Je n'arrive pas supprimer le virus Form 1Résolu/Fermé

Question

Bonjour, 

 Depuis un certain temps, mon pc en s'allumant, démare un programme appelé "Form1", depuis ce jour, mon pc perd en vitesse.
 J'ai bien sur essayé avec diverse manière de le supprimer, en vain. Quelqu'un pourrai m'aider ? 

   Merci bien.

Fish66 · Answer

Salut,

Nous allons effectuer un diagnostic de ton PC: 
*Télécharge ZHPDiag sur ton bureau : 

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html 
ou : 
http://www.premiumorange.com/zeb-help-process/zhpdiag.html 

* Laisse toi guider lors de l'installation,coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag" 

/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur » 

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic ») 
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette 
* Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum : http://www.cijoint.fr/
Si indisponible, tu peux essayer avec l'un de ces liens: 
http://dl.free.fr
http://ww38.toofiles.com/fr/documents-upload.html
https://www.terafiles.net/
https://www.casimages.com/
http://pjjoint.malekal.com/

* Tuto zhpdiag : 
http://www.premiumorange.com/zeb-help-process/zhpdiag.html 

Hébergement de rapport sur cijoint.fr/

Rend toi sur ce site : http://www.cijoint.fr/
 Clique sur Choisissez un fichier
Clique sur "Cliquez ici pour déposer le fichier". 
Un lien de cette forme : http://www.cijoint.fr/cjlink.php?file=cj44123/cijSKAP5fU.txt
 est ajouté dans la page. Copie ce lien dans ta réponse.

Snafu53 · Answer

Merci de ta réponse, mais je ne trouve pas de loupe
"* Clique sur l'icône représentant une loupe (« Lancer le diagnostic ») "

ni de lncer le diagnostic, j'ai ris le premier lien

Fish66 · Answer

Re, Aide >>>ICI<<<

Snafu53 · Answer

merci, je lance le diagnostic, je previent des que c'est fini, merci :)

Snafu53 · Answer

http://www.cijoint.fr/cjlink.php?file=cj201109/cijEqRtoxk.txt

voici donc le lien !

Fish66 · Answer

Re,

Tu as plusieurs adwares...
1/
Télécharge AdwCleaner (merci à Xplode) 
Ou  ADWCleaner ici
Lance AdwCleaner
Clique sur le bouton [ Suppression] 
Patiente... 
Poste le rapport qui apparait en fin de recherche. 
Il se trouve également à C:\AdwCleaner[SX] (où X est un chiffre)


2/
* Télécharge de AD-Remover sur ton Bureau. 
http://www.teamxscript.org/adremoverTelechargement.html 

/!\ Ferme toutes applications en cours /!\ 

- Double  sur l'icône Ad-remover située sur ton Bureau. 
-Pour vista/Seven : clique avec le bouton droit de la souris  et choisis « exécuter en tant qu'administrateur » 
- Sur la page, clique sur le bouton « Nettoyer » 
- Confirme lancement du scan 
- Laisse travailler l'outil. 
- Poste le rapport qui apparaît à la fin. 

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt) 

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour c

3/
/!\ ATTENTION : cette analyse peut durer quelques heures /!\

* Télécharge MBAM et installe le selon l'emplacement par défaut  
https://www.malwarebytes.com/mwb-download/ 
* Lance Malwarebytes' Anti-Malware  
* Fais la mise à jour  
* Clique dans l'onglet  "Recherche"  
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"  
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"  

A la fin de l'analyse, si MBAM n'a rien trouvé :  

* Clique sur OK, le rapport s'ouvre spontanément  

Si des menaces ont été détectées :  

* Clique sur OK puis "Afficher les résultats"  
*Vérifie que toutes les lignes sont cochées 
* Choisis l'option "Supprimer la sélection"  
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"  
* Le rapport s'ouvre automatiquement après la suppression, il se trouve aussi dans l'onglet "Rapports/Logs"  

* Copie/colle le rapport dans le prochain message  


Remarque : 
- S'il y'a un problème de mise à jour de mbam, tu peux la faire manuellement en téléchargeant  ce fichier puis en l'exécutant.

Snafu53 · Answer

# AdwCleaner v1.307 - Rapport créé le 21/09/2011 à 21:06:24
# Mis à jour le 19/09/11 à 09h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Marty - MARTY-PC (Administrateur)
# Exécuté depuis : C:\Users\Marty\Downloads\adwcleaner0.exe
# Option [Suppression]


***** [KillNav] *****

# chrome.exe [PID:2348] -> Tué
# iexplore.exe [PID:2404] -> Tué

***** [Processus] *****

Tué : [PID:3376] cacaoweb.exe

***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\ProgramData\~0
Dossier Supprimé : C:\Users\Marty\AppData\Roaming\cacaoweb
Dossier Supprimé : C:\Users\Marty\AppData\Roaming\OfferBox
Dossier Supprimé : C:\Users\Marty\AppData\Local\Conduit
Dossier Supprimé : C:\Users\Marty\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\Marty\AppData\LocalLow\ConduitEngine
Dossier Supprimé : C:\Program Files (x86)\Conduit
Dossier Supprimé : C:\Program Files (x86)\ConduitEngine
Dossier Supprimé : C:\Program Files (x86)\OfferBox
Dossier Supprimé : C:\Program Files (x86)\Windows Searchqu Toolbar
Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml

***** [Registre] *****

Clé Supprimée : HKCU\Software\Ask.com
Clé Supprimée : HKCU\Software\cacaoweb
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\AskToolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\conduitEngine
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\conduitEngine
Clé Supprimée : HKLM\SOFTWARE\DataMngr
Clé Supprimée : HKLM\SOFTWARE\Offerbox
Clé Supprimée : HKLM\SOFTWARE\SearchquMediabarTb
Clé Supprimée : HKLM\SOFTWARE\SweetIM
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 0 MediaBar
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079a25-328f-4bd4-be04-00955acaa0a7}]
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]

***** [Registre (64 bits)] *****


***** [Navigateurs] *****

-\ Internet Explorer v8.0.7601.17514

Remplacé : [HKCU\..\Main - Secondary Start Pages] = hxxp://fr.ask.com?o=14200&l=dis --> hxxp://www.google.fr
Remplacé : [HKCU\..\Main - Start Page] = hxxp://www.searchqu.com/414 --> hxxp://www.google.fr

-\ Google Chrome v14.0.835.186

Fichier : C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [4268 octets] - [21/09/2011 21:06:24]

*************************

Dossier Temporaire : 226 dossier(s) et 71 fichier(s) supprimé(s)

########## EOF - C:\AdwCleaner[S1].txt - [4493 octets] ##########

Snafu53 · Answer

a======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:12:38 le 21/09/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium  Service Pack 1 (X64) 
Marty@MARTY-PC (Acer Aspire 7736) 
 
============== ACTION(S) ==============


Dossier supprimé: C:\Program Files (x86)\Widestream6

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{8C7F59B2-0094-4DB9-ADE2-1C3699420689}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C7F59B2-0094-4DB9-ADE2-1C3699420689}
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2504091
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B594CEB-4C5B-4BB3-A830-85A2DF4F837A}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3FF0CE4-1A97-44AB-902B-44BB337B03CF}


============== SCAN ADDITIONNEL ==============

**** Google Chrome Version [14.0.835.186] ****

Extension - dhkplhfnhceodhffomolpfigojocbpcb (x)
Extension - jfmjfhklogoienhpfnppmbcbjfjnkonk (x)

-- C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.searchqu.com/414
Preferences - homepage_is_newtabpage: true
Plugin - Remoting Viewer (Activé: true) (internal-remoting-viewer) (x)
Plugin - Native Client (Activé: true) (C:\Users\Marty\AppData\Local\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll)
Plugin - Windows Live\u0099 Photo Gallery (Activé: true) (C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - "Java" (Activé: true)
Plugin - "Silverlight" (Activé: true)
Plugin - "Remoting Viewer" (Activé: true)
Plugin - "Native Client" (Activé: true)
Plugin - "Windows Live\u0099 Photo Gallery" (Activé: true)

========================================

**** Internet Explorer Version [8.0.7601.17514] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x)
HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x)
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=414&q={searchTerms})
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} - "Search Results" (hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=414&q={searchTerms})
HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (x)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
HKLM_Toolbar|{381FFDE8-2394-4f90-B10D-FC6124A40F8C} ("C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll") (x)
HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll)
HKCU_ElevationPolicy\{2BAAF9CA-2AE3-4F9D-B9D5-2E29119E781E} - C:\Program Files (x86)\Vuze\Azureus.exe (Vuze Inc.)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{1D348E9E-47BF-434B-9FD9-8051EF387DD5} - C:\Users\Marty\AppData\Local\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{9A6486EC-1731-4549-93E4-D7BBC5805127} - C:\Program Files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{C61F51D3-2E49-4BF1-90FE-0F5657435124} - C:\PROGRA~2\Windows iLivid Toolbar\ToolBar\dtUser.exe (Visicom Media Inc.)
HKLM_Extensions\{612F6E5C-B314-4bab-93D1-D266AAFBE700} - "Run YoukuDownloader" (C:\Program Files (x86)\Xmlbar\Youku Downloader\YoukuDownloader(xmlbar).exe,128)
BHO\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} - "FDMIECookiesBHO Class" (C:\Program Files (x86)\Free Download Manager\iefdm2.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 2 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 21/09/2011 21:13:00 (5587 Octet(s)) 

Fin à: 21:16:59, 21/09/2011 
 
============== E.O.F ==============

Snafu53 · Answer

Un deuxième rapport va arriver, j'ai oublier de tout cocher comme vous vous m'aviez dit de le faire --'











Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 7765

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

22/09/2011 05:21:28
mbam-log-2011-09-22 (05-21-28).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|)
Elément(s) analysé(s): 362055
Temps écoulé: 1 heure(s), 22 minute(s), 21 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows (Trojan.Downloader) -> Value: Windows -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Users\Public\public documents\windows movie player\player.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files (x86)\Google\google earth\client\google.earth.plus.6.0.2.2074-mpt.exe (PUP.Hacktool.Patcher) -> Not selected for removal.
g:\activation.exe (Malware.Packer.gen) -> Quarantined and deleted successfully.

Snafu53 · Answer

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 7765

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

22/09/2011 05:21:28
mbam-log-2011-09-22 (05-21-28).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|)
Elément(s) analysé(s): 362055
Temps écoulé: 1 heure(s), 22 minute(s), 21 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows (Trojan.Downloader) -> Value: Windows -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Users\Public\public documents\windows movie player\player.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files (x86)\Google\google earth\client\google.earth.plus.6.0.2.2074-mpt.exe (PUP.Hacktool.Patcher) -> Not selected for removal.
g:\activation.exe (Malware.Packer.gen) -> Quarantined and deleted successfully.

Snafu53 · Answer

et bien, form 1 n'a plus lair d'être la :) y'a t'il autre chose a faire ? en tout cas merci de ton aide

Fish66 · Answer

Bonjour,

Lance ZHPDiag depuis ton bureau puis prépare stp un nouveau rapport ZHPDiag

Snafu53 · Answer

http://www.cijoint.fr/cjlink.php?file=cj201109/cijrfncea3.txt

Fish66 · Answer

Salut,

1/
Désinstalle et supprimes s'il est possible ces logiciels et dossiers stp :

Logiciel: Windows iLivid Toolbar 
 Logiciel: DAEMON Tools Toolbar 
C:\Users\Marty\AppData\Roaming\widestream    
C:\Users\Marty\AppData\Local\widestream6 Air    

2/
* Télécharge OTM (OldTimer) sur ton Bureau 

ICI >> OTM (OldTimer) 
* Double clic "OTMoveIt3.exe" 
* Utilisateurs Windows Vista / 7 Clic droit sur "OTMoveIt3.exe" choisis "exécuter en tant qu'administrateur" afin de le lancer. 

- Copie (Ctrl+C) le texte suivant en gras ci-dessous : 



 :files 
C:\Users\Marty\AppData\Roaming\Widestream  
C:\Users\Marty\AppData\Local\widestream6 Air   
C:\Users\Marty\AppData\LocalLow\BabylonToolbar  
C:\Users\Marty\AppData\LocalLow\searchquband    
C:\Program Files (x86)\Windows iLivid Toolbar  
C:\Users\Marty\AppData\LocalLow\Vuze_Remote    
C:\Program Files (x86)\DAEMON Tools Toolbar   

:Reg 
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a6dc111-b030-4c3e-be65-299284128b91}]   
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1a6dc111-b030-4c3e-be65-299284128b91}]   
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}]    
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}]   
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}]    
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}]    
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]    
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]    
[-HKCU\Software\AppDataLow\Software\searchqutoolbar]    
[-HKCU\Software\WideStream]    

:commands 
[emptytemp] 
[purity]
[Reboot]




- Colle (Ctrl+V) le texte précédemment copié dans le cadre: Paste Instructions for Items to be Moved. 
- Clique maintenant sur le bouton MoveIt! 
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. 
Accepte en cliquant sur YES. 
- Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\ 
Le nom du rapport correspond au moment de sa création : date_heure.log

3/
Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C ) 


O87 - FAEL: "TCP Query User{E995956A-79CD-44B8-836E-7A1BAA3D0D99}C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)    => Infection PUP (PUP.CacaoWeb)
O87 - FAEL: "UDP Query User{665F2C85-6E3D-41D2-985A-071F8127848D}C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)    => Infection PUP (PUP.CacaoWeb)
O87 - FAEL: "{87E779DF-C46A-4D9A-B107-801CABBD7CBE}" | In - Private - P6 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\dtUser.exe    => Infection BT (Adware.Bandoo)
O87 - FAEL: "{B18CAD62-7633-403B-9782-DF38D9AD8CA4}" | In - Private - P17 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\dtUser.exe    => Infection BT (Adware.Bandoo)
O87 - FAEL: "TCP Query User{16107278-94DC-47B3-84C2-158D287D6F62}C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)    => Infection PUP (PUP.CacaoWeb)
O87 - FAEL: "UDP Query User{9B275B38-5F74-4686-A2E6-D3279A1A9699}C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)    => Infection PUP (PUP.CacaoWeb)
O87 - FAEL: "{15080F31-560B-42ED-AFD3-B5E39B29EA63}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)    => Infection BT (Adware.Bandoo)
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.searchnu.com/
O20 - AppInit_DLLs: . (.Discordia, LTD - Data Manager.) - C:\PROGRA~2\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll    => Infection BT (Adware.Bandoo)

FirewallRAZ
EmptyTemp
EmptyFlash



Puis Lance ZHPFix depuis le raccourci du bureau . 

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) . 

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent . 

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre. 

Clique sur le bouton  GO

Copie/Colle le rapport à l'écran dans ton prochain message.

@+

Snafu53 · Answer

voici le rapport


All processes killed
========== FILES ==========
File/Folder C:\Users\Marty\AppData\Roaming\Widestream not found.
File/Folder C:\Users\Marty\AppData\Local\widestream6 Air not found.
C:\Users\Marty\AppData\LocalLow\BabylonToolbar\BabylonToolbar folder moved successfully.
C:\Users\Marty\AppData\LocalLow\BabylonToolbar folder moved successfully.
C:\Users\Marty\AppData\LocalLow\searchquband folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\components folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\searchbar folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\options folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\uwa folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\libadio\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\libadio\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\libadio folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\panels\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\panels\default folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\panels\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib\panels folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin\lib folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\skin folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.YouTube_v2\skin\scripts folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.YouTube_v2\skin\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.YouTube_v2\skin\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.YouTube_v2\skin folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.YouTube_v2\js folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.YouTube_v2\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.YouTube_v2\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.YouTube_v2 folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Twitter\skin\scripts folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Twitter\skin\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Twitter\skin\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Twitter\skin folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Twitter\js folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Twitter\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Twitter\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Twitter folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.PPCBully folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.MyStartFacebook\skin\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.MyStartFacebook\skin\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.MyStartFacebook\skin folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.MyStartFacebook\js folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.MyStartFacebook\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.MyStartFacebook\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.MyStartFacebook folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Coupons_v2\skin\scripts folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Coupons_v2\skin\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Coupons_v2\skin\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Coupons_v2\skin folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Coupons_v2\js folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Coupons_v2\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Coupons_v2\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets
et.vmn.www.Coupons_v2 folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\widgets folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\modules folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\lib folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\data\search folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content\data folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome\content folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\chrome folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64 folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\FirefoxExtension\content folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\FirefoxExtension\components folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\FirefoxExtension folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\UserDefinedItems folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\SearchInNewTab folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Rss folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_en-us\ToolbarTranslation folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_en-us folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_CT2504091\ToolbarSettings folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_CT2504091\ToolbarLogin folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_CT2504091\DynamicDialogs folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_CT2504091\AppsMetaData folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Repository\conduit_CT2504091_CT2504091 folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Repository folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Logs folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\ExternalComponent folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\EmailNotifier folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\UntrustedAppPendingDialog folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\UntrustedAppApprovalDialog folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\UntrustedAddedAppDialog folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\ToolbarUntrustedAppsApprovalDialog folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\ToolbarFirstTimeDialog\images folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\ToolbarFirstTimeDialog folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\SearchProtectorDialog\Images folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\SearchProtectorDialog folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\EngineFirstTimeDialog folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\DetectedAppDialog folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\DefualtImages folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs\AddedAppDialog folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\Dialogs folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote\CacheIcons folder moved successfully.
C:\Users\Marty\AppData\LocalLow\Vuze_Remote folder moved successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a6dc111-b030-4c3e-be65-299284128b91}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a6dc111-b030-4c3e-be65-299284128b91}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1a6dc111-b030-4c3e-be65-299284128b91}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a6dc111-b030-4c3e-be65-299284128b91}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ not found.
Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\searchqutoolbar\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\WideStream\ deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Marty
->Temp folder emptied: 2310507 bytes
->Temporary Internet Files folder emptied: 72726288 bytes
->Java cache emptied: 266933 bytes
->Google Chrome cache emptied: 62829623 bytes
->Flash cache emptied: 113802 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 81784 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 940095 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes
RecycleBin emptied: 1542119199 bytes
 
Total Files Cleaned = 1 604,00 mb
 
 
OTM by OldTimer - Version 3.1.18.0 log created on 09222011_202511

Files moved on Reboot...
C:\Users\Marty\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File C:\Windows	emp\MARTY-PC.lck not found!

Registry entries deleted on Reboot...

Snafu53 · Answer

je n'ai que zhpdiag et pas zhp fix

Snafu53 · Answer

ce ne sont pas les bonne ligne, 

il est écrit le dernier rapport que je vien de poster je ois faire quoi alors ?

Snafu53 · Answer

Rapport de ZHPFix 1.12.3361 par Nicolas Coolman, Update du 06/09/2011
Fichier d'export Registre : 
Run by Marty at 22/09/2011 20:43:29
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Fichier(s) ==========
ABSENT Folder/File: c:\users\marty\appdata\locallow\babylontoolbar\babylontoolbar folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\babylontoolbar folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\searchquband folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\components folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\skin\lib\panels\default\scripts folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\skin\lib\panels\default\images folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.youtube_v2\skin\scripts folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.youtube_v2\skin\images folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.youtube_v2\skin\css folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.youtube_v2\skin folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.youtube_v2\js folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.youtube_v2\images folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.youtube_v2\css folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.youtube_v2 folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.twitter\skin\scripts folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.twitter\skin\css folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.twitter\skin folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.twitter\css folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.twitter folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.mystartfacebook\skin\scripts folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.mystartfacebook\skin\images folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.mystartfacebook\skin\css folder moved successfully.
ABSENT Folder/File: c:\program files (x86)\windows ilivid toolbar	oolbar\chrome\content\widgets
et.vmn.www.mystartfacebook\js folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\userdefineditems folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\searchinnewtab folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remotess folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remoteepository\conduit_ct2504091_en-us	oolbartranslation folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remoteepository\conduit_ct2504091_en-us folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remoteepository\conduit_ct2504091_ct2504091	oolbarsettings folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remoteepository\conduit_ct2504091_ct2504091	oolbarlogin folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remoteepository\conduit_ct2504091_ct2504091\dynamicdialogs folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remoteepository\conduit_ct2504091_ct2504091\appsmetadata folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remoteepository\conduit_ct2504091_ct2504091 folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remoteepository folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\logs folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\externalcomponent folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\emailnotifier folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs\untrustedapppendingdialog folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs\untrustedappapprovaldialog folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs\untrustedaddedappdialog folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs	oolbaruntrustedappsapprovaldialog folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs	oolbarfirsttimedialog\images folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs	oolbarfirsttimedialog folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs\searchprotectordialog\images folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs\searchprotectordialog folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs\enginefirsttimedialog folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs\detectedappdialog folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs\defualtimages folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs\addedappdialog folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\dialogs folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote\cacheicons folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\locallow\vuze_remote folder moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\local	emp\fxsapidebuglogfile.txt moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\local\google\chrome\user data\default\cache\data_0 moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\local\google\chrome\user data\default\cache\data_1 moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\local\google\chrome\user data\default\cache\data_2 moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\local\google\chrome\user data\default\cache\data_3 moved successfully.
ABSENT Folder/File: c:\users\marty\appdata\local\google\chrome\user data\default\cache\index moved successfully.

========== Script Registre ==========
File: Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a6dc111-b030-4c3e-be65-299284128b91}\ deleted successfully.Extension de fichier registre invalide:
File: Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a6dc111-b030-4c3e-be65-299284128b91}\ not found.Extension de fichier registre invalide:
File: Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1a6dc111-b030-4c3e-be65-299284128b91}\ deleted successfully.Extension de fichier registre invalide:
File: Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.Extension de fichier registre invalide:
File: Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.Extension de fichier registre invalide:
File: Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.Extension de fichier registre invalide:
File: Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}\ deleted successfully.Extension de fichier registre invalide:
File: Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}\ not found.Extension de fichier registre invalide:
File: Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}\ deleted successfully.Extension de fichier registre invalide:
File: Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.Extension de fichier registre invalide:
File: Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.Extension de fichier registre invalide:
File: Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.Extension de fichier registre invalide:
File: Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully.Extension de fichier registre invalide:
File: Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ not found.Extension de fichier registre invalide:
File: Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully.Extension de fichier registre invalide:
File: Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\searchqutoolbar\ deleted successfully.Extension de fichier registre invalide:
File: Registry key HKEY_CURRENT_USER\Software\WideStream\ deleted successfully.Extension de fichier registre invalide:
File: Registry entries deleted on Reboot...Extension de fichier registre invalide:

========== Autre ==========
NON TRAITE All processes killed
NON TRAITE ========== FILES
NON TRAITE File/Folder C:\Users\Marty\AppData\Roaming\Widestream not found.
NON TRAITE File/Folder C:\Users\Marty\AppData\Local\widestream6 Air not found.
NON TRAITE ========== REGISTRY
NON TRAITE ========== COMMANDS
NON TRAITE [EMPTYTEMP]
NON TRAITE User: All Users
NON TRAITE User: Default
NON TRAITE ->Temp folder emptied: 0 bytes
NON TRAITE ->Temporary Internet Files folder emptied: 33170 bytes
NON TRAITE User: Default User
NON TRAITE ->Temporary Internet Files folder emptied: 0 bytes
NON TRAITE User: Marty
NON TRAITE ->Temp folder emptied: 2310507 bytes
NON TRAITE ->Temporary Internet Files folder emptied: 72726288 bytes
NON TRAITE ->Java cache emptied: 266933 bytes
NON TRAITE ->Google Chrome cache emptied: 62829623 bytes
NON TRAITE ->Flash cache emptied: 113802 bytes
NON TRAITE User: Public
NON TRAITE %systemdrive% .tmp files removed: 0 bytes
NON TRAITE %systemroot% .tmp files removed: 0 bytes
NON TRAITE %systemroot%\System32 .tmp files removed: 0 bytes
NON TRAITE %systemroot%\System32 (64bit) .tmp files removed: 81784 bytes
NON TRAITE %systemroot%\System32\drivers .tmp files removed: 0 bytes
NON TRAITE Windows Temp folder emptied: 940095 bytes
NON TRAITE %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes
NON TRAITE RecycleBin emptied: 1542119199 bytes
NON TRAITE Total Files Cleaned
NON TRAITE OTM by OldTimer - Version 3.1.18.0 log created on 09222011_202511
NON TRAITE Files moved on Reboot...
NON TRAITE File C:\Windows	emp\MARTY-PC.lck not found!


========== Récapitulatif ==========
59 : Fichier(s)
32 : Autre


End of clean in 00mn 00s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 21/09/2011 19:44:11 [572]
C:\ZHP\ZHPFix[R2].txt - 22/09/2011 20:43:29 [12912]

Fish66 · Answer

Re,

1/
* Télécharge le fichier : ZHPFixScript.txt sur ton bureau 
depuis ce lien : http://www.cijoint.fr/cjlink.php?file=cj201109/cijhX84Oqi.txt
* Enregistre le sur le bureau de ton PC                                           
*Lance ZHPFix et clique sur le H (coller les lignes helpers) 
* Fait un glisser/déposer de ZHPFixScript.txt (existant sur ton bureau) dans ZHPFix 
* Clique sur le bouton GO 
* Héberge le rapport et donne le lien

2/
* Telecharge et install  USBFix >>ICI  par El Desaparecido , C_XX & Chimay8  
Autres liens : 
http://www.teamxscript.org/usbfixTelechargement.html  
http://teamxscript.changelog.fr/too/UsbFix.exe

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir  

- Double clique sur le raccourci UsbFix sur ton Bureau (clique droit avec la souris  

:exécuter en tant qu'administrateur pour vista/seven), l'installation se fera  

automatiquement  

-Clique sur "Recherche"  

- Laisse travailler l'outil  

- A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse (il est aussi  

sauvegardé a la racine du disque dur)

Snafu53 · Answer

http://www.cijoint.fr/cjlink.php?file=cj201109/cijqjVlTJ8.txt

je ne met jamais e prise usb (sauf ma souris) sur mon pc --' mais je fais quand meme.

Snafu53 · Answer

On Error Resume Next
Set objFSO = CreateObject("Scripting.FileSystemObject")
set WshShell = CreateObject("WScript.Shell")
set objShell = CreateObject("Shell.Application")
OpenFile = "AV.txt"
Set objLogFile = objFSO.CreateTextFile(OpenFile, True)
Set oAvWMI = GetObject("winmgmts:{impersonationLevel=impersonate}!\.oot\SecurityCenter2")
For Each objav in oAvWMI.ExecQuery("Select * from AntiVirusProduct")
If InStr(2, Hex(objav.productState), "1", 0) = 2 Then onAccess = "Enabled" Else onAccess = "(!)Disabled"
If InStr(4, Hex(objav.productState), "0", 0) = 4 Then product = "Updated" Else product = "(!)Outdated"
objLogFile.Writeline "AV: "& objav.displayName & " [ " & onAccess & " | " & product & " ]"
Next
For Each objsp in oAvWMI.ExecQuery("Select * from AntiSpywareProduct")
If InStr(2, Hex(objsp.productState), "1", 0) = 2 Then onAccess = "Enabled" Else onAccess = "(!)Disabled"
If InStr(4, Hex(objsp.productState), "0", 0) = 4 Then product = "Updated" Else product = "(!)Outdated"
objLogFile.Writeline "AS: "& objsp.displayName & " [ " & onAccess & " | " & product & " ]"
Next
For Each objfw in oAvWMI.ExecQuery("Select * from FirewallProduct")
If InStr(2, Hex(objfw.productState), "1", 1) = 2 Then onAccess = "Enabled" Else onAccess = "(!)Disabled"
objLogFile.Writeline "FW: "& objfw.displayName & " [ " & onAccess & " ]"
Next
Set oAvWMI2 = GetObject("winmgmts:{winmgmts:{impersonationLevel=impersonate}!\.oot\SecurityCenter")
For Each objav in oAvWMI2.ExecQuery("Select * from AntiVirusProduct")
If objav.onAccessScanningEnabled = False Then onAccess = "(!) Disabled" Else onAccess = "Enabled"
If objav.productUptoDate = False Then product = "(!) Outdated" Else product = "Updated"
objLogFile.Writeline "AV : "& objav.displayName  & "[ " & onAccess & "| " & product & " ]"
next
For Each objav in oAvWMI2.ExecQuery("Select * from AntiSpywareProduct")
If objas.onAccessScanningEnabled = False Then onAccess = "(!) Disabled" Else onAccess = "Enabled"
If objas.productUptoDate = False Then product = "(!) Outdated" Else product = "Updated"
objLogFile.Writeline "AV : "& objas.displayName  & "[ " & onAccess & "| " & product & " ]"
next
For Each objav in oAvWMI2.ExecQuery("Select * from FirewallProduct")
If objfw.Enabled = False Then onAccess = "(!) Disabled" Else onAccess = "Enabled"
objLogFile.Writeline "FW: "& objfw.displayName & " [ " & onAccess & " ]"
next
objLogFile.Close

Snafu53 · Answer

############################## | UsbFix 7.059 | [Recherche]

Utilisateur: Marty (Administrateur) # MARTY-PC
Mis à jour le 22/09/2011 par El Desaparecido
Lancé à 21:22:38 | 22/09/2011

Site Web: https://www.sosvirus.net/
Fichier suspect ? : http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

PC: Acer            (Aspire 7736                    ) (x64-based PC) # Notebook
CPU: Pentium(R) Dual-Core CPU       T4400  @ 2.20GHz (2200)
RAM -> [ Total : 4091 | Free : 2465 ]
BIOS: Ver 1.00PARTTBL
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium  (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 8.0.7601.17514

SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
FW: Windows FireWall Service [ Enabled ]

C:\ (%systemdrive%) -> Disque fixe # 584 Go (343 Go libre(s) - 59%) [ACER] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> CD-ROM

################## | Processus Actif |

C:\Windows\system32\csrss.exe (520)
C:\Windows\system32\wininit.exe (580)
C:\Windows\system32\csrss.exe (592)
C:\Windows\system32\services.exe (640)
C:\Windows\system32\lsass.exe (648)
C:\Windows\system32\lsm.exe (660)
C:\Windows\system32\svchost.exe (776)
C:\Windows\system32
vvsvc.exe (852)
C:\Windows\system32\svchost.exe (892)
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (952)
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe (976)
C:\Windows\system32\winlogon.exe (996)
C:\Windows\System32\svchost.exe (1044)
C:\Windows\System32\svchost.exe (1088)
C:\Windows\system32\svchost.exe (1128)
C:\Windows\system32\svchost.exe (1336)
C:\Windows\system32
vvsvc.exe (1444)
C:\Windows\system32\svchost.exe (1524)
C:\Windows\System32\spoolsv.exe (1636)
C:\Windows\system32\svchost.exe (1664)
C:\Program Files\LSI SoftModem\agr64svc.exe (1760)
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (1808)
C:\Windows\system32\svchost.exe (1840)
C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (2008)
C:\Windows\system32	askhost.exe (1796)
C:\Windows\system32\Dwm.exe (1408)
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (1124)
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (2168)
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe (2360)
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (2424)
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2552)
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe (2608)
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (2752)
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (2816)
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (2840)
C:\Windows\system32\svchost.exe (2944)
C:\Program Files\Acer\Acer Updater\UpdaterService.exe (3004)
C:\Windows\System32\svchost.exe (3028)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (3052)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (2148)
C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (3148)
C:\Windows\system32\svchost.exe (3364)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (3432)
C:\Windows\system32\SearchIndexer.exe (4016)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (3540)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (2304)
C:\Windows\PLFSetI.exe (2604)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3620)
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (3800)
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (4076)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4024)
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (2480)
C:\Program Files\Windows Sidebar\sidebar.exe (876)
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (2432)
C:\Program Files (x86)\Launch Manager\LManager.exe (1200)
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (3776)
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (3532)
C:\Windows\system32\wbem\unsecapp.exe (4392)
C:\Windows\system32\wbem\wmiprvse.exe (4472)
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (4624)
C:\Program Files (x86)\iolo\System Mechanic Professional\SysMech.exe (5344)
C:\Windows\servicing\TrustedInstaller.exe (5820)
C:\Windows\explorer.exe (1540)
C:\Users\Marty\AppData\Local\Google\Chrome\Application\chrome.exe (2388)
C:\Users\Marty\AppData\Local\Google\Chrome\Application\chrome.exe (4980)
C:\Users\Marty\AppData\Local\Google\Chrome\Application\chrome.exe (4656)
C:\Windows\SysWOW64undll32.exe (4664)
C:\Users\Marty\AppData\Local\Google\Chrome\Application\chrome.exe (3740)
C:\Windows\system32\SearchProtocolHost.exe (6792)
C:\Windows\system32\SearchFilterHost.exe (6824)
C:\UsbFix\UsbFix.exe (6972)
C:\Windows\system32\wbem\wmiprvse.exe (7032)

################## | Éléments infectieux |


################## | Registre |


################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{286f90ed-809c-11e0-be1a-00262d6e0d79}
Shell\AutoRun\Command = E:\CitiesXL2011.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{bf7fb1cc-c3ba-11e0-9947-00262d6e0d79}
Shell\AutoRun\Command = F:\setup.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{bf7fb314-c3ba-11e0-9947-00262d6e0d79}
Shell\AutoRun\Command = G:\Autorun.exe


################## | Listing |

[02/01/2011 - 16:48:36 | SHD ] 	C:\$Recycle.Bin
[03/01/2011 - 01:02:17 | D ] 	C:\AcerSW
[21/09/2011 - 21:10:53 | A | 4494] 	C:\AdwCleaner[S1].txt
[30/05/2011 - 20:11:47 | A | 1235] 	C:\anumanlive.log
[21/09/2011 - 20:01:32 | A | 8736] 	C:\bdlog.txt
[02/01/2011 - 17:10:13 | D ] 	C:\BOOK
[14/07/2009 - 03:38:58 | RASH | 383562] 	C:\bootmgr
[27/07/2009 - 22:40:53 | RASH | 8192] 	C:\BOOTSECT.BAK
[22/09/2011 - 17:44:55 | N | 3416] 	C:\bootsqm.dat
[14/07/2009 - 07:08:56 | SHD ] 	C:\Documents and Settings
[06/08/2011 - 13:44:32 | D ] 	C:\Downloads
[03/01/2011 - 01:25:58 | DC ] 	C:\elements
[07/11/2007 - 09:00:40 | A | 17734] 	C:\eula.1028.txt
[07/11/2007 - 09:00:40 | A | 17734] 	C:\eula.1031.txt
[07/11/2007 - 09:00:40 | A | 10134] 	C:\eula.1033.txt
[07/11/2007 - 09:00:40 | A | 17734] 	C:\eula.1036.txt
[07/11/2007 - 09:00:40 | A | 17734] 	C:\eula.1040.txt
[07/11/2007 - 09:00:40 | A | 118] 	C:\eula.1041.txt
[07/11/2007 - 09:00:40 | A | 17734] 	C:\eula.1042.txt
[07/11/2007 - 09:00:40 | A | 17734] 	C:\eula.2052.txt
[07/11/2007 - 09:00:40 | A | 17734] 	C:\eula.3082.txt
[07/11/2007 - 09:00:40 | A | 1110] 	C:\globdata.ini
[22/09/2011 - 20:29:14 | ASH | 3217231872] 	C:\hiberfil.sys
[07/11/2007 - 09:03:18 | A | 562688] 	C:\install.exe
[07/11/2007 - 09:00:40 | A | 843] 	C:\install.ini
[07/11/2007 - 09:03:18 | A | 76304] 	C:\install.res.1028.dll
[07/11/2007 - 09:03:18 | A | 96272] 	C:\install.res.1031.dll
[07/11/2007 - 09:03:18 | A | 91152] 	C:\install.res.1033.dll
[07/11/2007 - 09:03:18 | A | 97296] 	C:\install.res.1036.dll
[07/11/2007 - 09:03:18 | A | 95248] 	C:\install.res.1040.dll
[07/11/2007 - 09:03:18 | A | 81424] 	C:\install.res.1041.dll
[07/11/2007 - 09:03:18 | A | 79888] 	C:\install.res.1042.dll
[07/11/2007 - 09:03:18 | A | 75792] 	C:\install.res.2052.dll
[07/11/2007 - 09:03:18 | A | 96272] 	C:\install.res.3082.dll
[29/10/2009 - 07:44:31 | D ] 	C:\Intel
[29/10/2009 - 07:45:07 | RHD ] 	C:\MSOCache
[02/01/2011 - 17:08:59 | HD ] 	C:\oem
[22/09/2011 - 20:29:16 | ASH | 4289646592] 	C:\pagefile.sys
[09/05/2011 - 22:35:28 | D ] 	C:\Patch
[04/11/2009 - 08:46:13 | RASH | 4924] 	C:\Patch.rev
[14/07/2009 - 05:20:08 | D ] 	C:\PerfLogs
[22/09/2011 - 18:38:18 | A | 512] 	C:\PhysicalDisk0_MBR.bin
[02/01/2011 - 16:48:26 | RASH | 210] 	C:\Preload.rev
[05/08/2011 - 21:02:29 | RD ] 	C:\Program Files
[22/09/2011 - 20:25:16 | D ] 	C:\Program Files (x86)
[22/09/2011 - 21:20:10 | HD ] 	C:\ProgramData
[02/01/2011 - 16:48:13 | SHD ] 	C:\Recovery
[02/01/2011 - 16:53:56 | A | 1989] 	C:\RHDSetup.log
[11/05/2011 - 13:44:40 | D ] 	C:\subsonic
[22/09/2011 - 06:30:47 | SHD ] 	C:\System Volume Information
[16/08/2011 - 14:20:06 | A | 461] 	C:\Sys_LogWin.log
[22/09/2011 - 21:39:19 | D ] 	C:\UsbFix
[22/09/2011 - 21:23:15 | A | 8326] 	C:\UsbFix.txt
[02/01/2011 - 16:48:20 | RD ] 	C:\Users
[07/11/2007 - 09:00:40 | A | 5686] 	C:\vcredist.bmp
[07/11/2007 - 09:09:22 | A | 1442522] 	C:\VC_RED.cab
[07/11/2007 - 09:12:28 | A | 232960] 	C:\VC_RED.MSI
[22/09/2011 - 16:43:19 | AD ] 	C:\Windows
[22/09/2011 - 21:20:51 | D ] 	C:\ZHP
[22/09/2011 - 20:25:11 | D ] 	C:\_OTM

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |

Fish66 · Answer

Bonjour,

1/
Il y'a infection de disques amovible  :-)

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir  

- Double clique sur le raccourci UsbFix sur ton Bureau (clique droit avec la souris  

:exécuter en tant qu'administrateur pour vista/seven), l'installation se fera  

automatiquement  

-Clique sur "Suppression"  

- Laisse travailler l'outil  

- A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse (il est aussi  

sauvegardé a la racine du disque dur)

2/
Lance ZHPDiag et  prépare stp un nouveau rapport ZHPDiag

@+

Snafu53 · Answer

############################## | UsbFix 7.059 | [Suppression]

Utilisateur: Marty (Administrateur) # MARTY-PC
Mis à jour le 22/09/2011 par El Desaparecido
Lancé à 20:39:48 | 23/09/2011

Site Web: https://www.sosvirus.net/
Fichier suspect ? : http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

PC: Acer            (Aspire 7736                    ) (x64-based PC) # Notebook
CPU: Pentium(R) Dual-Core CPU       T4400  @ 2.20GHz (2200)
RAM -> [ Total : 4091 | Free : 2646 ]
BIOS: Ver 1.00PARTTBL
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium  (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 8.0.7601.17514

SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
FW: Windows FireWall Service [ Enabled ]

C:\ (%systemdrive%) -> Disque fixe # 584 Go (342 Go libre(s) - 59%) [ACER] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> CD-ROM

################## | Éléments infectieux |

Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2890876801-487583189-1434651582-1000

(!) Fichiers temporaires supprimés.

################## | Registre |


################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{286f90ed-809c-11e0-be1a-00262d6e0d79}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{bf7fb1cc-c3ba-11e0-9947-00262d6e0d79}

################## | Listing |

[23/09/2011 - 20:43:03 | SHD ] 	C:\$Recycle.Bin
[03/01/2011 - 01:02:17 | D ] 	C:\AcerSW
[21/09/2011 - 21:10:53 | N | 4494] 	C:\AdwCleaner[S1].txt
[30/05/2011 - 20:11:47 | N | 1235] 	C:\anumanlive.log
[21/09/2011 - 20:01:32 | N | 8736] 	C:\bdlog.txt
[02/01/2011 - 17:10:13 | D ] 	C:\BOOK
[14/07/2009 - 03:38:58 | RASH | 383562] 	C:\bootmgr
[27/07/2009 - 22:40:53 | N | 8192] 	C:\BOOTSECT.BAK
[22/09/2011 - 17:44:55 | N | 3416] 	C:\bootsqm.dat
[14/07/2009 - 07:08:56 | SHD ] 	C:\Documents and Settings
[06/08/2011 - 13:44:32 | D ] 	C:\Downloads
[03/01/2011 - 01:25:58 | DC ] 	C:\elements
[07/11/2007 - 09:00:40 | N | 17734] 	C:\eula.1028.txt
[07/11/2007 - 09:00:40 | N | 17734] 	C:\eula.1031.txt
[07/11/2007 - 09:00:40 | N | 10134] 	C:\eula.1033.txt
[07/11/2007 - 09:00:40 | N | 17734] 	C:\eula.1036.txt
[07/11/2007 - 09:00:40 | N | 17734] 	C:\eula.1040.txt
[07/11/2007 - 09:00:40 | N | 118] 	C:\eula.1041.txt
[07/11/2007 - 09:00:40 | N | 17734] 	C:\eula.1042.txt
[07/11/2007 - 09:00:40 | N | 17734] 	C:\eula.2052.txt
[07/11/2007 - 09:00:40 | N | 17734] 	C:\eula.3082.txt
[07/11/2007 - 09:00:40 | N | 1110] 	C:\globdata.ini
[23/09/2011 - 19:51:10 | ASH | 3217231872] 	C:\hiberfil.sys
[07/11/2007 - 09:03:18 | N | 562688] 	C:\install.exe
[07/11/2007 - 09:00:40 | N | 843] 	C:\install.ini
[07/11/2007 - 09:03:18 | N | 76304] 	C:\install.res.1028.dll
[07/11/2007 - 09:03:18 | N | 96272] 	C:\install.res.1031.dll
[07/11/2007 - 09:03:18 | N | 91152] 	C:\install.res.1033.dll
[07/11/2007 - 09:03:18 | N | 97296] 	C:\install.res.1036.dll
[07/11/2007 - 09:03:18 | N | 95248] 	C:\install.res.1040.dll
[07/11/2007 - 09:03:18 | N | 81424] 	C:\install.res.1041.dll
[07/11/2007 - 09:03:18 | N | 79888] 	C:\install.res.1042.dll
[07/11/2007 - 09:03:18 | N | 75792] 	C:\install.res.2052.dll
[07/11/2007 - 09:03:18 | N | 96272] 	C:\install.res.3082.dll
[29/10/2009 - 07:44:31 | D ] 	C:\Intel
[29/10/2009 - 07:45:07 | RHD ] 	C:\MSOCache
[02/01/2011 - 17:08:59 | D ] 	C:\oem
[23/09/2011 - 19:51:13 | ASH | 4289646592] 	C:\pagefile.sys
[09/05/2011 - 22:35:28 | D ] 	C:\Patch
[04/11/2009 - 08:46:13 | N | 4924] 	C:\Patch.rev
[14/07/2009 - 05:20:08 | D ] 	C:\PerfLogs
[22/09/2011 - 18:38:18 | N | 512] 	C:\PhysicalDisk0_MBR.bin
[02/01/2011 - 16:48:26 | N | 210] 	C:\Preload.rev
[05/08/2011 - 21:02:29 | D ] 	C:\Program Files
[22/09/2011 - 20:25:16 | D ] 	C:\Program Files (x86)
[22/09/2011 - 21:20:10 | HD ] 	C:\ProgramData
[02/01/2011 - 16:48:13 | SHD ] 	C:\Recovery
[02/01/2011 - 16:53:56 | N | 1989] 	C:\RHDSetup.log
[11/05/2011 - 13:44:40 | D ] 	C:\subsonic
[22/09/2011 - 06:30:47 | SHD ] 	C:\System Volume Information
[16/08/2011 - 14:20:06 | N | 461] 	C:\Sys_LogWin.log
[23/09/2011 - 20:43:33 | D ] 	C:\UsbFix
[23/09/2011 - 20:40:04 | A | 4143] 	C:\UsbFix.txt
[02/01/2011 - 16:48:20 | D ] 	C:\Users
[07/11/2007 - 09:00:40 | N | 5686] 	C:\vcredist.bmp
[07/11/2007 - 09:09:22 | N | 1442522] 	C:\VC_RED.cab
[07/11/2007 - 09:12:28 | N | 232960] 	C:\VC_RED.MSI
[22/09/2011 - 16:43:19 | D ] 	C:\Windows
[22/09/2011 - 21:20:51 | D ] 	C:\ZHP
[22/09/2011 - 20:25:11 | D ] 	C:\_OTM

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_MARTY-PC.zip
http://eldesaparecido.com/support.php
Merci de votre contribution.

################## | E.O.F |

Fish66 · Answer

Bonjour,

Il reste le rapport ZHPDiag  :-)

@+

Snafu53 · Answer

http://www.cijoint.fr/cjlink.php?file=cj201109/cij8hOhz7a.txt

Fish66 · Answer

Re,

Copie tout le texte présent ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C ) 



[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified     
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.searchqu.com
O20 - AppInit_DLLs: . (...) - C:\PROGRA~2\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll (.not file.)    => Infection BT (Adware.Bandoo)
O87 - FAEL: "TCP Query User{E995956A-79CD-44B8-836E-7A1BAA3D0D99}C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)    => Infection PUP (PUP.CacaoWeb)
O87 - FAEL: "UDP Query User{665F2C85-6E3D-41D2-985A-071F8127848D}C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)    => Infection PUP (PUP.CacaoWeb)
O87 - FAEL: "{87E779DF-C46A-4D9A-B107-801CABBD7CBE}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\dtUser.exe (.not file.)    => Infection BT (Adware.Bandoo)
O87 - FAEL: "{B18CAD62-7633-403B-9782-DF38D9AD8CA4}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\dtUser.exe (.not file.)    => Infection BT (Adware.Bandoo)
O87 - FAEL: "TCP Query User{16107278-94DC-47B3-84C2-158D287D6F62}C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)    => Infection PUP (PUP.CacaoWeb)
O87 - FAEL: "UDP Query User{9B275B38-5F74-4686-A2E6-D3279A1A9699}C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\marty\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)    => Infection PUP (PUP.CacaoWeb)
O87 - FAEL: "{15080F31-560B-42ED-AFD3-B5E39B29EA63}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)    => Infection BT (Adware.Bandoo)
O87 - FAEL: "{D7E1758C-046C-4144-9FB6-6A02CFE774D2}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)    => Infection BT (Adware.Bandoo)
O23 - Service:  (bdfsfltr) - Clé orpheline
O23 - Service:  (BDVEDISK) - Clé orpheline
O23 - Service:  (LIVESRV) - Clé orpheline
O43 - CFD: 22/09/2011 - 18:39:58 - [0] ----D- C:\Users\Marty\AppData\Local\{0388B99E-9ABE-4388-BC85-57C5B44AB436}
O43 - CFD: 22/09/2011 - 18:39:30 - [0] ----D- C:\Users\Marty\AppData\Local\{327BDDBE-94E9-4E7E-9B89-279BBF133DB8}
O87 - FAEL: "{D1A777DF-87C2-4E18-99DA-A90EB13B85A2}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Gaijin\Wings of Prey\launcher.exe (.not file.)
O87 - FAEL: "{856133A9-1F47-4B41-A914-EE860BDFA5B7}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Gaijin\Wings of Prey\launcher.exe (.not file.)
O87 - FAEL: "{7185061D-81AC-44A9-8BF5-B34A9636D33A}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Gaijin\Wings of Prey\aces.exe (.not file.)
O87 - FAEL: "{216F5C9D-D2B9-4602-8B37-504206F3B20B}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Gaijin\Wings of Prey\aces.exe (.not file.)
O87 - FAEL: "{31C3ADF8-A1A8-4B0B-B3F9-07F0F8172999}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Gaijin\Wings of Prey\yuPlay\yuPlay.exe (.not file.)
O87 - FAEL: "{949A756C-6790-40F1-ACA5-D337C1AB15C8}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Gaijin\Wings of Prey\yuPlay\yuPlay.exe (.not file.)
O87 - FAEL: "{1B8BBEC5-BDDB-4094-B184-A086E322EBA7}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe (.not file.)
O87 - FAEL: "{F29050D7-CD22-4CD7-AAC4-A503B0570B30}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe (.not file.)
O87 - FAEL: "{5FC27FA5-F752-4D08-BBFA-1C82E80D1609}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Marty\Downloads\Mp3ConverterSetup.exe (.not file.)
O87 - FAEL: "{943A7C89-7359-4973-8FD0-5B4D4AE5FCC7}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Marty\Downloads\Mp3ConverterSetup.exe (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (...) (No version) -- (.not file.)    => Toolbar.Conduit
O3 - Toolbar: DAEMON Tools Toolbar [64Bits] - {32099AAC-C132-4136-9E9A-4E364A424E17} . (...) -- C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll    => Toolbar.DAEMON Tools
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\SweetIM]    => Toolbar.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}]    => Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}]    => Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17}    => Toolbar.DaemonTools
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17}    => Toolbar.DaemonTools

FirewallRAZ
EmptyTemp
EmptyFlash



Puis Lance ZHPFix depuis le raccourci du bureau . 

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) . 

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent . 

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre. 

Clique sur le bouton  GO

Copie/Colle le rapport à l'écran dans ton prochain message.

Snafu53 · Answer

Rapport de ZHPFix 1.12.3361 par Nicolas Coolman, Update du 06/09/2011
Fichier d'export Registre : 
Run by Marty at 24/09/2011 13:18:10
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
ABSENT Key: Service: bdfsfltr
ABSENT Key: Service: BDVEDISK
ABSENT Key: Service: LIVESRV
SUPPRIME Key: HKCU\Software\DataMngr_Toolbar
SUPPRIME Key: HKCU\Software\SweetIM
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}

========== Valeur(s) du Registre ==========
SUPPRIME TCP Query User{E995956A-79CD-44B8-836E-7A1BAA3D0D99}C:/users/marty/appdata/roaming/cacaoweb/cacaoweb.exe
SUPPRIME UDP Query User{665F2C85-6E3D-41D2-985A-071F8127848D}C:/users/marty/appdata/roaming/cacaoweb/cacaoweb.exe
SUPPRIME {87E779DF-C46A-4D9A-B107-801CABBD7CBE}
SUPPRIME {B18CAD62-7633-403B-9782-DF38D9AD8CA4}
SUPPRIME TCP Query User{16107278-94DC-47B3-84C2-158D287D6F62}C:/users/marty/appdata/roaming/cacaoweb/cacaoweb.exe
SUPPRIME UDP Query User{9B275B38-5F74-4686-A2E6-D3279A1A9699}C:/users/marty/appdata/roaming/cacaoweb/cacaoweb.exe
SUPPRIME {15080F31-560B-42ED-AFD3-B5E39B29EA63}
SUPPRIME {D7E1758C-046C-4144-9FB6-6A02CFE774D2}
SUPPRIME {D1A777DF-87C2-4E18-99DA-A90EB13B85A2}
SUPPRIME {856133A9-1F47-4B41-A914-EE860BDFA5B7}
SUPPRIME {7185061D-81AC-44A9-8BF5-B34A9636D33A}
SUPPRIME {216F5C9D-D2B9-4602-8B37-504206F3B20B}
SUPPRIME {31C3ADF8-A1A8-4B0B-B3F9-07F0F8172999}
SUPPRIME {949A756C-6790-40F1-ACA5-D337C1AB15C8}
SUPPRIME {1B8BBEC5-BDDB-4094-B184-A086E322EBA7}
SUPPRIME {F29050D7-CD22-4CD7-AAC4-A503B0570B30}
SUPPRIME {5FC27FA5-F752-4D08-BBFA-1C82E80D1609}
SUPPRIME {943A7C89-7359-4973-8FD0-5B4D4AE5FCC7}
SUPPRIME URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc}
SUPPRIME Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17}
SUPPRIME [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17}
ABSENT [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17}
ABSENT Valeur Standard Profile: FirewallRaz : 
ABSENT Valeur Domain Profile: FirewallRaz : 
SUPPRIME FirewallRaz (Domain) : NetPres-In-TCP-NoScope
SUPPRIME FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
SUPPRIME FirewallRaz (None) : NetPres-WSD-In-UDP
SUPPRIME FirewallRaz (None) : NetPres-WSD-Out-UDP
SUPPRIME FirewallRaz (Public) : NetPres-In-TCP
SUPPRIME FirewallRaz (Public) : NetPres-Out-TCP
SUPPRIME FirewallRaz (Private) : {D0AB8084-2987-419D-81D0-864CAE316AC5}
SUPPRIME FirewallRaz (Private) : {168109FB-19EA-4272-94FA-D85EAE2BE54D}
SUPPRIME FirewallRaz (None) : {7C07B34D-AAAA-4E1A-AA70-E8C62933B549}
SUPPRIME FirewallRaz (Private) : {6EB2685D-A17C-452A-B88B-CA6CB311B0FF}
SUPPRIME FirewallRaz (Private) : {623371A5-FDF9-48F0-B3EE-C7E134BB3E38}
SUPPRIME FirewallRaz (Private) : {54478F11-AEA9-4DB3-B5B3-B7A58A06143C}
SUPPRIME FirewallRaz (Private) : {9CDF0ABA-4331-4FD2-AC4A-6A06D4B911B1}
SUPPRIME FirewallRaz (Private) : {16463E8E-E4D8-4293-BDBA-99AE54217636}
SUPPRIME FirewallRaz (Private) : {6707D564-BB26-45A1-A900-E34A598B97ED}
SUPPRIME FirewallRaz (Private) : {1681EC5B-3ACC-430C-890C-A19AC9068FC4}
SUPPRIME FirewallRaz (Private) : {15B65B14-1FE2-44F4-92B0-70DB06CFB7E7}
SUPPRIME FirewallRaz (Private) : {7DAAF34C-52FF-4011-8BCD-3F6496331721}
SUPPRIME FirewallRaz (Private) : {30BD7875-361A-499D-A939-47D36C0975A1}
SUPPRIME FirewallRaz (Private) : {B8ABC0F0-4DB6-446F-B051-081343A67626}
SUPPRIME FirewallRaz (Private) : {5B47E6A6-1B5E-4E2F-A78B-FE775A511997}
SUPPRIME FirewallRaz (Domain) : {DFF30EFC-4CE1-4AC5-B2EE-BD69BFD03CA5}
SUPPRIME FirewallRaz (Private) : TCP Query User{37F19EA5-BA87-45FC-954C-D789FAA5C22A}C:\program files (x86)\paradox interactive\hearts of iron iii gold\hoi3game.exe
SUPPRIME FirewallRaz (Private) : UDP Query User{13F51E14-EDEA-4AA0-B1AF-8220FA010AAE}C:\program files (x86)\paradox interactive\hearts of iron iii gold\hoi3game.exe
SUPPRIME FirewallRaz (Private) : {C3D0EBAA-DD7B-4E64-A3A9-3250A341FCE7}
SUPPRIME FirewallRaz (Private) : {74D99561-3BB0-449C-BFE7-D40756D31E8F}
SUPPRIME FirewallRaz (Private) : {AC737D7E-60F2-43A4-B86D-C354C79762CC}
SUPPRIME FirewallRaz (Private) : {E9F9D13E-8550-4646-A6F2-754B48DF8E59}
SUPPRIME FirewallRaz (Private) : {CC9ACD57-E81D-4126-8056-C81CAD6D5BFE}
SUPPRIME FirewallRaz (Private) : {E38E80FE-9C47-4E37-A7BF-9A2F939025E3}
SUPPRIME FirewallRaz (Private) : TCP Query User{4F4CBBBD-F526-451D-AC27-AD04BE8E42A8}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
SUPPRIME FirewallRaz (Private) : UDP Query User{21246DE6-AC4F-4A08-96DA-7269772F1F28}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
SUPPRIME FirewallRaz (Public) : TCP Query User{05DCCD26-3CC2-4A50-8592-9C3B58F89A9E}C:\program files (x86)\ubisoftelated designs\anno 1404	ools\anno4web.exe
SUPPRIME FirewallRaz (Public) : UDP Query User{BF86A091-A8D2-4C76-87C0-21B49809592C}C:\program files (x86)\ubisoftelated designs\anno 1404	ools\anno4web.exe

========== Elément(s) de donnée du Registre ==========
REMPLACE Value NoActiveDesktopChanges :   Good (0) - Bad (1)
REMPLACE Value EnableLUA :   Good (1) - Bad (0)
SUPPRIME AppInit: \PROGRA~2\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll

========== Préférences navigateur ==========
PRESENT Chrome File: C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Preferences
SUPPRIME Chrome Site: http://www.searchnu.com/

========== Dossier(s) ==========
SUPPRIME Folder: C:\Users\Marty\AppData\Local\{0388B99E-9ABE-4388-BC85-57C5B44AB436}
SUPPRIME Folder: C:\Users\Marty\AppData\Local\{327BDDBE-94E9-4E7E-9B89-279BBF133DB8}
SUPPRIME Temporaires Windows: : 9
SUPPRIME Flash Cookies: 10

========== Fichier(s) ==========
ABSENT File: \progra~2\windows ilivid toolbar\datamngr\x64\datamngr.dll
ABSENT File: c:\program files (x86)\daemon tools toolbar\dttoolbar64.dll
SUPPRIME Temporaires Windows: : 8
SUPPRIME Flash Cookies: 9


========== Récapitulatif ==========
7 : Clé(s) du Registre
58 : Valeur(s) du Registre
3 : Elément(s) de donnée du Registre
4 : Dossier(s)
4 : Fichier(s)
2 : Préférences navigateur


End of clean in 00mn 05s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 21/09/2011 19:44:11 [572]
C:\ZHP\ZHPFix[R2].txt - 22/09/2011 19:43:29 [12965]
C:\ZHP\ZHPFix[R3].txt - 22/09/2011 20:20:51 [11593]
C:\ZHP\ZHPFix[R4].txt - 24/09/2011 13:18:10 [6571]

Fish66 · Answer

Re, 
1/ 
Relance Malwarebytes et refais stp une analyse complète puis poste le rapport 
2/ 
As tu de souci stp? 


_  _ _ Fish66_ _ _ I''"""""I_ _ membre _ _I''"""""I_ _ contributeur _ _ _  
 ¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤

Snafu53 · Answer

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 7765

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

24/09/2011 18:22:52
mbam-log-2011-09-24 (18-22-52).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|)
Elément(s) analysé(s): 352826
Temps écoulé: 1 heure(s), 17 minute(s), 14 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Fish66 · Answer

Re,

As tu de souci stp avant de finaliser ?

Snafu53 · Answer

non pas du tout

Fish66 · Answer

Re,  

Pour finir :  

Mise à jour Adobe reader   
* Télécharge Adobe reader à partir  :ce lien   
  en décochant la case : installer McAfee Security Scan Plus (facultatif)            
* Désinstalle ta version d'adobe par : ajout/suppression de programme             
* Exécute le fichier téléchargé pour installation  en suivant les instructions.  

 Mise à jour de Java:
* Tu peux vérifier ta Console Java en cliquant sur ce lien :https://www.java.com/fr/download/uninstalltool.jsp              
* Installe la nouvelle version si besoin (dans ce cas désinstalle avant l'ancienne version).               

voici pour desinstaller JavaRa:  
* Télécharge ce fichier à partir ce lien : http://raproducts.org/click/click.php?id=1              
* Décompresse JavaRa sur le Bureau (Clic droit > Extraire tout).              
* Double-clique (clic droit "en tant qu'administrateur" pour Vista) sur le répertoire JavaRa.              
* Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).              
* Choisis Français puis clique sur Select.              
* Clique sur Recherche de mises à jour.              
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.              
* Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.              
* L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.              
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis               
une deuxième fois sur OK.              
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.              
* Ferme l'application.              

Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.             

===========================================              

 Updatechecker :
Téléchage updatechecker pour t'indiquer les logiciels qui ne sont pas à jour et te permet aussi d'effectuer ces mises à jour                
===========================================   
PurRa (éditeur de JavaRa) :     
Telecharge ici : PureRa (par l'editeur de JavaRa)    

Lance-le (clic droit "executer en tant qu'administrateur" pour Vista/7)    

=> Configuration    

clique sur "Clean"    

L'outil va faire son scan puis son nettoyage    

à la fin du rapport tu auras une ligne comme ca :    

Total space cleaned: xxxxxxxx bytes    

transmets juste cette ligne .   

===========================================      
**Nettoyage 

Suppression des outils de désinfections:
* Télécharge  Delfix   sur ton bureau.            
* Lance le, tape suppression puis valide            
* Patiente pendant le scan jusqu'à l'ouverture du rapport.            
* Copie/Colle le contenu du rapport dans ta prochaine réponse.            
Note : Le rapport se trouve également sous C:\DelFix.txt            
* Tu peux le desinstaller            

===========================================           

Nettoyage des fichiers et des clés de registre :
* Télécharge et installe CCleaner version Slim                 
* Lance-le.(clic droit "en tant qu'administrateur" pour Vista et Seven) Va dans Options puis           
* Avancé et décoche la case Effacer uniquement les fichiers etc....           
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.           
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs tant de fois qu il en trouve a l analyse .           
** Aide ici : https://www.malekal.com/tutoriel-ccleaner/           
Tu peux utiliser Ccleaner une fois par semaine          

===========================================      

Purger les points de restauration système:     

* Désactive et réactive la restauration de système en suivant les procédures indiquées dans ces liens :     

Windows XP      

Windows Vista      

Windows 7      

* Après avoir vidé la restauration du système, il est nécessaire de créer un nouveau point de restauration ...     


===========================================      
Conseils :         
1/ Je te conseille d'utiliser le navigateur Firefox et d'installer les modules            
complémentaires WOT pour t'indiquer les fichiers douteux et Adblock plus pour bloquer les publicités...           

2/ Aussi tu peux garder Malwarebytes et l'utiliser aussi une fois par semaine.            

3/ Un peu de lecture :          
* Les dangers du Peer-To-Peer, Emule etc..           
* Comment Sécuriser son ordinateur...          
*Pourquoi et comment je me fais infecter        

4/ Défragmente tes disques dur par defraggler        

J'attend les rapports ..  

@+  


_  _ _ Fish66_ _ _ I''"""""I_ _ membre _ _I''"""""I_ _ contributeur _ _ _   
 ¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤

Snafu53 · Answer

je ne comprend ps comment télécharcher le adobe, le lien est --' incompréhensible pour moi ><

Snafu53 · Answer

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Sep 25 18:32:03 2011

Found and removed: Applications\java.exe

Found and removed: Applications\javaw.exe

Found and removed: JavaPlugin.FamilyVersionSupport

Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

Found and removed: JavaScript

Found and removed: JavaScript Author

Found and removed: JavaScript1.1

Found and removed: JavaScript1.1 Author

Found and removed: JavaScript1.2

Found and removed: JavaScript1.2 Author

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\JavaPlugin

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.2

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.3

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.2

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.5

------------------------------------

Finished reporting.

Snafu53 · Answer

Total space cleaned: 1886669927 bytes

Snafu53 · Answer

je peut pas télécharger delfix, bitdefender me dit que c'tes un virus

Snafu53 · Answer

# DelFix v8.1 - Rapport créé le 25/09/2011 à 18:48
# Mis à jour le 20/06/11 à 19h par Xplode
# Système d'exploitation : Windows 7 Home Premium (64 bits) [version 6.1.7601] 
# Nom d'utilisateur : Marty - MARTY-PC (Administrateur)
# Exécuté depuis : C:\Users\Marty\Downloads\DelFix-8.1.exe
# Option [Suppression]


~~~~~~ Dossier(s) ~~~~~~

Supprimé : C:\_OTM
Supprimé : C:\USBFix
Supprimé : C:\Program Files (x86)\Ad-Remover
Supprimé : C:\Program Files (x86)\ZHPDiag
Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

~~~~~~ Fichier(s) ~~~~~~

Supprimé : C:\JavaRa.log
Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\UsbFix.txt
Supprimé : C:\UsbFix_Upload_Me_MARTY-PC.zip
Supprimé : C:\Users\Marty\Downloads\AD-R.exe
Supprimé : C:\Users\Marty\Downloads\ComboFix.exe
Supprimé : C:\Users\Marty\Downloads\JavaRa.zip
Supprimé : C:\Users\Marty\Downloads\OTL.exe
Supprimé : C:\Users\Marty\Downloads\OTM.exe
Supprimé : C:\Users\Marty\Downloads\UsbFix.exe
Supprimé : C:\Users\Marty\Downloads\ZHPDiag2.exe

~~~~~~ Registre ~~~~~~

Clé Supprimée : HKCU\SOFTWARE\Ad-Remover
Clé Supprimée : HKCU\SOFTWARE\USBFix
Clé Supprimée : HKLM\Software\OldTimer Tools
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

~~~~~~ Autre ~~~~~~

-> Prefetch vidé

########## EOF - "C:\DelFixSuppr.txt" - [1522 octets] ##########

Fish66 · Answer

Re,

Bon surf et si tu n'as pas de souci pense à mettre ton sujet comme résolu

@+

Snafu53 · Answer

merci beaucoup pour ton aide :) sa m'a vraiment aidé

Fish66 · Answer

Re,

De rien  :-)

Bon surf...

Je n'arrive pas supprimer le virus Form 1

41 réponses

Discussions similaires

Newsletters