdobeShockwave 11uninstaller.exe”
    Agatha Christie – Peril at End House–>”C:Program FilesHP GamesAgatha Christie – Peril at End HouseUninstall.exe”
    Apple Application Support–>MsiExec.exe /I{122ADF8C-DDA1-480C-9936-C88F2825B265}
    Apple Mobile Device Support–>MsiExec.exe /I{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}
    Apple Software Update–>MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
    ATI Catalyst Install Manager–>msiexec /q/x{26DC39B4-88B0-52AE-7FD7-9B50011F2DED} REBOOT=ReallySuppress
    Audacity 2.0.3–>”C:Program FilesAudacityunins000.exe”
    avast! Free Antivirus–>C:Program FilesAVAST SoftwareAvastSetupInstup.exe /control_panel
    Bejeweled 2 Deluxe–>”C:Program FilesHP GamesBejeweled 2 DeluxeUninstall.exe”
    Big Rig Europe–>”C:Program FilesHP GamesBig Rig EuropeUninstall.exe”
    Blasterball 3–>”C:Program FilesHP GamesBlasterball 3Uninstall.exe”
    Bonjour–>MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}
    Bounce Symphony–>”C:Program FilesHP GamesBounce SymphonyUninstall.exe”
    Cake Mania–>”C:Program FilesHP GamesCake ManiaUninstall.exe”
    Catalyst Control Center – Branding–>MsiExec.exe /I{52DE3AF0-1C26-4258-9A04-9AEBF3E145F7}
    Chuzzle Deluxe–>”C:Program FilesHP GamesChuzzle DeluxeUninstall.exe”
    Contrôle ActiveX Windows Live Mesh pour connexions à distance–>MsiExec.exe /I{55D003F4-9599-44BF-BA9E-95D060730DD3}
    Crazy Chicken Kart 2–>”C:Program FilesHP GamesCrazy Chicken Kart 2Uninstall.exe”
    CyberLink YouCam–>”C:Program FilesInstallShield Installation Information{01FB4998-33C4-4431-85ED-079E3EEFE75D}setup.exe” /z-uninstall
    CyberLink YouCam–>”C:Program FilesInstallShield Installation Information{01FB4998-33C4-4431-85ED-079E3EEFE75D}setup.exe” /z-uninstall
    D3DX10–>MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
    Diner Dash 2 Restaurant Rescue–>”C:Program FilesHP GamesDiner Dash 2 Restaurant RescueUninstall.exe”
    Energy Star Digital Logo–>MsiExec.exe /I{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
    ESU for Microsoft Windows 7–>MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
    Evernote v. 4.2.2–>MsiExec.exe /X{F761359C-9CED-45AE-9A51-9D6605CD55C4}
    Facebook Video Calling 1.2.0.287–>MsiExec.exe /X{B92C5909-1D37-4C51-8397-A28BB28E5DC3}
    Farm Frenzy–>”C:Program FilesHP GamesFarm FrenzyUninstall.exe”
    FATE–>”C:Program FilesHP GamesFATEUninstall.exe”
    Fishdom–>”C:Program FilesHP GamesFishdomUninstall.exe”
    Galerie de photos Windows Live–>MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}
    HP 3D DriveGuard–>MsiExec.exe /X{5601F151-A69F-4E30-8C60-37928124CD07}
    HP Auto–>MsiExec.exe /I{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
    HP Client Services–>MsiExec.exe /I{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
    HP Connection Manager–>MsiExec.exe /X{795AADBF-58C2-42D0-B779-E730702A247E}
    HP Customer Experience Enhancements–>MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
    HP Documentation–>MsiExec.exe /X{4A814238-6D3B-45F8-ACA6-B90AC6ED4EA7}
    HP Games–>”C:Program FilesHP GamesUninstall.exe”
    HP On Screen Display–>MsiExec.exe /I{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}
    HP Power Manager–>MsiExec.exe /I{B97E3520-C726-475E-BC0C-7561952633AB}
    HP Quick Launch–>MsiExec.exe /I{EB58480C-0721-483C-B354-9D35A147999F}
    HP QuickWeb–>MsiExec.exe /X{20976B1F-E910-404D-9261-C16EE7E12DC8}
    HP Setup Manager–>MsiExec.exe /I{AE856388-AFAD-4753-81DF-D96B19D0A17C}
    HP Setup–>RunDll32 C:PROGRA~1COMMON~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup “C:Program FilesInstallShield Installation Information{210A03F5-B2ED-4947-B27E-516F50CBB292}setup.exe” -l0x9 -removeonly
    HP Software Framework–>MsiExec.exe /X{64D467CB-8FF3-44C4-AD50-759D742ACD73}
    IDT Audio–>”C:Program FilesInstallShield Installation Information{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}setup.exe” -remove -removeonly
    iTunes–>MsiExec.exe /I{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}
    Java 7 Update 21–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217017FF}
    Jewel Quest Solitaire–>”C:Program FilesHP GamesJewel Quest SolitaireUninstall.exe”
    Junk Mail filter update–>MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
    LaCie Desktop Manager 1.4.1.84–>”C:Program FilesLaCieDesktop Managerunins000.exe”
    LaCie Genie Timeline 2.1–>C:Program FilesGenie-SoftGenie Timelineuninstall.exe
    Last.fm Scrobbler 2.1.30–>”C:Program FilesLast.fmUninsHs.exe” /u0=LastFM
    Le Sphinx–>C:SphinxMELicenceUNWISE.EXE C:SphinxMELicenceinstall.log
    Magic Desktop–>C:Windowssystem32ezMDUninstall.exe
    Mah Jong Medley–>”C:Program FilesHP GamesMah Jong MedleyUninstall.exe”
    Mesh Runtime–>MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
    Microsoft .NET Framework 4 Client Profile–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientSetup.exe /repair /x86 /parameterfolder Client
    Microsoft .NET Framework 4 Client Profile–>MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
    Microsoft Office Access MUI (English) 2007–>MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2007–>MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Click-to-Run 2010–>”C:PROGRA~1COMMON~1MICROS~1VIRTUA~1CVHBS.EXE” /removeall
    Microsoft Office Click-to-Run 2010–>MsiExec.exe /I{90140000-006D-0409-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007–>”C:Program FilesCommon FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe” /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007–>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007–>MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office File Validation Add-In–>MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
    Microsoft Office Groove MUI (English) 2007–>MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
    Microsoft Office Groove Setup Metadata MUI (English) 2007–>MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (English) 2007–>MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (English) 2007–>MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2007–>MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007–>MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007–>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007–>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007–>MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007–>MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}
    Microsoft Office Publisher MUI (English) 2007–>MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007–>MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007–>MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Starter 2010 – English–>C:Program FilesCommon Filesmicrosoft sharedvirtualization handlercvhbs.exe /uninstall {90140011-0066-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2007–>MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft PowerPoint Viewer–>MsiExec.exe /X{95140000-00AF-0409-0000-0000000FF1CE}
    Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
    Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148–>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161–>MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
    Microsoft Visual C++ 2010 x86 Redistributable – 10.0.30319–>MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
    MSVCRT–>MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    Music NFO Builder version 1.21a–>”C:Program FilesMusic NFO Builderunins000.exe”
    Mystery P.I. – The London Caper–>”C:Program FilesHP GamesMystery P.I. – The London CaperUninstall.exe”
    Namco All-Stars PAC-MAN–>”C:Program FilesHP GamesNamco All-Stars PAC-MANUninstall.exe”
    Norton Internet Security–>C:Program FilesNortonInstaller{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NISA5E82D0218.7.2.3InstStub.exe /X /ARP
    Norton Internet Security–>MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
    Penguins!–>”C:Program FilesHP GamesPenguins!Uninstall.exe”
    Plants vs. Zombies – Game of the Year–>”C:Program FilesHP GamesPlants vs. Zombies – Game of the YearUninstall.exe”
    Polar Bowler–>”C:Program FilesHP GamesPolar BowlerUninstall.exe”
    Ralink Motorola BC8 Bluetooth 3.0+HS Adapter–>”C:Program FilesMotorolaBluetoothunins000.exe”
    Ralink RT5390 802.11b/g/n WiFi Adapter–>C:Program FilesInstallShield Installation Information{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}setup.exe -runfromtemp -l0x0013 -removeonly
    Realtek Ethernet Controller Driver–>C:Program FilesInstallShield Installation Information{8833FFB6-5B0C-4764-81AA-06DFEED9A476}setup.exe -runfromtemp -removeonly
    Realtek USB 2.0 Card Reader–>”C:Program FilesInstallShield Installation Information{96AE7E41-E34E-47D0-AC07-1091A8127911}setup.exe” -runfromtemp -removeonly
    Recovery Manager–>MsiExec.exe /I{DBCD5E64-7379-4648-9444-8A6558DCB614}
    RemoteComms driver–>MsiExec.exe /I{43BEEE26-01A8-4EEE-8632-2353261E3B55}
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {CD6D9B8A-BBC4-3FA7-B24D-D74CE90630CF} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {ECBEE23D-AB7E-3DAA-B66B-CD52003198F1} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {B7C20E16-9A3A-3F05-A6B5-E15AA09200E0} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {CF581973-77E0-3093-A1AC-A03130DE990F} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {576C07F8-777C-3981-B8BF-063A6B57254E} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {90EA7C4E-7F03-31FD-BE27-B1A9B4AE56BD} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {1E88AFAE-CEF7-3540-8FF6-6D00877B2767} /parameterfolder Client
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
    Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
    Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
    Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E949D8B9-24FD-4AB7-B427-FC42AA8BB2D9}
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
    Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5}
    Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B308C21C-A3EC-4DC8-8F78-0AA0E9C1ACBE}
    Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDF9EAC9-3BB0-4F7F-9968-86DE581051D6}
    Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5CB8B4D5-8202-4C5C-85CB-705BAEDE3B08}
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
    Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A0E1177-574A-4F26-AD24-B003699C35FA}
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
    Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {9D689455-5858-4AE4-A3CA-6E4149FE3F70}
    Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition –>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B7B13E7-52F2-44C8-84BC-5B9C563AA572}
    Skype Click to Call–>MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
    Skype™ 5.10–>MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
    Slingo Deluxe–>”C:Program FilesHP GamesSlingo DeluxeUninstall.exe”
    swMSM–>MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
    Synaptics Pointing Device Driver–>rundll32.exe “%ProgramFiles%SynapticsSynTPSynISDLL.dll”,standAloneUninstall
    Update for 2007 Microsoft Office System (KB967642)–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939)–>C:WindowsMicrosoft.NETFrameworkv4.0.30319SetupCacheClientsetup.exe /uninstallpatch {0160BA31-409C-3FD0-9C87-C7D95BF46986} /parameterfolder Client
    Update for Microsoft Office 2007 Help for Common Features (KB963673)–>msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C}
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C}
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
    Update for Microsoft Office Access 2007 Help (KB963663)–>msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
    Update for Microsoft Office Excel 2007 Help (KB963678)–>msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
    Update for Microsoft Office Infopath 2007 Help (KB963662)–>msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
    Update for Microsoft Office OneNote 2007 Help (KB963670)–>msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition–>msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {ED38F8A3-4F61-494E-8BCA-E3AC7760C924}
    Update for Microsoft Office Outlook 2007 Help (KB963677)–>msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition–>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {11C9B057-27FF-4BC1-82F6-DC4B15E70A2E}
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)–>msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
    Update for Microsoft Office Publisher 2007 Help (KB963667)–>msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
    Update for Microsoft Office Script Editor Help (KB963671)–>msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
    Update for Microsoft Office Word 2007 Help (KB963665)–>msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
    Update Installer for WildTangent Games App–>”C:Program FilesWildTangent GamesAppUninstall.exe”
    UsbFix By El Desaparecido–>C:UsbFixUn-UsbFix.exe
    uTorrentBar_FR Toolbar–>C:Program FilesuTorrentBar_FRuninstall.exe toolbar
    Virtual Villagers – The Secret City–>”C:Program FilesHP GamesVirtual Villagers – The Secret CityUninstall.exe”
    VLC media player 2.0.1–>C:Program FilesVideoLANVLCuninstall.exe
    Wedding Dash–>”C:Program FilesHP GamesWedding DashUninstall.exe”
    WildTangent Games App (HP Games)–>”C:Program FilesWildTangent GamesTouchpointshpUninstall.exe”
    Windows Live Communications Platform–>MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
    Windows Live Essentials–>C:Program FilesWindows LiveInstallerwlarp.exe
    Windows Live Essentials–>MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
    Windows Live Essentials–>MsiExec.exe /I{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}
    Windows Live Essentials–>MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
    Windows Live Fotogalerie–>MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6}
    Windows Live ID Sign-in Assistant–>MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}
    Windows Live Installer–>MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
    Windows Live Mail–>MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
    Windows Live Mail–>MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
    Windows Live Mail–>MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16}
    Windows Live Mail–>MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
    Windows Live Mail–>MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
    Windows Live Mesh – ActiveX-besturingselement voor externe verbindingen–>MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F}
    Windows Live Mesh ActiveX Control for Remote Connections–>MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
    Windows Live Mesh ActiveX control for remote connections–>MsiExec.exe /I{C5398A89-516C-4DAF-BA07-EE7949090E56}
    Windows Live Mesh–>MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
    Windows Live Mesh–>MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
    Windows Live Mesh–>MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
    Windows Live Mesh–>MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}
    Windows Live Mesh–>MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
    Windows Live Messenger–>MsiExec.exe /X{6057E21C-ABE9-4059-AE3E-3BEB9925E660}
    Windows Live Messenger–>MsiExec.exe /X{6A563426-3474-41C6-B847-42B39F1485B2}
    Windows Live Messenger–>MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
    Windows Live Messenger–>MsiExec.exe /X{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}
    Windows Live Messenger–>MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
    Windows Live MIME IFilter–>MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
    Windows Live Movie Maker–>MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
    Windows Live Movie Maker–>MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
    Windows Live Movie Maker–>MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
    Windows Live Movie Maker–>MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
    Windows Live Movie Maker–>MsiExec.exe /X{E4E88B54-4777-4659-967A-2EED1E6AFD83}
    Windows Live Photo Common–>MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
    Windows Live Photo Common–>MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
    Windows Live Photo Common–>MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}
    Windows Live Photo Common–>MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70}
    Windows Live Photo Common–>MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
    Windows Live Photo Gallery–>MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
    Windows Live Photo Gallery–>MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
    Windows Live Photo Gallery–>MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
    Windows Live PIMT Platform–>MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
    Windows Live Remote Client Resources–>MsiExec.exe /I{02602409-9189-4567-BC07-562605243B69}
    Windows Live Remote Client Resources–>MsiExec.exe /I{464B3406-A4D0-4914-910F-7CA4380DCC13}
    Windows Live Remote Client Resources–>MsiExec.exe /I{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
    Windows Live Remote Client Resources–>MsiExec.exe /I{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}
    Windows Live Remote Client–>MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
    Windows Live Remote Service Resources–>MsiExec.exe /I{17504ED4-DB08-40A8-81C2-27D8C01581DA}
    Windows Live Remote Service Resources–>MsiExec.exe /I{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}
    Windows Live Remote Service Resources–>MsiExec.exe /I{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}
    Windows Live Remote Service Resources–>MsiExec.exe /I{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
    Windows Live Remote Service–>MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
    Windows Live SOXE Definitions–>MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
    Windows Live SOXE–>MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
    Windows Live UX Platform Language Pack–>MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF}
    Windows Live UX Platform Language Pack–>MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3}
    Windows Live UX Platform Language Pack–>MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
    Windows Live UX Platform Language Pack–>MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
    Windows Live UX Platform–>MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
    Windows Live Writer Resources–>MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
    Windows Live Writer Resources–>MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}
    Windows Live Writer Resources–>MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194}
    Windows Live Writer Resources–>MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
    Windows Live Writer–>MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F}
    Windows Live Writer–>MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
    Windows Live Writer–>MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44}
    Windows Live Writer–>MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
    Windows Live Writer–>MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
    Windows Live Writer–>MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
    Windows Live–>MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
    WinRAR 4.01 (32-bit)–>C:Program FilesWinRARuninstall.exe
    WMV9/VC-1 Video Playback–>MsiExec.exe /X{301AFE5D-74CB-DD97-CA3E-8CFA4B30D2F7}
    Zuma Deluxe–>”C:Program FilesHP GamesZuma DeluxeUninstall.exe”

    ======System event log======

    Computer Name: Audrey-HP
    Event Code: 10009
    Message: DCOM was unable to communicate with the computer localilililili using any of the configured protocols.
    Record Number: 498351
    Source Name: Microsoft-Windows-DistributedCOM
    Time Written: 20131019102409.000000-000
    Event Type: Error
    User:

    Computer Name: Audrey-HP
    Event Code: 10009
    Message: DCOM was unable to communicate with the computer localBenjamin using any of the configured protocols.
    Record Number: 498350
    Source Name: Microsoft-Windows-DistributedCOM
    Time Written: 20131019102408.000000-000
    Event Type: Error
    User:

    Computer Name: Audrey-HP
    Event Code: 10009
    Message: DCOM was unable to communicate with the computer localilililili using any of the configured protocols.
    Record Number: 498349
    Source Name: Microsoft-Windows-DistributedCOM
    Time Written: 20131019102407.000000-000
    Event Type: Error
    User:

    Computer Name: Audrey-HP
    Event Code: 10009
    Message: DCOM was unable to communicate with the computer localilililili using any of the configured protocols.
    Record Number: 498348
    Source Name: Microsoft-Windows-DistributedCOM
    Time Written: 20131019102403.000000-000
    Event Type: Error
    User:

    Computer Name: Audrey-HP
    Event Code: 10009
    Message: DCOM was unable to communicate with the computer localilililili using any of the configured protocols.
    Record Number: 498347
    Source Name: Microsoft-Windows-DistributedCOM
    Time Written: 20131019102357.000000-000
    Event Type: Error
    User:

    =====Application event log=====

    Computer Name: Audrey-HP
    Event Code: 100
    Message: Task Scheduling Error: m->NextScheduledEvent 21623860
    Record Number: 39887
    Source Name: Bonjour Service
    Time Written: 20121119231458.000000-000
    Event Type: Error
    User:

    Computer Name: Audrey-HP
    Event Code: 100
    Message: Task Scheduling Error: Continuously busy for more than a second
    Record Number: 39886
    Source Name: Bonjour Service
    Time Written: 20121119231458.000000-000
    Event Type: Error
    User:

    Computer Name: Audrey-HP
    Event Code: 100
    Message: Task Scheduling Error: m->NextScheduledSPRetry 21622861
    Record Number: 39885
    Source Name: Bonjour Service
    Time Written: 20121119231457.000000-000
    Event Type: Error
    User:

    Computer Name: Audrey-HP
    Event Code: 100
    Message: Task Scheduling Error: m->NextScheduledEvent 21622861
    Record Number: 39884
    Source Name: Bonjour Service
    Time Written: 20121119231457.000000-000
    Event Type: Error
    User:

    Computer Name: Audrey-HP
    Event Code: 100
    Message: Task Scheduling Error: Continuously busy for more than a second
    Record Number: 39883
    Source Name: Bonjour Service
    Time Written: 20121119231457.000000-000
    Event Type: Error
    User:

    =====Security event log=====

    Computer Name: Audrey-HP
    Event Code: 5061
    Message: Cryptographic operation.

    Subject:
    Security ID: S-1-5-19
    Account Name: LOCAL SERVICE
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e5

    Cryptographic Parameters:
    Provider Name: Microsoft Software Key Storage Provider
    Algorithm Name: RSA
    Key Name: bb453961-58f5-4e6c-8102-be12cfa7b5ac
    Key Type: Machine key.

    Cryptographic Operation:
    Operation: Open Key.
    Return Code: 0x0
    Record Number: 26634
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20121124151729.779816-000
    Event Type: Audit Success
    User:

    Computer Name: Audrey-HP
    Event Code: 5058
    Message: Key file operation.

    Subject:
    Security ID: S-1-5-19
    Account Name: LOCAL SERVICE
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e5

    Cryptographic Parameters:
    Provider Name: Microsoft Software Key Storage Provider
    Algorithm Name: Not Available.
    Key Name: bb453961-58f5-4e6c-8102-be12cfa7b5ac
    Key Type: Machine key.

    Key File Operation Information:
    File Path: C:ProgramDataMicrosoftCryptoRSAMachineKeys75e29bcffb8d8c7c68e6a610e2b8035e_98707322-dc57-4bf1-a2c4-3c90ea0754e1
    Operation: Read persisted key from file.
    Return Code: 0x0
    Record Number: 26633
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20121124151729.778816-000
    Event Type: Audit Success
    User:

    Computer Name: Audrey-HP
    Event Code: 5061
    Message: Cryptographic operation.

    Subject:
    Security ID: S-1-5-18
    Account Name: AUDREY-HP$
    Account Domain: WORKGROUP
    Logon ID: 0x3e7

    Cryptographic Parameters:
    Provider Name: Microsoft Software Key Storage Provider
    Algorithm Name: RSA
    Key Name: {1456547E-C2AC-48FA-B0D3-001E19C4C30C}
    Key Type: Machine key.

    Cryptographic Operation:
    Operation: Open Key.
    Return Code: 0x0
    Record Number: 26632
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20121124151724.418510-000
    Event Type: Audit Success
    User:

    Computer Name: Audrey-HP
    Event Code: 5058
    Message: Key file operation.

    Subject:
    Security ID: S-1-5-18
    Account Name: AUDREY-HP$
    Account Domain: WORKGROUP
    Logon ID: 0x3e7

    Cryptographic Parameters:
    Provider Name: Microsoft Software Key Storage Provider
    Algorithm Name: Not Available.
    Key Name: {1456547E-C2AC-48FA-B0D3-001E19C4C30C}
    Key Type: Machine key.

    Key File Operation Information:
    File Path: C:ProgramDataMicrosoftCryptoKeysde06bae8ef7cd92c07bbada7bca424bd_98707322-dc57-4bf1-a2c4-3c90ea0754e1
    Operation: Read persisted key from file.
    Return Code: 0x0
    Record Number: 26631
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20121124151724.417510-000
    Event Type: Audit Success
    User:

    Computer Name: Audrey-HP
    Event Code: 5061
    Message: Cryptographic operation.

    Subject:
    Security ID: S-1-5-19
    Account Name: LOCAL SERVICE
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e5

    Cryptographic Parameters:
    Provider Name: Microsoft Software Key Storage Provider
    Algorithm Name: RSA
    Key Name: bb453961-58f5-4e6c-8102-be12cfa7b5ac
    Key Type: Machine key.

    Cryptographic Operation:
    Operation: Open Key.
    Return Code: 0x0
    Record Number: 26630
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20121124151723.450454-000
    Event Type: Audit Success
    User:

    ======Environment variables======

    “ComSpec”=%SystemRoot%system32cmd.exe
    “FP_NO_HOST_CHECK”=NO
    “OS”=Windows_NT
    “Path”=C:Program FilesCommon FilesMicrosoft SharedWindows Live;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;C:Program FilesWindows LiveShared;C:Program FilesATI TechnologiesATI.ACECore-Static
    “PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    “PROCESSOR_ARCHITECTURE”=x86
    “TEMP”=%SystemRoot%TEMP
    “TMP”=%SystemRoot%TEMP
    “USERNAME”=SYSTEM
    “windir”=%SystemRoot%
    “PSModulePath”=%SystemRoot%system32WindowsPowerShellv1.0Modules
    “NUMBER_OF_PROCESSORS”=2
    “PROCESSOR_LEVEL”=20
    “PROCESSOR_IDENTIFIER”=x86 Family 20 Model 1 Stepping 0, AuthenticAMD
    “PROCESSOR_REVISION”=0100
    “windows_tracing_logfile”=C:BVTBinTestsinstallpackagecsilogfile.log
    “windows_tracing_flags”=3
    “OnlineServices”=Online Services
    “Platform”=MCD
    “PCBRAND”=Pavilion
    “asl.log”=Destination=file


    EOF


    [/spoiler:2fagm2p9]
    [spoiler:2fagm2p9]# AdwCleaner v3.010 – Report created 02/11/2013 at 15:46:08
    # Updated 20/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
    # Username : Audrey – AUDREY-HP
    # Running from : C:UsersAudreyDesktopadwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    ***** [ Files / Folders ] *****

    Folder Deleted : C:ProgramDataBabylon
    Folder Deleted : C:ProgramDataTarma Installer
    Folder Deleted : C:Program FilesConduit
    Folder Deleted : C:Program FilesuTorrentBar_FR
    Folder Deleted : C:UsersAudreychat-land
    Folder Deleted : C:UsersAudreyQtrax
    Folder Deleted : C:UsersAudreyAppDataLocalConduit
    Folder Deleted : C:UsersAudreyAppDataLocalLowConduit
    Folder Deleted : C:UsersAudreyAppDataLocalLowPriceGong
    Folder Deleted : C:UsersAudreyAppDataLocalLowuTorrentBar_FR
    Folder Deleted : C:UsersAudreyAppDataRoamingBabylon
    Folder Deleted : C:UsersAudreyAppDataRoamingDSite
    File Deleted : C:WindowsSystem32TasksDSite

    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****

    Key Deleted : HKLMSOFTWAREGoogleChromeExtensionspaoponfhfdfnjgddpnpjkambkcgdaaib
    [#] Key Deleted : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeDSite
    [#] Key Deleted : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{6C67E02F-AEF5-4FCC-9213-9CFB07BAA8C9}
    [#] Key Deleted : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCachePlain{6C67E02F-AEF5-4FCC-9213-9CFB07BAA8C9}
    Key Deleted : HKLMSOFTWAREClassesAppID{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    Key Deleted : HKLMSOFTWAREClassesProd.cap
    Key Deleted : HKLMSOFTWAREMicrosoftTracingapnstub_RASAPI32
    Key Deleted : HKLMSOFTWAREMicrosoftTracingapnstub_RASMANCS
    Key Deleted : HKCUSoftware526da8bb63ebe13
    Key Deleted : HKCUSoftwarea5db6ead06d0476114c01b9f7c7ed7a6
    Key Deleted : HKLMSOFTWARE526da8bb63ebe13
    Key Deleted : HKLMSOFTWAREClassesToolbar.CT2851639
    Key Deleted : HKLMSOFTWAREClassesCLSID{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLMSOFTWAREClassesCLSID{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Deleted : HKLMSOFTWAREClassesCLSID{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : HKLMSOFTWAREClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLMSOFTWAREClassesCLSID{D6533F74-218B-41BE-9D91-5BD471FECFFD}
    Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
    Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{D6533F74-218B-41BE-9D91-5BD471FECFFD}
    Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
    Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{D6533F74-218B-41BE-9D91-5BD471FECFFD}
    Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerExtensions{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{0A80E610-913A-416C-A967-10C7F640D885}
    Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{EB5451C2-EB25-4120-AF01-C00566421F82}
    Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
    Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
    Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
    Key Deleted : HKCUSoftwareBabylonToolbar
    Key Deleted : HKCUSoftwareDataMngr
    [#] Key Deleted : HKCUSoftwareDataMngr_Toolbar
    Key Deleted : HKCUSoftwaredsiteproducts
    Key Deleted : HKCUSoftwareInstallCore
    Key Deleted : HKCUSoftwareAppDataLowToolbar
    Key Deleted : HKCUSoftwareAppDataLowSoftwareConduit
    Key Deleted : HKCUSoftwareAppDataLowSoftwarePriceGong
    Key Deleted : HKCUSoftwareAppDataLowSoftwaresmartbar
    Key Deleted : HKCUSoftwareAppDataLowSoftwareuTorrentBar_FR
    Key Deleted : HKLMSoftwareBabylon
    Key Deleted : HKLMSoftwareConduit
    Key Deleted : HKLMSoftwareDataMngr
    Key Deleted : HKLMSoftwareTarma Installer
    Key Deleted : HKLMSoftwareuTorrentBar_FR
    Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstalluTorrentBar_FR Toolbar

    ***** [ Browsers ] *****

    -\ Internet Explorer v10.0.9200.16720

    -\ Google Chrome v

    [ File : C:UsersAudreyAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [6202 octets] – [02/11/2013 15:42:02]
    AdwCleaner[S0].txt – [5965 octets] – [02/11/2013 15:46:08]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [6025 octets] ##########[/spoiler:2fagm2p9]

  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    Voici donc les différents rapports obtenus avec les différents programmes.

    Merci d’avance de votre aide! :merci2:

    [spoiler:hqxmda4e]Malwarebytes Anti-Malware (Essai) 1.75.0.1300
    http://www.malwarebytes.org

    Version de la base de données: v2013.11.02.05

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 10.0.9200.16721
    Audrey :: AUDREY-HP [administrateur]

    Protection: Activé

    2/11/2013 15:02:09
    mbam-log-2013-11-02 (15-02-09).txt

    Type d'examen: Examen rapide
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 227745
    Temps écoulé: 35 minute(s), 28 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 6
    HKCRAppID{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Aucune action effectuée.
    HKCUSOFTWAREBabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Aucune action effectuée.
    HKCUSOFTWAREDataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Aucune action effectuée.
    HKCUSoftwareDataMngr (PUP.Optional.DataMngr.A) -> Aucune action effectuée.
    HKCUSOFTWAREINSTALLCORE (PUP.Optional.InstallCore.A) -> Aucune action effectuée.
    HKCUSoftwareDC3_FEXEC (Malware.Trace) -> Mis en quarantaine et supprimé avec succès.

    Valeur(s) du Registre détectée(s): 1
    HKCUSoftwareInstallCore|tb (PUP.Optional.InstallCore.A) -> Données: 0L1N1H2O1S -> Aucune action effectuée.

    Elément(s) de données du Registre détecté(s): 1
    HKCUSOFTWAREMicrosoftInternet ExplorerMain|Start Page (PUP.Optional.Conduit.A) -> Mauvais: (http://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPCDD75652-ADA7-4361-9F76-6596D2A22DFF) Bon: (http://www.google.com) -> Aucune action effectuée.

    Dossier(s) détecté(s): 8
    C:UsersAudreyAppDataRoamingBabylon (PUP.Optional.Babylon.A) -> Aucune action effectuée.
    C:ProgramDataTarma Installer (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataTarma Installer{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataTarma Installer{361E80BE-388B-4270-BF54-A10C2B756504}Cache (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTempmt_ffxDelta (PUP.Optional.Delta.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTempmt_ffxDeltadelta (PUP.Optional.Delta.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTempmt_ffxDeltadelta1.8.10.0 (PUP.Optional.Delta.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataRoamingdclogs (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.

    Fichier(s) détecté(s): 155
    C:ProgramDataTarma Installer{361E80BE-388B-4270-BF54-A10C2B756504}Setup.exe (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTemputtA558.tmp.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTempnsa6E15.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTempnsc63F4.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTempnsf5FE.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTempnsfA91.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTempnsp7527.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTempis357113909DeltaTB.exe (PUP.Optional.Babylon.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTemp9E8DFCB7-BAB0-7891-BE3D-90DFCF746EACCrxInstaller.dll (PUP.Optional.Babylon.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTemp9E8DFCB7-BAB0-7891-BE3D-90DFCF746EACMyBabylonTB.exe (PUP.Optional.Delta) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTempAB34BAEA-BAB0-7891-9910-1456E012C32DCrxInstaller.dll (PUP.Optional.Babylon.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalTempAB34BAEA-BAB0-7891-9910-1456E012C32DMyBabylonTB.exe (PUP.Optional.Delta) -> Aucune action effectuée.
    C:UsersAudreyDownloadsLa Roux – Bulletproof (Tiborg Radio Remix) – [MP3Juices.com].exe (PUP.Optional.Installex) -> Aucune action effectuée.
    C:UsersAudreyAppDataLocalConduitCT2851639uTorrentBar_FRAutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
    C:UsersAudreyLocal SettingsTemporary Internet FilesContent.IE5F06HXK7MSPSetup[1].exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
    C:UsersAudreyLocal SettingsTemporary Internet FilesContent.IE5FRFWQFMMspstub[1].exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataRoamingBabylonlog_file.txt (PUP.Optional.Babylon.A) -> Aucune action effectuée.
    C:ProgramDataTarma Installer{361E80BE-388B-4270-BF54-A10C2B756504}Setup.dat (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataTarma Installer{361E80BE-388B-4270-BF54-A10C2B756504}Setup.ico (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataTarma Installer{361E80BE-388B-4270-BF54-A10C2B756504}_Setup.dll (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataTarma Installer{361E80BE-388B-4270-BF54-A10C2B756504}_Setupx.dll (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:UsersAudreyAppDataRoamingdclogs2012-10-29-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-10-30-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-10-31-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-01-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-02-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-03-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-04-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-05-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-06-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-07-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-08-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-09-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-10-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-11-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-12-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-13-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-16-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-17-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-18-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-19-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-20-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-21-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-22-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-23-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-24-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-25-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-26-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-27-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-28-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-29-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-30-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-01-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-02-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-04-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-05-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-06-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-07-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-08-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-09-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-10-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-11-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-12-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-13-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-14-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-15-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-16-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-17-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-18-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-19-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-20-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-22-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-23-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-24-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-25-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-26-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-27-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-28-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-29-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-30-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-31-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-01-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-02-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-03-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-04-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-11-14-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-03-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2012-12-21-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-05-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-23-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-11-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-12-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-06-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-07-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-08-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-09-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-10-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-11-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-12-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-13-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-14-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-15-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-16-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-17-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-18-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-19-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-20-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-21-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-22-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-24-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-26-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-27-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-28-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-29-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-30-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-01-31-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-01-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-02-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-03-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-04-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-05-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-06-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-07-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-08-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-09-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-10-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-12-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-02-13-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-09-28-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-09-29-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-09-30-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-01-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-02-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-03-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-04-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-05-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-06-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-07-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-08-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-09-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-13-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-14-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-16-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-17-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-19-7.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-20-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-21-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-23-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-24-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-27-1.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-28-2.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-29-3.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-30-4.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-10-31-5.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.
    C:UsersAudreyAppDataRoamingdclogs2013-11-01-6.dc (Stolen.Data) -> Mis en quarantaine et supprimé avec succès.

    (fin)[/spoiler:hqxmda4e]
    [/spoiler]

  • Anonyme
    Nombre d'articles : 0

    Hello :hello: ,

    Bienvenue sur SosVirus :welcome:

    Désinstalle UsbFix , installe cette version : https://www.sosvirus.net/telecharger/usbfix/” onclick=”window.open(this.href);return false; , lance le mode recherche et dis moi si elle bloque et à combien stp.
    Il faudra me poster quand même le rapport ( si elle est bloquée ) il sera ici : C:UsbFix [Scan 3] AUDREY-HP.txt

  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    Salut!

    Voilà je viens de lancer la recherche de USFix. Mon PC est actuellement en mode sans échecs.
    Et la recherche reste toujours bloquée à 22%. Elle cale légèrement au niveau des 14%, puis monte vite jusqu’à 22 et y reste.

    Je te joins le rapport de la recherche (que je n’ai pas interrompue).

    :merci2:

    [spoiler:1frvhkp2]############################## | UsbFix V 7.148 | [Research]

    User: Audrey (Administrator) # AUDREY-HP
    Updated 01/11/2013 by El Desaparecido – Team SosVirus
    Started at 16:37:11 | 03/11/2013

    Website: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (1611)
    CPU: AMD E-350 Processor
    RAM -> [Total : 3578 | Free : 2241]
    Bios: Hewlett-Packard
    Boot: Fail-safe with network boot

    OS: Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
    WB: Windows Internet Explorer : 10.0.9200.16721

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: BitDefender Antivirus [(!) Disabled | (!) Outdated]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    AS: Malwarebytes' Anti-Malware : 1.75.0001
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Fixed drive # 447 Gb (208 Mb free – 47%) [] # NTFS
    D: -> Fixed drive # 15 Gb (2 Mb free – 10%) [RECOVERY] # NTFS
    E: -> Fixed drive # 4 Gb (1 Mb free – 28%) [HP_TOOLS] # FAT32
    F: -> Removable drive # 2 Gb (2 Mb free – 97%) [] # FAT

    ################## | Reference of comparison MD5 |

    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic8i7asystemmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic97asystemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9eimmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9emmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9stemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9stiemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublicsysfftem7.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublicsystefm34.vbe
    Md5 : aed4faf279abf7d7605e81707be3ce64 -> C:UsersAudreyAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:UsersAudreyAppDataLocalTempflashmemory.vbe
    Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:UsersAudreyAppDataLocalTempiTunesHelper.vbe
    Md5 : c9b8fa51c889f97dc5c4deb274b1fbf2 -> C:UsersAudreyAppDataLocalTempNj99.vbs
    Md5 : DENIED -> F:iTunesHelper.vbe

    ################## | Active Processes |

    C:Windowssystem32csrss.exe (ID: 360 |ParentID: 348)
    C:Windowssystem32csrss.exe (ID: 396 |ParentID: 388)
    C:Windowssystem32wininit.exe (ID: 416 |ParentID: 348)
    C:Windowssystem32services.exe (ID: 472 |ParentID: 416)
    C:Windowssystem32winlogon.exe (ID: 488 |ParentID: 388)
    C:Windowssystem32lsass.exe (ID: 516 |ParentID: 416)
    C:Windowssystem32lsm.exe (ID: 524 |ParentID: 416)
    C:Windowssystem32svchost.exe (ID: 624 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 696 |ParentID: 472)
    C:WindowsSystem32svchost.exe (ID: 804 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 840 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 920 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 956 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 1032 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 1072 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 1340 |ParentID: 472)
    C:WindowsExplorer.EXE (ID: 1416 |ParentID: 1408)
    C:Windowssystem32ctfmon.exe (ID: 1488 |ParentID: 1416)
    C:Windowssystem32DllHost.exe (ID: 1724 |ParentID: 624)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 348 |ParentID: 1416)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1632 |ParentID: 348)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1892 |ParentID: 348)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 2432 |ParentID: 348)
    C:Windowssystem32wbemwmiprvse.exe (ID: 3012 |ParentID: 624)
    C:Windowssystem32wbemwmiprvse.exe (ID: 3160 |ParentID: 624)
    C:WindowsSystem32wscript.exe (ID: 2056 |ParentID: 3236)
    C:UsbFixGo.exe (ID: 1688 |ParentID: 2244)

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [StartCCC] – “C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    HKLMSOFTWARE | Run : [SysTrayApp] – C:Program FilesIDTWDMsttray.exe
    HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    HKLMSOFTWARE | Run : [BTMTrayAgent] – rundll32.exe “C:Program FilesMotorolaBluetoothbtmshell.dll”,TrayApp
    HKLMSOFTWARE | Run : [HPQuickWebProxy] – “C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe”
    HKLMSOFTWARE | Run : [HPConnectionManager] – C:Program FilesHewlett-PackardHP Connection ManagerHPCMDelayStart.exe
    HKLMSOFTWARE | Run : [] –
    HKLMSOFTWARE | Run : [HP Quick Launch] – C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe
    HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program FilesEasyBits For KidsezRecover.exe
    HKLMSOFTWARE | Run : [HPOSD] – C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe
    HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersAudreyAppDataLocalTempiTunesHelper.vbe”
    HKLMSOFTWARE | Run : [Genie TimeLine Tray] – C:Program FilesGenie-SoftGenie TimelineGSTimeLineAgent.exe -auto
    HKLMSOFTWARE | Run : [GrooveMonitor] – “C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe”
    HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
    HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    HKLMSOFTWARE | Run : [bdruninstaller] – “C:Program FilesCommon FilesBitdefenderSetupInformationdownloadersetuplauncher.exe” /run:”C:Program FilesCommon FilesBitdefenderSetupInformationdownloadersetupdownloader.exe” /args:”/after_restart”
    HKLMSOFTWARE | Run : [BitDefender Antiphishing Helper] – “C:Program FilesBitDefenderBitDefender 2011ieshow.exe”
    HKLMSOFTWARE | Run : [BDAgent] – “C:Program FilesBitDefenderBitDefender 2011bdagent.exe”
    HKLMSOFTWARE | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [Google Update] – “C:UsersAudreyAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [Facebook Update] – “C:UsersAudreyAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [LaCie Desktop Manager Startup] – “C:Program FilesLaCieDesktop ManagerLaCieDesktopManagerStatusItem.exe”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [MSa2emHR] – wscript.exe //B “C:UsersAudreyAppDataLocalTempMSa2emHR.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [qAuPnVQM] – wscript.exe //B “C:UsersAudreyAppDataLocalTempqAuPnVQM.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [LU86st0c] – wscript.exe //B “C:UsersAudreyAppDataLocalTempLU86st0c.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [G9zxsaPJ] – wscript.exe //B “C:UsersAudreyAppDataLocalTempG9zxsaPJ.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersAudreyAppDataLocalTempiTunesHelper.vbe”
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Generic Research |[/spoiler:1frvhkp2]

  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    Au temps pour moi
    Le recherche vient d’atteindre les 51% sous mes yeux! :bravo1:

    Je poste le rapport final d’ici peu alors!

  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    Ici le rapport de la recherche de USBFix en mode sans échecs avec accès au réseau.

    [spoiler:1nvi5bbz]############################## | UsbFix V 7.148 | [Research]

    User: Audrey (Administrator) # AUDREY-HP
    Updated 01/11/2013 by El Desaparecido – Team SosVirus
    Started at 16:37:11 | 03/11/2013

    Website: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (1611)
    CPU: AMD E-350 Processor
    RAM -> [Total : 3578 | Free : 2241]
    Bios: Hewlett-Packard
    Boot: Fail-safe with network boot

    OS: Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
    WB: Windows Internet Explorer : 10.0.9200.16721

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: BitDefender Antivirus [(!) Disabled | (!) Outdated]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    AS: Malwarebytes' Anti-Malware : 1.75.0001
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Fixed drive # 447 Gb (208 Mb free – 47%) [] # NTFS
    D: -> Fixed drive # 15 Gb (2 Mb free – 10%) [RECOVERY] # NTFS
    E: -> Fixed drive # 4 Gb (1 Mb free – 28%) [HP_TOOLS] # FAT32
    F: -> Removable drive # 2 Gb (2 Mb free – 97%) [] # FAT

    ################## | Reference of comparison MD5 |

    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic8i7asystemmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic97asystemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9eimmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9emmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9stemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9stiemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublicsysfftem7.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublicsystefm34.vbe
    Md5 : aed4faf279abf7d7605e81707be3ce64 -> C:UsersAudreyAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:UsersAudreyAppDataLocalTempflashmemory.vbe
    Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:UsersAudreyAppDataLocalTempiTunesHelper.vbe
    Md5 : c9b8fa51c889f97dc5c4deb274b1fbf2 -> C:UsersAudreyAppDataLocalTempNj99.vbs
    Md5 : DENIED -> F:iTunesHelper.vbe

    ################## | Active Processes |

    C:Windowssystem32csrss.exe (ID: 360 |ParentID: 348)
    C:Windowssystem32csrss.exe (ID: 396 |ParentID: 388)
    C:Windowssystem32wininit.exe (ID: 416 |ParentID: 348)
    C:Windowssystem32services.exe (ID: 472 |ParentID: 416)
    C:Windowssystem32winlogon.exe (ID: 488 |ParentID: 388)
    C:Windowssystem32lsass.exe (ID: 516 |ParentID: 416)
    C:Windowssystem32lsm.exe (ID: 524 |ParentID: 416)
    C:Windowssystem32svchost.exe (ID: 624 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 696 |ParentID: 472)
    C:WindowsSystem32svchost.exe (ID: 804 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 840 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 920 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 956 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 1032 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 1072 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 1340 |ParentID: 472)
    C:WindowsExplorer.EXE (ID: 1416 |ParentID: 1408)
    C:Windowssystem32ctfmon.exe (ID: 1488 |ParentID: 1416)
    C:Windowssystem32DllHost.exe (ID: 1724 |ParentID: 624)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 348 |ParentID: 1416)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1632 |ParentID: 348)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1892 |ParentID: 348)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 2432 |ParentID: 348)
    C:Windowssystem32wbemwmiprvse.exe (ID: 3012 |ParentID: 624)
    C:Windowssystem32wbemwmiprvse.exe (ID: 3160 |ParentID: 624)
    C:WindowsSystem32wscript.exe (ID: 2056 |ParentID: 3236)
    C:UsbFixGo.exe (ID: 1688 |ParentID: 2244)

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [StartCCC] – “C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    HKLMSOFTWARE | Run : [SysTrayApp] – C:Program FilesIDTWDMsttray.exe
    HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    HKLMSOFTWARE | Run : [BTMTrayAgent] – rundll32.exe “C:Program FilesMotorolaBluetoothbtmshell.dll”,TrayApp
    HKLMSOFTWARE | Run : [HPQuickWebProxy] – “C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe”
    HKLMSOFTWARE | Run : [HPConnectionManager] – C:Program FilesHewlett-PackardHP Connection ManagerHPCMDelayStart.exe
    HKLMSOFTWARE | Run : [] –
    HKLMSOFTWARE | Run : [HP Quick Launch] – C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe
    HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program FilesEasyBits For KidsezRecover.exe
    HKLMSOFTWARE | Run : [HPOSD] – C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe
    HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersAudreyAppDataLocalTempiTunesHelper.vbe”
    HKLMSOFTWARE | Run : [Genie TimeLine Tray] – C:Program FilesGenie-SoftGenie TimelineGSTimeLineAgent.exe -auto
    HKLMSOFTWARE | Run : [GrooveMonitor] – “C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe”
    HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
    HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    HKLMSOFTWARE | Run : [bdruninstaller] – “C:Program FilesCommon FilesBitdefenderSetupInformationdownloadersetuplauncher.exe” /run:”C:Program FilesCommon FilesBitdefenderSetupInformationdownloadersetupdownloader.exe” /args:”/after_restart”
    HKLMSOFTWARE | Run : [BitDefender Antiphishing Helper] – “C:Program FilesBitDefenderBitDefender 2011ieshow.exe”
    HKLMSOFTWARE | Run : [BDAgent] – “C:Program FilesBitDefenderBitDefender 2011bdagent.exe”
    HKLMSOFTWARE | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [Google Update] – “C:UsersAudreyAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [Facebook Update] – “C:UsersAudreyAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [LaCie Desktop Manager Startup] – “C:Program FilesLaCieDesktop ManagerLaCieDesktopManagerStatusItem.exe”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [MSa2emHR] – wscript.exe //B “C:UsersAudreyAppDataLocalTempMSa2emHR.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [qAuPnVQM] – wscript.exe //B “C:UsersAudreyAppDataLocalTempqAuPnVQM.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [LU86st0c] – wscript.exe //B “C:UsersAudreyAppDataLocalTempLU86st0c.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [G9zxsaPJ] – wscript.exe //B “C:UsersAudreyAppDataLocalTempG9zxsaPJ.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersAudreyAppDataLocalTempiTunesHelper.vbe”
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Generic Research |

    Found ! F:iTunesHelper.vbe
    Found ! C:UsersAudreyAppDataLocalTempiTunesHelper.vbe
    Found ! C:UsersAudreyAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Found ! F:Autorun.inf.lnk
    Found ! F:BitDefender.lnk
    Found ! F:Usbfix.lnk
    Found ! C:UsersPublic8i7asystemmD.vbe
    Found ! C:UsersPublic97asystemD.VBE
    Found ! C:UsersPublic9eimmD.vbe
    Found ! C:UsersPublic9emmD.vbe
    Found ! C:UsersPublic9stemD.VBE
    Found ! C:UsersPublic9stiemD.VBE
    Found ! C:UsersPublicsysfftem7.VBE
    Found ! C:UsersPublicsystefm34.vbe
    Found ! C:UsersPublic9iaD12_Loading.zip
    Found ! C:UsersPublicD7_Loading.zip
    Found ! C:UsersAudreyAppDataLocalTempIntel(R)s7.exe.tmp
    Found ! C:UsersAudreyAppDataLocalTempMusiques.pif
    Found ! C:UsersAudreyAppDataLocalTemputt19CA.tmp.exe
    Found ! C:UsersAudreyAppDataLocalTemputtA558.tmp.exe
    Found ! C:UsersAudreyAppDataLocalTemputtEDD3.tmp.exe
    Found ! C:UsersAudreyAppDataLocalTempflashmemory.vbe
    Found ! C:UsersAudreyAppDataLocalTempNj99.vbs
    Found ! C:UsersAudreyAppDataLocalTemp1477.hta
    Found ! C:UsersAudreyAppDataLocalTemp7777i.hta
    Found ! C:UsersAudreyAppDataLocalTemp77u.hta
    Found ! C:UsersAudreyAppDataLocalTemp97.hta
    Found ! C:UsersAudreyAppDataLocalTempDC7.hta
    Found ! C:UsersAudreyAppDataLocalTempdcyyt.hta
    Found ! C:UsersAudreyAppDataLocalTempddddddddddd.hta
    Found ! C:UsersAudreyAppDataLocalTempHY.hta
    Found ! C:UsersAudreyAppDataLocalTempiiiii9.hta
    Found ! C:UsersAudreyAppDataLocalTempiiiiiiiiiiiiz7.hta
    Found ! C:UsersAudreyAppDataLocalTempsssssssssi.hta
    Found ! C:UsersAudreyAppDataLocalTempzzzz7.hta
    Found ! C:UsersAudreyAppDataLocalTempzzzzzzzzzzzz5.hta
    Found ! D:desktop.ini

    ################## | Comparison MD5 |

    Found ! Md5 : C9B8FA51C889F97DC5C4DEB274B1FBF2 -> C:UsersAudreyAppDataLocalTempNj99.vbs
    Found ! Md5 : B7019418D79D26CEF0D0EA8C04A39337 -> C:UsersPublic8i7asystemmD.vbe
    Found ! Md5 : B7019418D79D26CEF0D0EA8C04A39337 -> C:UsersPublic97asystemD.VBE

    ################## | Registry |

    Found ! HKUS-1-5-21-1190468337-140412576-3729368624-1002SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKUS-1-5-21-1190468337-140412576-3729368624-1002SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKUS-1-5-21-1190468337-140412576-3729368624-1002SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper

    ################## | Vaccin |

    F:Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:1nvi5bbz]

  • Anonyme
    Nombre d'articles : 0

    Lance l’option suppression et post le rapport stp

  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    Ca a marché!

    Voici le rapport.

    [spoiler:11hk1fzv]############################## | UsbFix V 7.148 | [Research]

    User: Audrey (Administrator) # AUDREY-HP
    Updated 01/11/2013 by El Desaparecido – Team SosVirus
    Started at 16:37:11 | 03/11/2013

    Website: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (1611)
    CPU: AMD E-350 Processor
    RAM -> [Total : 3578 | Free : 2241]
    Bios: Hewlett-Packard
    Boot: Fail-safe with network boot

    OS: Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
    WB: Windows Internet Explorer : 10.0.9200.16721

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: BitDefender Antivirus [(!) Disabled | (!) Outdated]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    AS: Malwarebytes' Anti-Malware : 1.75.0001
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Fixed drive # 447 Gb (208 Mb free – 47%) [] # NTFS
    D: -> Fixed drive # 15 Gb (2 Mb free – 10%) [RECOVERY] # NTFS
    E: -> Fixed drive # 4 Gb (1 Mb free – 28%) [HP_TOOLS] # FAT32
    F: -> Removable drive # 2 Gb (2 Mb free – 97%) [] # FAT

    ################## | Reference of comparison MD5 |

    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic8i7asystemmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic97asystemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9eimmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9emmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9stemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9stiemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublicsysfftem7.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublicsystefm34.vbe
    Md5 : aed4faf279abf7d7605e81707be3ce64 -> C:UsersAudreyAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:UsersAudreyAppDataLocalTempflashmemory.vbe
    Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:UsersAudreyAppDataLocalTempiTunesHelper.vbe
    Md5 : c9b8fa51c889f97dc5c4deb274b1fbf2 -> C:UsersAudreyAppDataLocalTempNj99.vbs
    Md5 : DENIED -> F:iTunesHelper.vbe

    ################## | Active Processes |

    C:Windowssystem32csrss.exe (ID: 360 |ParentID: 348)
    C:Windowssystem32csrss.exe (ID: 396 |ParentID: 388)
    C:Windowssystem32wininit.exe (ID: 416 |ParentID: 348)
    C:Windowssystem32services.exe (ID: 472 |ParentID: 416)
    C:Windowssystem32winlogon.exe (ID: 488 |ParentID: 388)
    C:Windowssystem32lsass.exe (ID: 516 |ParentID: 416)
    C:Windowssystem32lsm.exe (ID: 524 |ParentID: 416)
    C:Windowssystem32svchost.exe (ID: 624 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 696 |ParentID: 472)
    C:WindowsSystem32svchost.exe (ID: 804 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 840 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 920 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 956 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 1032 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 1072 |ParentID: 472)
    C:Windowssystem32svchost.exe (ID: 1340 |ParentID: 472)
    C:WindowsExplorer.EXE (ID: 1416 |ParentID: 1408)
    C:Windowssystem32ctfmon.exe (ID: 1488 |ParentID: 1416)
    C:Windowssystem32DllHost.exe (ID: 1724 |ParentID: 624)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 348 |ParentID: 1416)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1632 |ParentID: 348)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1892 |ParentID: 348)
    C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 2432 |ParentID: 348)
    C:Windowssystem32wbemwmiprvse.exe (ID: 3012 |ParentID: 624)
    C:Windowssystem32wbemwmiprvse.exe (ID: 3160 |ParentID: 624)
    C:WindowsSystem32wscript.exe (ID: 2056 |ParentID: 3236)
    C:UsbFixGo.exe (ID: 1688 |ParentID: 2244)

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [StartCCC] – “C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    HKLMSOFTWARE | Run : [SysTrayApp] – C:Program FilesIDTWDMsttray.exe
    HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    HKLMSOFTWARE | Run : [BTMTrayAgent] – rundll32.exe “C:Program FilesMotorolaBluetoothbtmshell.dll”,TrayApp
    HKLMSOFTWARE | Run : [HPQuickWebProxy] – “C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe”
    HKLMSOFTWARE | Run : [HPConnectionManager] – C:Program FilesHewlett-PackardHP Connection ManagerHPCMDelayStart.exe
    HKLMSOFTWARE | Run : [] –
    HKLMSOFTWARE | Run : [HP Quick Launch] – C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe
    HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program FilesEasyBits For KidsezRecover.exe
    HKLMSOFTWARE | Run : [HPOSD] – C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe
    HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersAudreyAppDataLocalTempiTunesHelper.vbe”
    HKLMSOFTWARE | Run : [Genie TimeLine Tray] – C:Program FilesGenie-SoftGenie TimelineGSTimeLineAgent.exe -auto
    HKLMSOFTWARE | Run : [GrooveMonitor] – “C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe”
    HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
    HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    HKLMSOFTWARE | Run : [bdruninstaller] – “C:Program FilesCommon FilesBitdefenderSetupInformationdownloadersetuplauncher.exe” /run:”C:Program FilesCommon FilesBitdefenderSetupInformationdownloadersetupdownloader.exe” /args:”/after_restart”
    HKLMSOFTWARE | Run : [BitDefender Antiphishing Helper] – “C:Program FilesBitDefenderBitDefender 2011ieshow.exe”
    HKLMSOFTWARE | Run : [BDAgent] – “C:Program FilesBitDefenderBitDefender 2011bdagent.exe”
    HKLMSOFTWARE | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [Google Update] – “C:UsersAudreyAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [Facebook Update] – “C:UsersAudreyAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [LaCie Desktop Manager Startup] – “C:Program FilesLaCieDesktop ManagerLaCieDesktopManagerStatusItem.exe”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [MSa2emHR] – wscript.exe //B “C:UsersAudreyAppDataLocalTempMSa2emHR.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [qAuPnVQM] – wscript.exe //B “C:UsersAudreyAppDataLocalTempqAuPnVQM.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [LU86st0c] – wscript.exe //B “C:UsersAudreyAppDataLocalTempLU86st0c.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [G9zxsaPJ] – wscript.exe //B “C:UsersAudreyAppDataLocalTempG9zxsaPJ.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersAudreyAppDataLocalTempiTunesHelper.vbe”
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Generic Research |

    Found ! F:iTunesHelper.vbe
    Found ! C:UsersAudreyAppDataLocalTempiTunesHelper.vbe
    Found ! C:UsersAudreyAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Found ! F:Autorun.inf.lnk
    Found ! F:BitDefender.lnk
    Found ! F:Usbfix.lnk
    Found ! C:UsersPublic8i7asystemmD.vbe
    Found ! C:UsersPublic97asystemD.VBE
    Found ! C:UsersPublic9eimmD.vbe
    Found ! C:UsersPublic9emmD.vbe
    Found ! C:UsersPublic9stemD.VBE
    Found ! C:UsersPublic9stiemD.VBE
    Found ! C:UsersPublicsysfftem7.VBE
    Found ! C:UsersPublicsystefm34.vbe
    Found ! C:UsersPublic9iaD12_Loading.zip
    Found ! C:UsersPublicD7_Loading.zip
    Found ! C:UsersAudreyAppDataLocalTempIntel(R)s7.exe.tmp
    Found ! C:UsersAudreyAppDataLocalTempMusiques.pif
    Found ! C:UsersAudreyAppDataLocalTemputt19CA.tmp.exe
    Found ! C:UsersAudreyAppDataLocalTemputtA558.tmp.exe
    Found ! C:UsersAudreyAppDataLocalTemputtEDD3.tmp.exe
    Found ! C:UsersAudreyAppDataLocalTempflashmemory.vbe
    Found ! C:UsersAudreyAppDataLocalTempNj99.vbs
    Found ! C:UsersAudreyAppDataLocalTemp1477.hta
    Found ! C:UsersAudreyAppDataLocalTemp7777i.hta
    Found ! C:UsersAudreyAppDataLocalTemp77u.hta
    Found ! C:UsersAudreyAppDataLocalTemp97.hta
    Found ! C:UsersAudreyAppDataLocalTempDC7.hta
    Found ! C:UsersAudreyAppDataLocalTempdcyyt.hta
    Found ! C:UsersAudreyAppDataLocalTempddddddddddd.hta
    Found ! C:UsersAudreyAppDataLocalTempHY.hta
    Found ! C:UsersAudreyAppDataLocalTempiiiii9.hta
    Found ! C:UsersAudreyAppDataLocalTempiiiiiiiiiiiiz7.hta
    Found ! C:UsersAudreyAppDataLocalTempsssssssssi.hta
    Found ! C:UsersAudreyAppDataLocalTempzzzz7.hta
    Found ! C:UsersAudreyAppDataLocalTempzzzzzzzzzzzz5.hta
    Found ! D:desktop.ini

    ################## | Comparison MD5 |

    Found ! Md5 : C9B8FA51C889F97DC5C4DEB274B1FBF2 -> C:UsersAudreyAppDataLocalTempNj99.vbs
    Found ! Md5 : B7019418D79D26CEF0D0EA8C04A39337 -> C:UsersPublic8i7asystemmD.vbe
    Found ! Md5 : B7019418D79D26CEF0D0EA8C04A39337 -> C:UsersPublic97asystemD.VBE

    ################## | Registry |

    Found ! HKUS-1-5-21-1190468337-140412576-3729368624-1002SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKUS-1-5-21-1190468337-140412576-3729368624-1002SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKUS-1-5-21-1190468337-140412576-3729368624-1002SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Found ! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper

    ################## | Vaccin |

    F:Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:11hk1fzv]

    Est-ce que mon pc est tiré d’affaire?

  • Anonyme
    Nombre d'articles : 0

    C’est le rapport de recherche ça :(

  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    TADAA!

    [spoiler:1fpijmq8]############################## | UsbFix V 7.148 | [Deletion]

    User: Audrey (Administrator) # AUDREY-HP
    Updated 01/11/2013 by El Desaparecido – Team SosVirus
    Started at 17:28:11 | 03/11/2013

    Website: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (1611)
    CPU: AMD E-350 Processor
    RAM -> [Total : 3578 | Free : 2131]
    Bios: Hewlett-Packard
    Boot: Fail-safe with network boot

    OS: Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) Service Pack 1
    WB: Windows Internet Explorer : 10.0.9200.16721

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: BitDefender Antivirus [(!) Disabled | (!) Outdated]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    AS: Malwarebytes' Anti-Malware : 1.75.0001
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Fixed drive # 447 Gb (208 Mb free – 47%) [] # NTFS
    D: -> Fixed drive # 15 Gb (2 Mb free – 10%) [RECOVERY] # NTFS
    E: -> Fixed drive # 4 Gb (1 Mb free – 28%) [HP_TOOLS] # FAT32
    F: -> Removable drive # 2 Gb (2 Mb free – 97%) [] # FAT

    ################## | Reference of comparison MD5 |

    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic8i7asystemmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic97asystemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9eimmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9emmD.vbe
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9stemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublic9stiemD.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublicsysfftem7.VBE
    Md5 : b7019418d79d26cef0d0ea8c04a39337 -> C:UsersPublicsystefm34.vbe
    Md5 : aed4faf279abf7d7605e81707be3ce64 -> C:UsersAudreyAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:UsersAudreyAppDataLocalTempflashmemory.vbe
    Md5 : bcdef9a6d179f4c587f9b742de82eef0 -> C:UsersAudreyAppDataLocalTempiTunesHelper.vbe
    Md5 : c9b8fa51c889f97dc5c4deb274b1fbf2 -> C:UsersAudreyAppDataLocalTempNj99.vbs
    Md5 : DENIED -> F:iTunesHelper.vbe

    ################## | Stopped processes |

    Stopped! C:WindowsExplorer.EXE (ID: 1416 |ParentID: 1408)
    Stopped! C:Windowssystem32ctfmon.exe (ID: 1488 |ParentID: 1416)
    Stopped! C:Windowssystem32DllHost.exe (ID: 1724 |ParentID: 624)
    Stopped! C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 348 |ParentID: 1416)
    Stopped! C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1632 |ParentID: 348)
    Stopped! C:UsersAudreyAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1892 |ParentID: 348)
    Stopped! C:WindowsSystem32wscript.exe (ID: 2056 |ParentID: 3236)

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [StartCCC] – “C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    HKLMSOFTWARE | Run : [SysTrayApp] – C:Program FilesIDTWDMsttray.exe
    HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    HKLMSOFTWARE | Run : [BTMTrayAgent] – rundll32.exe “C:Program FilesMotorolaBluetoothbtmshell.dll”,TrayApp
    HKLMSOFTWARE | Run : [HPQuickWebProxy] – “C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe”
    HKLMSOFTWARE | Run : [HPConnectionManager] – C:Program FilesHewlett-PackardHP Connection ManagerHPCMDelayStart.exe
    HKLMSOFTWARE | Run : [] –
    HKLMSOFTWARE | Run : [HP Quick Launch] – C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe
    HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program FilesEasyBits For KidsezRecover.exe
    HKLMSOFTWARE | Run : [HPOSD] – C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe
    HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersAudreyAppDataLocalTempiTunesHelper.vbe”
    HKLMSOFTWARE | Run : [Genie TimeLine Tray] – C:Program FilesGenie-SoftGenie TimelineGSTimeLineAgent.exe -auto
    HKLMSOFTWARE | Run : [GrooveMonitor] – “C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe”
    HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
    HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    HKLMSOFTWARE | Run : [bdruninstaller] – “C:Program FilesCommon FilesBitdefenderSetupInformationdownloadersetuplauncher.exe” /run:”C:Program FilesCommon FilesBitdefenderSetupInformationdownloadersetupdownloader.exe” /args:”/after_restart”
    HKLMSOFTWARE | Run : [BitDefender Antiphishing Helper] – “C:Program FilesBitDefenderBitDefender 2011ieshow.exe”
    HKLMSOFTWARE | Run : [BDAgent] – “C:Program FilesBitDefenderBitDefender 2011bdagent.exe”
    HKLMSOFTWARE | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [Google Update] – “C:UsersAudreyAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [Facebook Update] – “C:UsersAudreyAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [LaCie Desktop Manager Startup] – “C:Program FilesLaCieDesktop ManagerLaCieDesktopManagerStatusItem.exe”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [MSa2emHR] – wscript.exe //B “C:UsersAudreyAppDataLocalTempMSa2emHR.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [qAuPnVQM] – wscript.exe //B “C:UsersAudreyAppDataLocalTempqAuPnVQM.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [LU86st0c] – wscript.exe //B “C:UsersAudreyAppDataLocalTempLU86st0c.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [G9zxsaPJ] – wscript.exe //B “C:UsersAudreyAppDataLocalTempG9zxsaPJ.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersAudreyAppDataLocalTempiTunesHelper.vbe”
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Generic Research |

    Deleted ! F:iTunesHelper.vbe
    Deleted ! C:UsersAudreyAppDataLocalTempiTunesHelper.vbe
    Deleted ! C:UsersAudreyAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Deleted ! F:Autorun.inf.lnk
    Deleted ! F:BitDefender.lnk
    Deleted ! F:Usbfix.lnk
    Deleted ! C:UsersPublic8i7asystemmD.vbe
    Deleted ! C:UsersPublic97asystemD.VBE
    Deleted ! C:UsersPublic9eimmD.vbe
    Deleted ! C:UsersPublic9emmD.vbe
    Deleted ! C:UsersPublic9stemD.VBE
    Deleted ! C:UsersPublic9stiemD.VBE
    Deleted ! C:UsersPublicsysfftem7.VBE
    Deleted ! C:UsersPublicsystefm34.vbe
    Deleted ! C:UsersPublic9iaD12_Loading.zip
    Deleted ! C:UsersPublicD7_Loading.zip
    Deleted ! C:UsersAudreyAppDataLocalTempIntel(R)s7.exe.tmp
    Deleted ! C:UsersAudreyAppDataLocalTempMusiques.pif
    Deleted ! C:UsersAudreyAppDataLocalTemputt19CA.tmp.exe
    Deleted ! C:UsersAudreyAppDataLocalTemputtA558.tmp.exe
    Deleted ! C:UsersAudreyAppDataLocalTemputtEDD3.tmp.exe
    Deleted ! C:UsersAudreyAppDataLocalTempflashmemory.vbe
    Deleted ! C:UsersAudreyAppDataLocalTempNj99.vbs
    Deleted ! C:UsersAudreyAppDataLocalTemp1477.hta
    Deleted ! C:UsersAudreyAppDataLocalTemp7777i.hta
    Deleted ! C:UsersAudreyAppDataLocalTemp77u.hta
    Deleted ! C:UsersAudreyAppDataLocalTemp97.hta
    Deleted ! C:UsersAudreyAppDataLocalTempDC7.hta
    Deleted ! C:UsersAudreyAppDataLocalTempdcyyt.hta
    Deleted ! C:UsersAudreyAppDataLocalTempddddddddddd.hta
    Deleted ! C:UsersAudreyAppDataLocalTempHY.hta
    Deleted ! C:UsersAudreyAppDataLocalTempiiiii9.hta
    Deleted ! C:UsersAudreyAppDataLocalTempiiiiiiiiiiiiz7.hta
    Deleted ! C:UsersAudreyAppDataLocalTempsssssssssi.hta
    Deleted ! C:UsersAudreyAppDataLocalTempzzzz7.hta
    Deleted ! C:UsersAudreyAppDataLocalTempzzzzzzzzzzzz5.hta
    Deleted ! D:desktop.ini

    (!) Temporary files deleted.

    ################## | Comparison MD5 |

    ################## | Registry |

    Deleted ! HKUS-1-5-21-1190468337-140412576-3729368624-1002SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Deleted ! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper

    ################## | Listing |

    [23/10/2011 – 15:00:29 | SHD ] C:$Recycle.Bin
    [02/11/2013 – 15:47:21 | D ] C:AdwCleaner
    [10/06/2009 – 22:42:20 | N | 24] C:autoexec.bat
    [01/11/2013 – 07:10:24 | D ] C:Backup_2013-10-31 221024
    [03/11/2013 – 03:21:15 | N | 5299] C:bdlog.txt
    [23/04/2011 – 03:54:33 | SHD ] C:boot
    [20/11/2010 – 22:29:06 | RASH | 383786] C:bootmgr
    [02/10/2013 – 20:53:53 | N | 3408] C:bootsqm.dat
    [02/11/2013 – 14:37:26 | SHD ] C:Config.Msi
    [10/06/2009 – 22:42:20 | N | 10] C:config.sys
    [14/07/2009 – 05:53:55 | SHD ] C:Documents and Settings
    [12/11/2011 – 15:44:40 | D ] C:extensions
    [03/11/2013 – 16:29:32 | ASH | 2813775872] C:hiberfil.sys
    [25/06/2011 – 20:25:54 | D ] C:HP
    [13/11/2011 – 17:24:45 | RHD ] C:MSOCache
    [03/11/2013 – 16:29:38 | ASH | 3751702528] C:pagefile.sys
    [14/07/2009 – 03:37:05 | D ] C:PerfLogs
    [02/11/2013 – 16:42:45 | N | 0] C:PhysicalDisk0_MBR.bin
    [02/11/2013 – 16:12:05 | D ] C:Program Files
    [02/11/2013 – 15:46:09 | HD ] C:ProgramData
    [23/10/2011 – 14:46:22 | SHD ] C:Recovery
    [01/11/2013 – 14:10:53 | D ] C:rsit
    [24/04/2012 – 12:04:08 | D ] C:SphinxME
    [27/11/2012 – 21:19:40 | D ] C:SWSetup
    [02/11/2013 – 11:30:08 | SHD ] C:System Volume Information
    [23/10/2011 – 14:46:28 | D ] C:SYSTEM.SAV
    [03/11/2013 – 17:36:59 | D ] C:UsbFix
    [03/11/2013 – 17:40:24 | A | 10294] C:UsbFix [Clean 1] AUDREY-HP.txt
    [03/11/2013 – 16:52:44 | N | 11000] C:UsbFix [Scan 1] AUDREY-HP.txt
    [23/10/2011 – 14:44:31 | RD ] C:Users
    [01/11/2013 – 18:59:33 | D ] C:Windows
    [01/11/2013 – 07:10:36 | D ] C:_Exception1
    [23/10/2011 – 15:00:29 | SHD ] D:$RECYCLE.BIN
    [23/10/2011 – 15:00:23 | RASHD ] D:boot
    [14/07/2009 – 19:39:00 | RASH | 383562] D:bootmgr
    [23/10/2011 – 15:00:23 | D ] D:FactoryUpdate
    [23/10/2011 – 15:00:23 | D ] D:hp
    [06/02/2012 – 21:17:17 | N | 19] D:HPSF_Rep.txt
    [05/11/2012 – 14:02:46 | N | 8] D:HP_WSD.dat
    [23/10/2011 – 15:00:23 | RSHD ] D:preload
    [17/01/2013 – 18:54:39 | RSD ] D:recovery
    [23/10/2011 – 15:00:23 | D ] D:RM_Reserve
    [30/12/2012 – 19:01:01 | SHD ] D:System Volume Information
    [05/11/2012 – 14:02:48 | N | 8] E:HP_WSD.dat
    [25/06/2011 – 21:07:50 | D ] E:Hewlett-Packard
    [25/06/2011 – 21:34:28 | SHD ] E:$RECYCLE.BIN
    [06/02/2012 – 21:17:18 | N | 19] E:HPSF_Rep.txt
    [01/11/2013 – 18:06:50 | SHD ] F:Autorun.inf
    [01/11/2013 – 18:07:54 | D ] F:BitDefender
    [01/11/2013 – 18:08:50 | D ] F:Usbfix

    ################## | Vaccin |

    F:Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:1fpijmq8]

  • Anonyme
    Nombre d'articles : 0

    :)

    Ton PC n’est pas tout à fait tiré d’affaire car il reste pour commencer ces clés orphelines :

    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [MSa2emHR] – wscript.exe //B “C:UsersAudreyAppDataLocalTempMSa2emHR.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [qAuPnVQM] – wscript.exe //B “C:UsersAudreyAppDataLocalTempqAuPnVQM.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [LU86st0c] – wscript.exe //B “C:UsersAudreyAppDataLocalTempLU86st0c.vbs”
    HKUS-1-5-21-1190468337-140412576-3729368624-1002SOFTWARE | Run : [G9zxsaPJ] – wscript.exe //B “C:UsersAudreyAppDataLocalTempG9zxsaPJ.vbs”

    Nous allons éffectuer un diagnostic de ton ordinateur.

    • Télécharge ZHPDiag[/url:3sceim7t] (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

    • Clique sur Configurer
    • Clique sur l’icône représentant une loupe avec un + (« Lancer le diagnostic »)

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    Voici le lien sur SOSupload

    https://antimalware.top/log/SosUpload.05d477def246f252a5a9df1b1ab2cd3d.txt” onclick=”window.open(this.href);return false;

  • Anonyme
    Nombre d'articles : 0
    • Télécharge OTM de OldTimer sur ton bureau.
    • Double-clique sur OTM.exe pour le lancer.
    • Sous Vista/Seven , clic droit -> lancer en tant qu’administrateur
    • Copie la liste ci-dessous et colle-la dans le cadre de gauche de OTM sous Paste Instructions for Items to be Moved.


    :Reg
    [HKEY_USERSS-1-5-21-1190468337-140412576-3729368624-1002SoftwareMicrosoftWindowsCurrentVersionRun]
    "MSa2emHR"=-
    "qAuPnVQM"=-
    "LU86st0c"=-
    "G9zxsaPJ"=-
    [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
    "MSa2emHR"=-
    "qAuPnVQM"=-
    "LU86st0c"=-
    "G9zxsaPJ"=-

    :commands
    [emptytemp]
    • Clique sur “MoveIt!” .
    • Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demanderas de redémarrer l’ordinateur.
    • Si c’est le cas, acceptes en cliquant sur “YES”.
    • Post le rapport dans ta prochaine réponse.
    • Le rapport est situé dans C:_OTMMovedFiles (Le nom du rapport correspond au moment de sa création : date_heure.log).

    Dis moi ensuite comment va ta clé usb stp :)

  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    En fait la clé USB va plutôt bien depuis le nettoyage par USBFix.
    Mais avec OTM il y a un souci… :shocked: Quand je tape sur “move it” dans l’écran droit apparaît le message comme quoi tout s’est bien déroulé, mais le bureau disparaît. Reste OTM ouvert et bloqué Et il n’y a pas de rapport généré. J’ai lancé OTM trois fois, toujours la même chose. Dans le dossier OTM dans C il y a trois dossiers portant le nom des rapports potentiels qui ont été crées mais ils sont vides tous les trois… Et quand OTM cale, Je ne peux rien faire que d’éteindre l’ordinateur et ça va de mal en pis. Je suis obligée de rester en mode sans échec, parce que en mode normal soit il n’y a pas de bureau soit tout apparaît mais le pc bugge. :electriksock:

  • Anonyme
    Nombre d'articles : 0

    Télécharge le fichier en pièces jointes.

    Dézippe le et double clic sur fix.reg, t’auras un message du type “voulez vous accepter la fusion …” acceptes

    Dis moi si tous c’est bien passé stp

  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    Oui,tout s’est bien passé. Je pense. En tout cas il n”y a pas eu de problèmes.
    Enfin ça n’a pas fait grand chose je crois.
    Le message a mentionné quelque chose à propos de cléfs

  • Anonyme
    Nombre d'articles : 0

    Ca a supprimé les clés orphelines ;)

    Bon et bien on va pouvoir terminer, sauf si tu me dis qu’il te reste des soucis avec le pc

    à te lire.

  • Photo du profil de FormaldehyydeFormaldehyyde
    Participant
    Nombre d'articles : 11

    Je crois que tout est rentré dans l’ordre!
    Merci beaucoup pour ton aide! :D

    A plus!

  • Anonyme
    Nombre d'articles : 0

    Je crois que tout est rentré dans l’ordre!
    Merci beaucoup pour ton aide! :D

    :) Passe une agréable semaine ;)

    • Pour supprimer les outils de désinfections utilisés :
    • Télécharges Delfix sur ton Bureau.
    • Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche la case suivantes :
      • Supprimer les outils de désinfection
      • Purger la restauration système

    [hr:1htkg2pm]

    [fin2desinf:1htkg2pm][/fin2desinf:1htkg2pm]

Le sujet ‘Virus transforme fichiers en raccourci et usbfix bloqué’ est fermé à de nouvelles réponses.