Sujet Précédent Sujet Suivant

Media Finder : Comment le désinstaller ?

LaGringadélamancha Messages postés 10 Statut Membre -  
Fish66 Messages postés 18337 Statut Contributeur sécurité -
Bonjour,

J'aimerai désinstaller Media Finder... J'ai donc téléchargé ZHPDiag ainsi que AdwCleaner.
Quelles sont les démarchent à suivre maintenant que j'ai lancé la recherche et me retrouve avc les rapports ...

Merci d'avance pour votre aide ! ;)
A voir également:

12 réponses

Réponse 1 / 12
michoumichel
 
Bondour,

Demarre le pc avec le cd de windows et reformate la partition comportant windows et tout ira bien.

De rien pour l'aide
2
Réponse 2 / 12
LaGringadélamancha Messages postés 10 Statut Membre 1
 
Est ce nécessaire de télécharger Revo-uninstaller ? Car j'ai l'impression que Media Finder à été désinstallé ... Mais c'est toi l'expert ... je le fait quand même ? ;) Merci ! bye
1
Réponse 3 / 12
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Salut,

Tu peux poster les rapports :ADWCleaner et ZHPDiag.

Surtout à ne pas formater ton PC!

@+
0
Réponse 4 / 12
LaGringadélamancha Messages postés 10 Statut Membre 1
 
Ah SUPER MERCI FISH !! ;) Moi qui me voyais déjà formater mon pc :(

Voici les rapports :

Rapport de ZHPDiag v1.31.095 par Nicolas Coolman, Update du 24/05/2012
Run by pachard bell at 31/05/2012 13:13:18
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.

---\\ Web Browser
MSIE: Internet Explorer v

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4024 MB (51% free)
System Restore: Inconnu (Unknown)
System drive C: has 385 GB (84%) free of 454 GB

---\\ Logged in mode
~ Computer Name: PACHARDBELL-PC
~ User Name: pachard bell
~ All Users Names: pachard bell, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\pachard bell\AppData\Roaming\
~ %Desktop% : C:\Users\pachard bell\Desktop\
~ %Favorites% : C:\Users\pachard bell\Favorites\
~ %LocalAppData% : C:\Users\pachard bell\AppData\Local\
~ %StartMenu% : C:\Users\pachard bell\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 385 Go of 454 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Security Center & Tools Informations
~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.228443FF3A1FB0B974D278F7C6403FAD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.28/02/2012 - 07:49:56.) -- C:\Windows\System32\wininet.dll [1390080]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.28/10/2009 - 07:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.4/05/2011 - 03:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.378E0E0DFEA67D98AE6EA53ADBBD76BC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:23:06.) -- C:\Windows\system32\Drivers\ntfs.sys [1657216]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/07/2009 - 02:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/86
~ Mes musiques (My Musics) : 9/895
~ Mes Videos (My Videos) : 1/13
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 2/32
~ Mon Bureau (My Desktop) : 1/103
~ Menu demarrer (Programs) : 1/33
~ Scan Hidden Files in 00mn 02s

---\\ Processus lancés
[MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.1752]
[MD5.619E9D253BF7D347B753D4D58F256E02] - (.Media Finder - Pas de description.) -- C:\Program Files (x86)\Media Finder\MF.exe [8587776] [PID.2588]
[MD5.E0DD774689998F43167C4799F9B69FC3] - (...) -- C:\Users\pachard bell\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [932528] [PID.2612]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [255536] [PID.2640]
[MD5.5AEA1DB5490429EEB0989A0CE2A52D5E] - (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [262912] [PID.2712]
[MD5.4858BE9D0A7ABFA8E6A692D81EFC01B3] - (.Chicony - traybar.) -- C:\Program Files (x86)\Video Web Camera\traybar.exe [600688] [PID.2836]
[MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432] [PID.2024]
[MD5.444EB38A256BE60F2013488C49D2AB3F] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736] [PID.4136]
[MD5.7CFD590987D2BB33D5D56D98093D2E76] - (.Adobe Systems Incorporated - Adobe Updater.) -- C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe [2521464] [PID.3048]
[MD5.42490FB12B55D9841B2C51365E7A4303] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1240088] [PID.2560]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.5216]
[MD5.CC926B0811C3FA2363C98711410FEF24] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [4540928] [PID.5364]
~ Scan Processes Running in 00mn 01s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\pachard bell\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://en.softonic.com
G0 - GCSP: Preference [User Data\Default] https://en.softonic.com
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\pachard bell\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Skype Limited - Facebook Video Calling Plugin.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {3248f342-70c6-418d-a300-b8e925e95556} . (.Skype Limited - Facebook Video Calling Plugin.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s

---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 0

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo desktop\1.6.48.1082\Badoo.desktop.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\pachard bell\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Media Finder] . (.Media Finder - Pas de description.) -- C:\Program Files (x86)\Media Finder\MF.exe
O4 - HKCU\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\pachard bell\AppData\Roaming\Spotify\Spotify.exe
O4 - HKCU\..\Run: [Spotify Web Helper] . (...) -- C:\Users\pachard bell\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\pachard bell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\pachard bell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\pachard bell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk . (.Spotify Ltd.) -- C:\Users\pachard bell\AppData\Roaming\Spotify\spotify.exe
O4 - Global Startup: C:\Users\pachard bell\Desktop\Continue FLV Player Installation.lnk . (...) -- C:\Users\pachard bell\AppData\Local\Temp\ICReinstall_FLVPlayerSetup (1).exe
O4 - Global Startup: C:\Users\pachard bell\Desktop\Spotify.lnk . (.Spotify Ltd.) -- C:\Users\pachard bell\AppData\Roaming\Spotify\spotify.exe
O4 - Global Startup: C:\Users\pachard bell\Desktop\Windows Live Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\pachard bell\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\pachard bell\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Scan Global Startup in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Download with &Media Finder . (...) -- C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files (x86)\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3730807242-2045987243-3839747425-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3730807242-2045987243-3839747425-1000UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.FCC7C432FBF465C38FD5D940580EF9B7] [APT] [FacebookUpdateTaskUserS-1-5-21-3730807242-2045987243-3839747425-1000Core] (.Facebook Inc..) -- C:\Users\pachard bell\AppData\Local\Facebook\Update\FacebookUpdate.exe
[MD5.FCC7C432FBF465C38FD5D940580EF9B7] [APT] [FacebookUpdateTaskUserS-1-5-21-3730807242-2045987243-3839747425-1000UA] (.Facebook Inc..) -- C:\Users\pachard bell\AppData\Local\Facebook\Update\FacebookUpdate.exe
[MD5.0EA8C1256AA9F68287CD8F06EB527238] [APT] [{6F3216B4-FEE5-4AAD-BB75-DD00BFF96839}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 05s

---\\ Composants installés (ActiveSetup Installed Components) (O40) (None)

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/05/2011 - 19:57:09 - [1039,289] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 6/01/2012 - 22:30:41 - [2,316] ----D C:\Program Files (x86)\Apple Software Update
O43 - CFD: 16/04/2012 - 01:28:16 - [1,725] ----D C:\Program Files (x86)\BabylonToolbar
O43 - CFD: 6/01/2012 - 22:34:39 - [0,602] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 31/05/2012 - 10:59:36 - [676,111] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 29/06/2011 - 14:00:11 - [0,606] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 18/05/2011 - 19:27:57 - [97,067] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 29/06/2011 - 13:52:45 - [301,595] ----D C:\Program Files (x86)\Google
O43 - CFD: 30/06/2011 - 19:21:05 - [727,881] ----D C:\Program Files (x86)\Gulliland
O43 - CFD: 18/05/2011 - 19:28:52 - [48,505] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2/11/2009 - 22:31:13 - [10,585] ----D C:\Program Files (x86)\Intel
O43 - CFD: 12/04/2012 - 19:30:17 - [5,759] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 6/01/2012 - 22:37:41 - [140,752] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 31/05/2012 - 10:57:30 - [92,461] ----D C:\Program Files (x86)\Java
O43 - CFD: 29/06/2011 - 14:00:09 - [4,672] ----D C:\Program Files (x86)\Jeux-
O43 - CFD: 29/06/2011 - 13:59:53 - [96,126] ----D C:\Program Files (x86)\Jeux.fr
O43 - CFD: 18/05/2011 - 19:25:42 - [5,259] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 3/07/2011 - 08:45:44 - [9,419] ----D C:\Program Files (x86)\McAfee Security Scan
O43 - CFD: 18/05/2012 - 22:30:38 - [13,119] ----D C:\Program Files (x86)\Media Finder
O43 - CFD: 11/04/2012 - 15:06:09 - [28,654] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 19/07/2011 - 16:41:44 - [562,459] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2/11/2009 - 22:38:44 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 15/05/2012 - 06:09:12 - [40,838] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 18/05/2011 - 19:32:19 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 18/05/2011 - 19:35:05 - [0,627] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 20/05/2011 - 15:21:01 - [139,669] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 29/05/2011 - 11:52:28 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14/05/2012 - 14:18:24 - [0] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 21/05/2011 - 00:13:40 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 30/10/2009 - 07:28:15 - [401,151] ----D C:\Program Files (x86)\Nero
O43 - CFD: 2/11/2009 - 22:42:29 - [26,674] ----D C:\Program Files (x86)\NewTech Infosystems
O43 - CFD: 2/11/2009 - 23:23:11 - [163,571] ----D C:\Program Files (x86)\Norton Internet Security
O43 - CFD: 30/10/2009 - 07:20:36 - [30,373] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 18/05/2011 - 20:11:15 - [0,102] ----D C:\Program Files (x86)\OEM
O43 - CFD: 19/05/2012 - 14:02:29 - [285,319] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 31/05/2012 - 10:59:05 - [33,186] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 2/11/2009 - 22:55:23 - [49,596] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 2/11/2009 - 22:51:04 - [800,436] ----D C:\Program Files (x86)\Packard Bell GameZone
O43 - CFD: 6/01/2012 - 22:33:29 - [72,431] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 30/10/2009 - 07:18:49 - [8,033] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [36,809] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2/06/2011 - 18:07:26 - [26,766] R---D C:\Program Files (x86)\Skype
O43 - CFD: 2/11/2009 - 22:55:17 - [2,100] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 18/05/2011 - 19:23:58 - [11,545] ----D C:\Program Files (x86)\Video Web Camera
O43 - CFD: 25/01/2012 - 02:16:29 - [80,793] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 17/12/2010 - 17:42:47 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 4/02/2012 - 01:34:47 - [13,291] ----D C:\Program Files (x86)\Windows iLivid Toolbar
O43 - CFD: 1/06/2011 - 21:21:35 - [176,124] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 20/05/2011 - 16:19:39 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 20/05/2011 - 16:19:17 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 17/12/2010 - 17:42:47 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2/11/2009 - 23:23:54 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 17/12/2010 - 17:42:48 - [5,716] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 26/05/2012 - 13:13:06 - [13,541] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 18/05/2011 - 19:58:36 - [64,874] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2/11/2009 - 23:21:20 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 6/01/2012 - 22:37:18 - [98,972] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 18/05/2011 - 19:27:57 - [0,123] ----D C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 2/11/2009 - 22:33:57 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 31/05/2012 - 10:59:36 - [1,181] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 18/05/2011 - 19:58:35 - [0,622] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 9/03/2012 - 04:04:20 - [273,917] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 30/10/2009 - 07:30:44 - [115,936] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 2/11/2009 - 22:43:05 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 18/05/2011 - 19:58:16 - [4,031] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 2/11/2009 - 23:21:41 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2/06/2011 - 18:07:14 - [2,150] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 18/05/2011 - 19:58:16 - [0,324] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 18/05/2011 - 19:38:01 - [0,590] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 9/03/2012 - 04:03:14 - [42,707] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 18/05/2011 - 19:30:00 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 18/05/2011 - 19:58:36 - [392,772] ----D C:\ProgramData\Adobe
O43 - CFD: 29/06/2011 - 14:00:27 - [3,013] ----D C:\ProgramData\AlawarWrapper
O43 - CFD: 6/01/2012 - 22:35:22 - [61,878] ----D C:\ProgramData\Apple
O43 - CFD: 6/01/2012 - 22:37:18 - [68,501] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 22/02/2012 - 00:45:30 - [0,971] ----D C:\ProgramData\Arcade Lab
O43 - CFD: 16/04/2012 - 01:28:03 - [0] ----D C:\ProgramData\Babylon
O43 - CFD: 2/11/2009 - 22:42:41 - [0,048] ----D C:\ProgramData\BackupManager
O43 - CFD: 16/04/2012 - 19:27:40 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 18/05/2011 - 19:19:20 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 25/02/2012 - 00:58:01 - [0,000] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 18/01/2012 - 10:14:23 - [0,028] ----D C:\ProgramData\FarmFrenzy2
O43 - CFD: 29/06/2011 - 14:17:40 - [0,035] ----D C:\ProgramData\FarmFrenzy3
O43 - CFD: 18/05/2011 - 19:19:20 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 3/07/2011 - 21:29:53 - [0,001] ----D C:\ProgramData\FLEXnet
O43 - CFD: 30/10/2009 - 07:31:49 - [0,514] ----D C:\ProgramData\Google
O43 - CFD: 29/06/2011 - 19:12:44 - [0,331] ----D C:\ProgramData\McAfee
O43 - CFD: 29/06/2011 - 19:12:44 - [0,001] ----D C:\ProgramData\McAfee Security Scan
O43 - CFD: 18/05/2011 - 19:19:20 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 11/04/2012 - 15:05:35 - [136,013] -S--D C:\ProgramData\Microsoft
O43 - CFD: 14/05/2012 - 14:40:04 - [0,116] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 18/05/2011 - 19:19:20 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 30/10/2009 - 07:26:57 - [11,104] ----D C:\ProgramData\Nero
O43 - CFD: 18/05/2011 - 19:22:49 - [313,297] ----D C:\ProgramData\Norton
O43 - CFD: 30/10/2009 - 07:20:36 - [6,038] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 18/05/2011 - 19:29:03 - [0,006] ----D C:\ProgramData\OEM
O43 - CFD: 30/10/2009 - 07:39:39 - [0,862] ----D C:\ProgramData\Packard Bell
O43 - CFD: 10/06/2011 - 15:36:37 - [0,002] ----D C:\ProgramData\Partner
O43 - CFD: 29/06/2011 - 13:45:49 - [0] ----D C:\ProgramData\PlayFirst
O43 - CFD: 29/06/2011 - 02:51:16 - [0,178] ----D C:\ProgramData\Sandlot Games
O43 - CFD: 2/06/2011 - 18:07:13 - [22,130] ----D C:\ProgramData\Skype
O43 - CFD: 19/04/2012 - 02:58:55 - [1,793] ----D C:\ProgramData\Skype Extras
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 31/05/2012 - 10:59:37 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 19/05/2011 - 15:59:24 - [0,001] ----D C:\ProgramData\Symantec
O43 - CFD: 22/02/2012 - 01:34:32 - [0,051] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 2/06/2011 - 23:45:51 - [0] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 4/02/2012 - 01:37:33 - [6,036] --H-D C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
O43 - CFD: 18/01/2012 - 10:15:29 - [0] -SH-D C:\Users\pachard bell\AppData\Roaming\.#
O43 - CFD: 2/01/2012 - 09:28:34 - [7,676] ----D C:\Users\pachard bell\AppData\Roaming\Adobe
O43 - CFD: 2/06/2011 - 23:47:44 - [0,218] ----D C:\Users\pachard bell\AppData\Roaming\Apple Computer
O43 - CFD: 16/04/2012 - 01:28:03 - [0,005] ----D C:\Users\pachard bell\AppData\Roaming\Babylon
O43 - CFD: 3/11/2011 - 17:46:39 - [0,002] ----D C:\Users\pachard bell\AppData\Roaming\CyberLink
O43 - CFD: 29/05/2012 - 02:01:04 - [0,000] ----D C:\Users\pachard bell\AppData\Roaming\dvdcss
O43 - CFD: 9/08/2011 - 01:03:05 - [0,017] ----D C:\Users\pachard bell\AppData\Roaming\GameConsole
O43 - CFD: 18/05/2011 - 20:12:30 - [0,013] ----D C:\Users\pachard bell\AppData\Roaming\Google
O43 - CFD: 18/05/2011 - 19:20:15 - [0] ----D C:\Users\pachard bell\AppData\Roaming\Identities
O43 - CFD: 18/05/2011 - 19:26:09 - [0,007] ----D C:\Users\pachard bell\AppData\Roaming\Macromedia
O43 - CFD: 30/10/2009 - 07:59:17 - [0] ----D C:\Users\pachard bell\AppData\Roaming\Media Center Programs
O43 - CFD: 16/04/2012 - 01:30:43 - [0,518] ----D C:\Users\pachard bell\AppData\Roaming\Media Finder
O43 - CFD: 29/05/2012 - 16:23:28 - [20,676] -S--D C:\Users\pachard bell\AppData\Roaming\Microsoft
O43 - CFD: 16/04/2012 - 01:28:57 - [0,025] ----D C:\Users\pachard bell\AppData\Roaming\Mozilla
O43 - CFD: 19/05/2012 - 14:04:17 - [21,393] ----D C:\Users\pachard bell\AppData\Roaming\OpenOffice.org
O43 - CFD: 29/06/2011 - 13:45:49 - [0,001] ----D C:\Users\pachard bell\AppData\Roaming\PlayFirst
O43 - CFD: 19/04/2012 - 22:19:19 - [4,186] ----D C:\Users\pachard bell\AppData\Roaming\Skype
O43 - CFD: 19/04/2012 - 16:03:01 - [0,045] ----D C:\Users\pachard bell\AppData\Roaming\skypePM
O43 - CFD: 29/05/2012 - 11:49:05 - [44,683] ----D C:\Users\pachard bell\AppData\Roaming\Spotify
O43 - CFD: 21/05/2012 - 12:11:48 - [0,013] ----D C:\Users\pachard bell\AppData\Roaming\Template
O43 - CFD: 22/02/2012 - 01:28:19 - [0,003] ----D C:\Users\pachard bell\AppData\Roaming\ViquaSoft
O43 - CFD: 27/02/2012 - 14:41:38 - [0,169] ----D C:\Users\pachard bell\AppData\Roaming\vlc
O43 - CFD: 14/04/2012 - 11:14:18 - [0,000] ----D C:\Users\pachard bell\AppData\Roaming\Windows Live Writer
O43 - CFD: 13/01/2012 - 20:11:36 - [28,420] ----D C:\Users\pachard bell\AppData\Local\Adobe
O43 - CFD: 2/06/2011 - 23:43:46 - [0] ----D C:\Users\pachard bell\AppData\Local\Apple
O43 - CFD: 3/07/2011 - 09:32:33 - [10,654] ----D C:\Users\pachard bell\AppData\Local\Apple Computer
O43 - CFD: 18/05/2011 - 19:19:35 - [0] ----D C:\Users\pachard bell\AppData\Local\Application Data
O43 - CFD: 16/04/2012 - 01:28:04 - [3,521] ----D C:\Users\pachard bell\AppData\Local\Babylon
O43 - CFD: 29/06/2011 - 14:00:08 - [0,063] ----D C:\Users\pachard bell\AppData\Local\Conduit
O43 - CFD: 29/05/2012 - 11:43:45 - [6,798] ----D C:\Users\pachard bell\AppData\Local\Diagnostics
O43 - CFD: 3/11/2011 - 20:24:05 - [7,367] ----D C:\Users\pachard bell\AppData\Local\Facebook
O43 - CFD: 22/03/2012 - 00:17:23 - [918,299] ----D C:\Users\pachard bell\AppData\Local\Google
O43 - CFD: 18/05/2011 - 19:19:35 - [0] ----D C:\Users\pachard bell\AppData\Local\Historique
O43 - CFD: 4/02/2012 - 01:46:39 - [0,014] ----D C:\Users\pachard bell\AppData\Local\Ilivid Player
O43 - CFD: 29/05/2012 - 16:23:29 - [1592,519] ----D C:\Users\pachard bell\AppData\Local\Microsoft
O43 - CFD: 4/12/2011 - 23:40:23 - [0,242] ----D C:\Users\pachard bell\AppData\Local\Microsoft Games
O43 - CFD: 18/05/2011 - 19:34:34 - [0] ----D C:\Users\pachard bell\AppData\Local\Microsoft Help
O43 - CFD: 22/02/2012 - 01:06:47 - [114,251] ----D C:\Users\pachard bell\AppData\Local\Oberon Games
O43 - CFD: 4/02/2012 - 01:33:38 - [0] ----D C:\Users\pachard bell\AppData\Local\PackageAware
O43 - CFD: 18/05/2011 - 19:29:31 - [0,016] ----D C:\Users\pachard bell\AppData\Local\Packard Bell
O43 - CFD: 22/05/2012 - 09:16:39 - [76,177] ----D C:\Users\pachard bell\AppData\Local\Spotify
O43 - CFD: 31/05/2012 - 13:14:02 - [519,107] ----D C:\Users\pachard bell\AppData\Local\Temp
O43 - CFD: 18/05/2011 - 19:19:35 - [0] ----D C:\Users\pachard bell\AppData\Local\Temporary Internet Files
O43 - CFD: 18/08/2011 - 13:08:08 - [3,559] ----D C:\Users\pachard bell\AppData\Local\VirtualStore
O43 - CFD: 28/04/2012 - 04:02:04 - [0,148] ----D C:\Users\pachard bell\AppData\Local\Windows Live
O43 - CFD: 7/04/2012 - 05:32:42 - [0,618] ----D C:\Users\pachard bell\AppData\Local\Windows Live Writer
O43 - CFD: 4/05/2012 - 22:18:56 - [0] ----D C:\Users\pachard bell\AppData\Local\{003FD300-C76F-4DE7-B4CB-C1A519EE7B34}
O43 - CFD: 21/05/2012 - 21:50:18 - [0] ----D C:\Users\pachard bell\AppData\Local\{009B2D72-CF3C-44EF-A9BD-AF08DE475013}
O43 - CFD: 26/05/2012 - 06:06:25 - [0] ----D C:\Users\pachard bell\AppData\Local\{01E38EA3-87D9-4CF2-81FC-3C2F32A79FF0}
O43 - CFD: 19/12/2011 - 17:05:58 - [0] ----D C:\Users\pachard bell\AppData\Local\{0204C20D-7EE8-4E28-A14F-21C61DAE0290}
O43 - CFD: 19/08/2011 - 22:42:04 - [0] ----D C:\Users\pachard bell\AppData\Local\{0272479D-E139-4AA2-9B55-D0BD1887CD37}
O43 - CFD: 23/01/2012 - 16:17:03 - [0] ----D C:\Users\pachard bell\AppData\Local\{0335780C-B53F-420E-B9B4-2B04D7D0E289}
O43 - CFD: 7/08/2011 - 23:41:58 - [0] ----D C:\Users\pachard bell\AppData\Local\{036FD569-5310-4A1F-8B0C-13A8BC4CC4E5}
O43 - CFD: 26/02/2012 - 00:48:21 - [0] ----D C:\Users\pachard bell\AppData\Local\{03803733-110E-4207-95EB-68DDFC396C35}
O43 - CFD: 15/04/2012 - 05:08:50 - [0] ----D C:\Users\pachard bell\AppData\Local\{03A35ED8-DB03-4CF4-9AF7-E9E8AE2DEFFD}
O43 - CFD: 29/01/2012 - 08:12:29 - [0] ----D C:\Users\pachard bell\AppData\Local\{03CEEA5C-0B66-4B46-867B-BB03E26EFEC8}
O43 - CFD: 30/10/2011 - 19:23:17 - [0] ----D C:\Users\pachard bell\AppData\Local\{03E47A9C-7760-4626-9ACE-A63BEB659CC6}
O43 - CFD: 31/01/2012 - 13:09:01 - [0] ----D C:\Users\pachard bell\AppData\Local\{05979EE4-E36C-4C53-9269-363A28ABEAED}
O43 - CFD: 18/05/2012 - 22:47:19 - [0] ----D C:\Users\pachard bell\AppData\Local\{05C02B6A-1EF0-46F5-9258-6938E7EE5371}
O43 - CFD: 20/01/2012 - 13:42:59 - [0] ----D C:\Users\pachard bell\AppData\Local\{0807358F-DACE-4337-AA5D-036F947ACF04}
O43 - CFD: 7/11/2011 - 00:40:48 - [0] ----D C:\Users\pachard bell\AppData\Local\{08749EE4-37F1-434B-AF98-37A1E0CAF03C}
O43 - CFD: 23/09/2011 - 13:48:54 - [0] ----D C:\Users\pachard bell\AppData\Local\{0900C5D6-E39D-49BB-A4BA-EBC6C27BB9B0}
O43 - CFD: 7/08/2011 - 23:41:48 - [0] ----D C:\Users\pachard bell\AppData\Local\{09B89E30-20F5-496A-8A4B-147279BE5276}
O43 - CFD: 7/08/2011 - 17:39:17 - [0] ----D C:\Users\pachard bell\AppData\Local\{0B0A1585-B97C-4DEE-83F3-9D1B9C7BA563}
O43 - CFD: 1/05/2012 - 07:39:49 - [0] ----D C:\Users\pachard bell\AppData\Local\{0B39A8CE-3126-41BE-9E89-C38235E6EC4C}
O43 - CFD: 9/08/2011 - 18:38:20 - [0] ----D C:\Users\pachard bell\AppData\Local\{0B75F64A-E061-4811-8956-33C01BEF57CE}
O43 - CFD: 9/10/2011 - 20:20:52 - [0] ----D C:\Users\pachard bell\AppData\Local\{0C4E0872-7CD3-442E-8CD5-ED62F069EA2E}
O43 - CFD: 17/12/2011 - 23:24:45 - [0] ----D C:\Users\pachard bell\AppData\Local\{0C5D169A-14EF-4535-B4B3-5EB127A6C293}
O43 - CFD: 18/04/2012 - 21:25:19 - [0] ----D C:\Users\pachard bell\AppData\Local\{0C7D1BF8-24D2-4954-9C24-2A023F3E0911}
O43 - CFD: 8/08/2011 - 17:32:11 - [0] ----D C:\Users\pachard bell\AppData\Local\{0CAAD852-5EEE-4DAF-BA77-C6DDEC6F01AC}
O43 - CFD: 16/05/2012 - 12:11:21 - [0] ----D C:\Users\pachard bell\AppData\Local\{0CBFB9F6-CE6C-4440-831B-2D03015CAAEE}
O43 - CFD: 2/12/2011 - 00:44:52 - [0] ----D C:\Users\pachard bell\AppData\Local\{0CDA2CCE-1546-44D6-8A70-FC54784CD638}
O43 - CFD: 8/07/2011 - 20:49:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{0D94B367-F0FC-435B-90B3-E038E13038D3}
O43 - CFD: 14/08/2011 - 00:27:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{0E11540F-D6A4-44BB-BB9A-E2E3C68C4D39}
O43 - CFD: 21/02/2012 - 13:52:18 - [0] ----D C:\Users\pachard bell\AppData\Local\{0E14603D-DBBA-4D97-B213-01F465EDF79E}
O43 - CFD: 1/12/2011 - 11:47:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{0F06456E-D5C1-4006-8620-F6ABFFFA2471}
O43 - CFD: 12/01/2012 - 21:15:58 - [0] ----D C:\Users\pachard bell\AppData\Local\{0FE4F8F1-ECE1-41A0-9871-9F801F3EB7F0}
O43 - CFD: 28/12/2011 - 12:57:17 - [0] ----D C:\Users\pachard bell\AppData\Local\{0FF68DC1-1F76-4CD7-BFCF-CF8BA39DF891}
O43 - CFD: 30/04/2012 - 19:19:28 - [0] ----D C:\Users\pachard bell\AppData\Local\{0FFEE2E2-D0D5-43D7-8888-3B40997B1985}
O43 - CFD: 9/01/2012 - 23:16:13 - [0] ----D C:\Users\pachard bell\AppData\Local\{105BC904-C385-43EF-9BF7-990F310B90A3}
O43 - CFD: 6/12/2011 - 16:56:14 - [0] ----D C:\Users\pachard bell\AppData\Local\{135374AC-0504-4A5D-988E-1E5EB748F217}
O43 - CFD: 12/08/2011 - 01:24:28 - [0] ----D C:\Users\pachard bell\AppData\Local\{143FFD22-CBDB-4727-AA2A-5E2B2D971A6F}
O43 - CFD: 12/08/2011 - 18:56:04 - [0] ----D C:\Users\pachard bell\AppData\Local\{14A54BB3-1BC9-4DAC-8BA8-D441BB7144E6}
O43 - CFD: 16/04/2012 - 17:09:12 - [0] ----D C:\Users\pachard bell\AppData\Local\{14CC9C51-53C1-46A5-81CC-2E861AAF132D}
O43 - CFD: 6/07/2011 - 21:25:36 - [0] ----D C:\Users\pachard bell\AppData\Local\{154AE9AE-4419-4FE1-9131-22DCD45E90B2}
O43 - CFD: 21/04/2012 - 23:01:31 - [0] ----D C:\Users\pachard bell\AppData\Local\{1801C03F-3AF2-4645-95FF-F3669A2285EA}
O43 - CFD: 18/12/2011 - 08:32:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{1BCEDE87-8920-4419-B3B2-534852D59904}
O43 - CFD: 22/12/2011 - 00:45:55 - [0] ----D C:\Users\pachard bell\AppData\Local\{1C00C8D0-F70F-4A69-BE95-64FF28944A2C}
O43 - CFD: 23/08/2011 - 18:16:00 - [0] ----D C:\Users\pachard bell\AppData\Local\{1C316490-CEEE-4B2F-9A86-EAE616860C0C}
O43 - CFD: 30/10/2011 - 21:37:09 - [0] ----D C:\Users\pachard bell\AppData\Local\{1D259A02-E9EB-47E6-80BD-BC8EC9B580CA}
O43 - CFD: 22/12/2011 - 18:07:30 - [0] ----D C:\Users\pachard bell\AppData\Local\{1E72EFA9-8A36-4A77-8DAF-7FD3DF4A5770}
O43 - CFD: 13/01/2012 - 08:32:11 - [0] ----D C:\Users\pachard bell\AppData\Local\{1EBB9AA5-43D9-4FF2-B7F0-4FA2CA6EB5C6}
O43 - CFD: 5/11/2011 - 07:38:36 - [0] ----D C:\Users\pachard bell\AppData\Local\{1F2B638C-5C20-4875-A1D1-B0D07619E249}
O43 - CFD: 17/11/2011 - 16:33:58 - [0] ----D C:\Users\pachard bell\AppData\Local\{20C7744F-A322-4E7D-98E5-2CC140DEC59A}
O43 - CFD: 21/12/2011 - 21:05:25 - [0] ----D C:\Users\pachard bell\AppData\Local\{215983F9-7A82-40BD-9BB2-FF3C066D8828}
O43 - CFD: 3/08/2011 - 16:56:27 - [0] ----D C:\Users\pachard bell\AppData\Local\{2238BC14-E15F-432A-81D5-61BA71BFD841}
O43 - CFD: 9/12/2011 - 15:02:04 - [0] ----D C:\Users\pachard bell\AppData\Local\{22E7AD1D-67ED-4D2E-805E-2A0D512EF29C}
O43 - CFD: 21/02/2012 - 16:53:55 - [0] ----D C:\Users\pachard bell\AppData\Local\{23302074-30B8-4D1A-9CB0-FDD41B86B9DA}
O43 - CFD: 14/08/2011 - 23:30:16 - [0] ----D C:\Users\pachard bell\AppData\Local\{238D2AA7-F050-418A-B252-816EF80A1B24}
O43 - CFD: 26/12/2011 - 07:49:45 - [0] ----D C:\Users\pachard bell\AppData\Local\{242A85B7-27FA-4DF8-A5E3-9876AA78D5F3}
O43 - CFD: 21/04/2012 - 23:01:41 - [0] ----D C:\Users\pachard bell\AppData\Local\{243C6FA0-4B0B-44F4-8031-D17F7ACFE05B}
O43 - CFD: 25/08/2011 - 01:12:05 - [0] ----D C:\Users\pachard bell\AppData\Local\{24B00DBA-4D72-440D-82A4-57385AB32954}
O43 - CFD: 6/08/2011 - 16:25:46 - [0] ----D C:\Users\pachard bell\AppData\Local\{24B40C02-D986-4878-A4A7-2B139AB5ACBB}
O43 - CFD: 20/12/2011 - 18:20:36 - [0] ----D C:\Users\pachard bell\AppData\Local\{24FC471A-82AD-489D-B2D9-7CB5F478C5DA}
O43 - CFD: 5/11/2011 - 07:38:48 - [0] ----D C:\Users\pachard bell\AppData\Local\{25431586-D39D-4646-9951-5273E69DD7DE}
O43 - CFD: 23/01/2012 - 16:16:51 - [0] ----D C:\Users\pachard bell\AppData\Local\{254B8DE7-FD56-4011-BBAB-2929F4E61C1D}
O43 - CFD: 31/12/2011 - 08:00:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{25799A49-52DF-447B-A491-720D5CC6699F}
O43 - CFD: 17/11/2011 - 16:33:48 - [0] ----D C:\Users\pachard bell\AppData\Local\{257F341E-1904-4B18-BC98-46B26540AAAF}
O43 - CFD: 25/12/2011 - 14:34:02 - [0] ----D C:\Users\pachard bell\AppData\Local\{2599B43A-5585-4F5F-B654-E315803E1DBC}
O43 - CFD: 4/05/2012 - 22:18:06 - [0] ----D C:\Users\pachard bell\AppData\Local\{265243E7-F8EC-48F5-A7FA-DA893D8264D7}
O43 - CFD: 30/11/2011 - 13:49:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{26D07019-3AD4-4946-A6A7-2A5AF9420296}
O43 - CFD: 4/12/2011 - 07:24:12 - [0] ----D C:\Users\pachard bell\AppData\Local\{276EFB74-048F-4B86-989E-0A8AFAD89119}
O43 - CFD: 19/11/2011 - 14:41:07 - [0] ----D C:\Users\pachard bell\AppData\Local\{2852D86E-043E-452E-AB46-FEB4D9C1B8CC}
O43 - CFD: 10/04/2012 - 13:58:05 - [0] ----D C:\Users\pachard bell\AppData\Local\{28D7D957-2603-4D18-BF15-C24FBDD1C1A1}
O43 - CFD: 15/12/2011 - 23:21:10 - [0] ----D C:\Users\pachard bell\AppData\Local\{297A8CB2-46E5-4812-B622-D56C82D09757}
O43 - CFD: 8/11/2011 - 22:32:16 - [0] ----D C:\Users\pachard bell\AppData\Local\{2A3F71BE-F088-4700-AEFB-2275130BFAB8}
O43 - CFD: 23/08/2011 - 02:39:07 - [0] ----D C:\Users\pachard bell\AppData\Local\{2A4EA72D-2474-421B-84A0-2B9921BF44CB}
O43 - CFD: 28/12/2011 - 12:57:05 - [0] ----D C:\Users\pachard bell\AppData\Local\{2A8754E2-8F75-48CA-BC1A-DABFFF75F685}
O43 - CFD: 14/11/2011 - 16:35:32 - [0] ----D C:\Users\pachard bell\AppData\Local\{2B757CD2-271C-46CC-B31E-AA2C5F3FB26A}
O43 - CFD: 22/05/2012 - 16:19:38 - [0] ----D C:\Users\pachard bell\AppData\Local\{2B7C0136-C02B-4447-9BED-8BA1A7B12280}
O43 - CFD: 13/01/2012 - 19:24:02 - [0] ----D C:\Users\pachard bell\AppData\Local\{2B7CE994-4118-4577-ADBC-5502665C2EE9}
O43 - CFD: 16/12/2011 - 22:38:34 - [0] ----D C:\Users\pachard bell\AppData\Local\{2BBAEBBA-F483-46B3-B5DB-157F5252CAA2}
O43 - CFD: 13/05/2012 - 18:38:50 - [0] ----D C:\Users\pachard bell\AppData\Local\{2D017CAA-8B33-47D7-B059-A9D7D0CA491C}
O43 - CFD: 20/10/2011 - 19:47:20 - [0] ----D C:\Users\pachard bell\AppData\Local\{2D146BC8-792D-4A3D-9A57-D7C786FA9936}
O43 - CFD: 7/01/2012 - 08:54:25 - [0] ----D C:\Users\pachard bell\AppData\Local\{2DBEC24D-FB46-450C-8C15-6B8E2E3F7F9E}
O43 - CFD: 26/12/2011 - 02:02:38 - [0] ----D C:\Users\pachard bell\AppData\Local\{2E697F58-EE5B-492B-AD11-865DB47AAD8C}
O43 - CFD: 10/08/2011 - 17:57:46 - [0] ----D C:\Users\pachard bell\AppData\Local\{2F6A8041-75C0-4BD4-93C9-73A649F873E7}
O43 - CFD: 3/01/2012 - 08:30:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{2F799FBE-CD21-49E7-99E3-4CFC9D4E7821}
O43 - CFD: 1/04/2012 - 17:08:34 - [0] ----D C:\Users\pachard bell\AppData\Local\{2FB26522-32B3-4B85-A1F7-88CA00A3B9FE}
O43 - CFD: 27/06/2011 - 17:05:19 - [0] ----D C:\Users\pachard bell\AppData\Local\{2FF16BAD-B49E-48F9-A548-0E23058460DE}
O43 - CFD: 20/05/2012 - 21:08:55 - [0] ----D C:\Users\pachard bell\AppData\Local\{30017959-08C6-4EE4-8A3E-34EABE1B5F4B}
O43 - CFD: 24/10/2011 - 22:58:34 - [0] ----D C:\Users\pachard bell\AppData\Local\{30614F0A-E671-4352-9AFE-B252F822A7B0}
O43 - CFD: 29/11/2011 - 17:17:41 - [0] ----D C:\Users\pachard bell\AppData\Local\{306D7679-B89F-40A2-8D24-AC40AB712A07}
O43 - CFD: 23/12/2011 - 09:56:15 - [0] ----D C:\Users\pachard bell\AppData\Local\{30F23651-68F7-4142-95E7-76400B33A0B8}
O43 - CFD: 8/05/2012 - 00:16:52 - [0] ----D C:\Users\pachard bell\AppData\Local\{319C3085-A27C-48D8-947B-DB364F4DDDDF}
O43 - CFD: 21/12/2011 - 14:03:45 - [0] ----D C:\Users\pachard bell\AppData\Local\{31A67A6A-B611-46C6-B090-63F620338E34}
O43 - CFD: 24/08/2011 - 04:05:38 - [0] ----D C:\Users\pachard bell\AppData\Local\{32826DA3-FEAE-4572-B213-467A1744F472}
O43 - CFD: 28/04/2012 - 13:56:02 - [0] ----D C:\Users\pachard bell\AppData\Local\{32C2B54A-D5BA-4122-8241-CEEBE8AC7CC5}
O43 - CFD: 2/11/2011 - 16:26:11 - [0] ----D C:\Users\pachard bell\AppData\Local\{330700AA-C79B-4078-8D7D-686BAED4C5A6}
O43 - CFD: 13/08/2011 - 16:18:30 - [0] ----D C:\Users\pachard bell\AppData\Local\{3495AE2D-D8DC-4A3B-B619-09DA1112BD02}
O43 - CFD: 19/05/2012 - 21:06:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{3553B70A-98B1-4BAF-95DE-7311E67C8ED2}
O43 - CFD: 29/10/2011 - 16:35:35 - [0] ----D C:\Users\pachard bell\AppData\Local\{35D113D9-0EF3-459F-B471-709DF8AFAF80}
O43 - CFD: 11/08/2011 - 16:07:34 - [0] ----D C:\Users\pachard bell\AppData\Local\{35F01924-33B9-4509-805C-5CC80C6A8449}
O43 - CFD: 17/08/2011 - 19:16:52 - [0] ----D C:\Users\pachard bell\AppData\Local\{366AAFA1-E7A0-4893-B088-D23C755D72D7}
O43 - CFD: 13/11/2011 - 05:49:28 - [0] ----D C:\Users\pachard bell\AppData\Local\{36D0C4B6-9D51-48DC-90BF-FF99014673C7}
O43 - CFD: 12/11/2011 - 00:53:51 - [0] ----D C:\Users\pachard bell\AppData\Local\{370ADB25-E516-4CCD-966C-957F857C6D5F}
O43 - CFD: 12/11/2011 - 18:41:41 - [0] ----D C:\Users\pachard bell\AppData\Local\{370C6197-243E-4220-B4F1-78D6685373B8}
O43 - CFD: 23/11/2011 - 22:31:03 - [0] ----D C:\Users\pachard bell\AppData\Local\{372FD479-5B9C-4023-966E-9C21A7BA8C34}
O43 - CFD: 20/07/2011 - 08:22:49 - [0] ----D C:\Users\pachard bell\AppData\Local\{3772EC72-2F47-4B6F-8D0C-527AF35E3E0D}
O43 - CFD: 28/10/2011 - 19:10:01 - [0] ----D C:\Users\pachard bell\AppData\Local\{37E83CE3-1663-4DEE-84D4-D00D3AF9C419}
O43 - CFD: 15/08/2011 - 03:44:21 - [0] ----D C:\Users\pachard bell\AppData\Local\{38246631-5B11-4F28-B804-E34DF1F6D316}
O43 - CFD: 8/01/2012 - 08:11:05 - [0] ----D C:\Users\pachard bell\AppData\Local\{384720D0-267E-44E6-BB67-230054448469}
O43 - CFD: 9/07/2011 - 17:15:41 - [0] ----D C:\Users\pachard bell\AppData\Local\{385E2836-0443-47A6-BFCE-C0E592D73D3C}
O43 - CFD: 18/04/2012 - 21:25:09 - [0] ----D C:\Users\pachard bell\AppData\Local\{38E42BE9-C039-4E71-BA3E-5C05A27010F2}
O43 - CFD: 3/12/2011 - 00:51:14 - [0] ----D C:\Users\pachard bell\AppData\Local\{3906E970-1DEA-4B81-BE65-55474D18F427}
O43 - CFD: 6/02/2012 - 15:38:16 - [0] ----D C:\Users\pachard bell\AppData\Local\{3907DC38-8AF7-4914-94E2-4B930E5B9AA4}
O43 - CFD: 11/01/2012 - 14:49:42 - [0] ----D C:\Users\pachard bell\AppData\Local\{39B259B0-1B64-4312-820D-CEE7AB7B34E0}
O43 - CFD: 28/12/2011 - 21:21:33 - [0] ----D C:\Users\pachard bell\AppData\Local\{39B56D92-02B5-451C-B517-FAE2046AE52C}
O43 - CFD: 13/08/2011 - 08:11:44 - [0] ----D C:\Users\pachard bell\AppData\Local\{3A634977-9A1F-4787-AD0A-533E8DE9F38C}
O43 - CFD: 23/12/2011 - 22:17:23 - [0] ----D C:\Users\pachard bell\AppData\Local\{3B4B1574-A739-4EFB-847A-F4C84627CBF7}
O43 - CFD: 1/12/2011 - 06:50:36 - [0] ----D C:\Users\pachard bell\AppData\Local\{3B4E7324-7ABF-4344-A354-74525DB061CD}
O43 - CFD: 4/01/2012 - 20:22:26 - [0] ----D C:\Users\pachard bell\AppData\Local\{3B5465E0-60F6-4C9C-BB2D-1B6E522C2038}
O43 - CFD: 30/10/2011 - 19:23:06 - [0] ----D C:\Users\pachard bell\AppData\Local\{3BAF6C18-000B-4DE5-B59E-040208563DD0}
O43 - CFD: 28/10/2011 - 19:10:11 - [0] ----D C:\Users\pachard bell\AppData\Local\{3C2CA4CC-85D3-4D58-AC17-95E97CB27353}
O43 - CFD: 1/12/2011 - 23:32:57 - [0] ----D C:\Users\pachard bell\AppData\Local\{3C8CD1B9-042B-48BA-9D73-EE2D0C2AD264}
O43 - CFD: 10/10/2011 - 15:50:59 - [0] ----D C:\Users\pachard bell\AppData\Local\{3C9166BD-8723-4EDC-A82B-88C4146D9F77}
O43 - CFD: 10/11/2011 - 22:38:47 - [0] ----D C:\Users\pachard bell\AppData\Local\{3CCC4684-712B-49E0-ADCC-45B965D6426D}
O43 - CFD: 30/11/2011 - 14:20:23 - [0] ----D C:\Users\pachard bell\AppData\Local\{3CF0B819-AD9A-4788-8996-4E60F862ED9E}
O43 - CFD: 24/12/2011 - 02:06:35 - [0] ----D C:\Users\pachard bell\AppData\Local\{3D98402D-78BD-4875-ACB3-66A0E58DBED3}
O43 - CFD: 23/12/2011 - 09:56:25 - [0] ----D C:\Users\pachard bell\AppData\Local\{3DB28D62-C0AA-46CB-AC64-D470297738BC}
O43 - CFD: 4/07/2011 - 21:37:40 - [0] ----D C:\Users\pachard bell\AppData\Local\{3DF4E0CC-271F-46CB-9FE5-6D00138E61E4}
O43 - CFD: 17/08/2011 - 23:49:11 - [0] ----D C:\Users\pachard bell\AppData\Local\{3DF5213B-A503-4AD7-920C-A545D2441970}
O43 - CFD: 13/08/2011 - 03:10:40 - [0] ----D C:\Users\pachard bell\AppData\Local\{3E38C1AD-6FEA-4E49-810D-DA5D36A834B3}
O43 - CFD: 13/01/2012 - 16:38:44 - [0] ----D C:\Users\pachard bell\AppData\Local\{3EA334EA-3DF9-41CB-ABA5-46604F4E356B}
O43 - CFD: 16/12/2011 - 22:38:23 - [0] ----D C:\Users\pachard bell\AppData\Local\{3F01D3EA-01CD-4579-A51A-92E7A944C0A9}
O43 - CFD: 1/12/2011 - 23:32:46 - [0] ----D C:\Users\pachard bell\AppData\Local\{3F0B5894-A7F9-4AD5-93AF-136C1084618E}
O43 - CFD: 22/08/2011 - 04:32:32 - [0] ----D C:\Users\pachard bell\AppData\Local\{3FE55918-378E-4307-8B29-F48EAB972D48}
O43 - CFD: 22/01/2012 - 17:12:47 - [0] ----D C:\Users\pachard bell\AppData\Local\{41A9A18D-354A-4957-BA7B-70B980EABF93}
O43 - CFD: 20/12/2011 - 22:17:50 - [0] ----D C:\Users\pachard bell\AppData\Local\{41CE80AE-4E45-41A2-BCBB-C904374A90C9}
O43 - CFD: 8/08/2011 - 21:55:16 - [0] ----D C:\Users\pachard bell\AppData\Local\{41E57D6B-6322-454C-9E6E-E30C91D4E694}
O43 - CFD: 31/12/2011 - 08:00:51 - [0] ----D C:\Users\pachard bell\AppData\Local\{424D667B-AFA4-4473-A7B8-25CCF206B042}
O43 - CFD: 16/04/2012 - 19:29:36 - [0] ----D C:\Users\pachard bell\AppData\Local\{427E5F63-08C8-42D6-874B-E7E3123FACE3}
O43 - CFD: 5/12/2011 - 17:07:34 - [0] ----D C:\Users\pachard bell\AppData\Local\{4302E8DD-F8BC-4EA9-9F1D-8C502FC83269}
O43 - CFD: 1/12/2011 - 15:24:59 - [0] ----D C:\Users\pachard bell\AppData\Local\{437C7692-62B1-438F-88D0-3667DB7C1E4D}
O43 - CFD: 21/07/2011 - 16:00:15 - [0] ----D C:\Users\pachard bell\AppData\Local\{438E3EDB-22F6-418E-BA31-384EAF73F4E2}
O43 - CFD: 21/08/2011 - 04:16:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{43BA60F7-08AA-4FB1-937A-189AC30B1014}
O43 - CFD: 23/06/2011 - 15:25:15 - [0] ----D C:\Users\pachard bell\AppData\Local\{43DCA03A-CD53-43F2-95E5-1B467DE377AA}
O43 - CFD: 4/04/2012 - 11:29:23 - [0] ----D C:\Users\pachard bell\AppData\Local\{43DD4E1B-753A-464F-B832-86029DC40908}
O43 - CFD: 10/11/2011 - 22:38:37 - [0] ----D C:\Users\pachard bell\AppData\Local\{4474D431-58EC-495B-8C88-07359059898F}
O43 - CFD: 1/12/2011 - 15:25:09 - [0] ----D C:\Users\pachard bell\AppData\Local\{45231A7C-053E-4535-A46E-909DE39F5399}
O43 - CFD: 8/12/2011 - 07:53:33 - [0] ----D C:\Users\pachard bell\AppData\Local\{4576E840-37ED-42E9-B2F9-FE1979F81581}
O43 - CFD: 16/04/2012 - 19:29:46 - [0] ----D C:\Users\pachard bell\AppData\Local\{45ABE7B7-809D-4BD6-BD60-AEC045C58C9A}
O43 - CFD: 16/08/2011 - 03:58:55 - [0] ----D C:\Users\pachard bell\AppData\Local\{46F11ED0-2033-4C78-8A7E-65082BE4099A}
O43 - CFD: 26/11/2011 - 10:06:48 - [0] ----D C:\Users\pachard bell\AppData\Local\{471CA85A-42F6-4773-9F78-129334EA3416}
O43 - CFD: 1/01/2012 - 11:50:57 - [0] ----D C:\Users\pachard bell\AppData\Local\{477FEE21-2561-41AC-8EE2-ECB3DFF8FB0E}
O43 - CFD: 21/02/2012 - 13:52:29 - [0] ----D C:\Users\pachard bell\AppData\Local\{47D5D751-3474-4391-A18C-CD130CAB5269}
O43 - CFD: 1/11/2011 - 16:53:13 - [0] ----D C:\Users\pachard bell\AppData\Local\{48272EB1-8B23-4748-8E4D-619A06F69322}
O43 - CFD: 22/12/2011 - 19:50:57 - [0] ----D C:\Users\pachard bell\AppData\Local\{48ADBCB9-A1D8-42BB-BBBD-0378FA0F5485}
O43 - CFD: 10/08/2011 - 17:57:56 - [0] ----D C:\Users\pachard bell\AppData\Local\{48CB5DC6-30E1-4547-8CA8-4B05FAFE7246}
O43 - CFD: 9/07/2011 - 00:24:17 - [0] ----D C:\Users\pachard bell\AppData\Local\{4936BDFD-4F90-4344-B2B2-3A3234DF61BF}
O43 - CFD: 19/08/2011 - 22:41:54 - [0] ----D C:\Users\pachard bell\AppData\Local\{49A48822-5EBA-40A5-B406-B527A91FE44D}
O43 - CFD: 20/02/2012 - 15:04:07 - [0] ----D C:\Users\pachard bell\AppData\Local\{49E0F931-30BC-404B-B78B-43936B664B4E}
O43 - CFD: 8/03/2012 - 23:24:13 - [0] ----D C:\Users\pachard bell\AppData\Local\{4A0450F2-2360-4EA5-BF2A-622F754EEFF3}
O43 - CFD: 22/11/2011 - 18:28:32 - [0] ----D C:\Users\pachard bell\AppData\Local\{4B528B3E-19D5-4FCE-A591-C1D9497471BB}
O43 - CFD: 14/03/2012 - 08:22:41 - [0] ----D C:\Users\pachard bell\AppData\Local\{4D2D79AC-3AAE-4CEC-9EB1-83EE7B79FB84}
O43 - CFD: 16/05/2012 - 12:11:31 - [0] ----D C:\Users\pachard bell\AppData\Local\{4DE56E06-08C1-4749-BC5F-7CA25837A7D1}
O43 - CFD: 29/11/2011 - 17:17:30 - [0] ----D C:\Users\pachard bell\AppData\Local\{4EB15B6C-E28C-40A5-B71B-03027F29CB3C}
O43 - CFD: 4/12/2011 - 01:08:25 - [0] ----D C:\Users\pachard bell\AppData\Local\{4FC67439-6253-4D06-A263-89345B4CCB8D}
O43 - CFD: 6/01/2012 - 07:56:23 - [0] ----D C:\Users\pachard bell\AppData\Local\{4FDD129F-A95C-49F2-BC15-7FBF6D995916}
O43 - CFD: 19/07/2011 - 16:37:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{502561C6-E8C6-4183-80C9-A1EF86F5AB7F}
O43 - CFD: 3/07/2011 - 08:33:15 - [0] ----D C:\Users\pachard bell\AppData\Local\{5041AD83-2A6F-4BC1-83A6-3E4B50CB5136}
O43 - CFD: 1/03/2012 - 17:07:17 - [0] ----D C:\Users\pachard bell\AppData\Local\{5046BE03-C6BC-4A4B-8360-A3C897ACA20C}
O43 - CFD: 22/12/2011 - 00:24:52 - [0] ----D C:\Users\pachard bell\AppData\Local\{5078FCAD-136F-4846-8443-D675159F1D84}
O43 - CFD: 31/12/2011 - 20:54:02 - [0] ----D C:\Users\pachard bell\AppData\Local\{5083D601-FA5A-4218-8399-DAD6DB35B126}
O43 - CFD: 15/08/2011 - 03:41:36 - [0] ----D C:\Users\pachard bell\AppData\Local\{50C06137-6908-42C9-A933-5BCD22FC42D2}
O43 - CFD: 12/04/2012 - 16:06:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{51768BC4-E9BB-47B2-B363-9FDAC9B2B608}
O43 - CFD: 18/12/2011 - 20:01:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{5255E57D-65F4-4E2C-A646-8F3C572E6A06}
O43 - CFD: 26/02/2012 - 00:48:10 - [0] ----D C:\Users\pachard bell\AppData\Local\{53AF473E-9647-416B-9B30-20FE5EB78B83}
O43 - CFD: 15/01/2012 - 18:40:55 - [0] ----D C:\Users\pachard bell\AppData\Local\{54CD9AD2-CA3D-486F-8DE4-CB97E083CA12}
O43 - CFD: 13/02/2012 - 14:07:21 - [0] ----D C:\Users\pachard bell\AppData\Local\{54F78871-E91E-4D39-ACD2-DBE534BBF3E6}
O43 - CFD: 30/01/2012 - 22:48:33 - [0] ----D C:\Users\pachard bell\AppData\Local\{54F847ED-0FD8-4A73-ACAA-90C2157A5D60}
O43 - CFD: 25/12/2011 - 01:29:47 - [0] ----D C:\Users\pachard bell\AppData\Local\{55127903-FCCA-44E7-A8FF-683FAC9B4372}
O43 - CFD: 12/07/2011 - 07:28:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{556E1354-FB53-4D1A-B645-F68FE4BCE462}
O43 - CFD: 22/11/2011 - 18:28:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{55966CAC-8F9A-48B1-875B-0EA032394E59}
O43 - CFD: 22/12/2011 - 20:21:30 - [0] ----D C:\Users\pachard bell\AppData\Local\{5640966B-BC12-4FBB-AC8C-8CEA20DEBA13}
O43 - CFD: 14/07/2011 - 21:12:19 - [0] ----D C:\Users\pachard bell\AppData\Local\{56A52594-E91B-4B98-813A-14C70A1835F9}
O43 - CFD: 14/08/2011 - 23:30:26 - [0] ----D C:\Users\pachard bell\AppData\Local\{572B527E-72C6-4C40-B523-5F68B82E8467}
O43 - CFD: 14/12/2011 - 18:37:28 - [0] ----D C:\Users\pachard bell\AppData\Local\{579E6FE7-7F80-4873-891C-45D0F8B657E4}
O43 - CFD: 15/03/2012 - 20:47:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{58272141-216C-4899-A532-253F2DCA506D}
O43 - CFD: 15/12/2011 - 23:20:49 - [0] ----D C:\Users\pachard bell\AppData\Local\{584A4DAB-BA26-4725-9710-46AD668A4D0F}
O43 - CFD: 5/03/2012 - 12:11:49 - [0] ----D C:\Users\pachard bell\AppData\Local\{593214C4-A8C6-4F2E-81FC-E6CD8C90FEA0}
O43 - CFD: 9/01/2012 - 08:16:40 - [0] ----D C:\Users\pachard bell\AppData\Local\{599A8F26-E96D-4B20-8E92-0138ECE0B413}
O43 - CFD: 12/01/2012 - 21:16:10 - [0] ----D C:\Users\pachard bell\AppData\Local\{599F7201-6482-412B-ACD3-E8C841B2E9EB}
O43 - CFD: 20/12/2011 - 22:17:40 - [0] ----D C:\Users\pachard bell\AppData\Local\{5A035638-39D7-4F14-BD1D-7DB2681FB8B8}
O43 - CFD: 26/12/2011 - 07:22:06 - [0] ----D C:\Users\pachard bell\AppData\Local\{5A0691FA-8CE4-4CC9-9901-23205CBA18D3}
O43 - CFD: 22/12/2011 - 18:07:40 - [0] ----D C:\Users\pachard bell\AppData\Local\{5A916763-1CFF-4DE2-86EE-D82FFFCE6630}
O43 - CFD: 7/12/2011 - 06:00:07 - [0] ----D C:\Users\pachard bell\AppData\Local\{5AC3102A-60CC-4F0A-A465-167EDC762F21}
O43 - CFD: 23/07/2011 - 15:37:12 - [0] ----D C:\Users\pachard bell\AppData\Local\{5AFF5CFB-305B-4281-BAC4-5E574BAC23AB}
O43 - CFD: 18/08/2011 - 18:20:37 - [0] ----D C:\Users\pachard bell\AppData\Local\{5B1F4A20-50CF-4B2D-8B46-AC8F9561BC9B}
O43 - CFD: 20/03/2012 - 20:47:51 - [0] ----D C:\Users\pachard bell\AppData\Local\{5BC7E503-B67C-4D7D-8584-80F3AA712A2B}
O43 - CFD: 24/06/2011 - 16:23:23 - [0] ----D C:\Users\pachard bell\AppData\Local\{5C08857D-5022-49A3-B43B-C5D61B420499}
O43 - CFD: 16/09/2011 - 20:45:30 - [0] ----D C:\Users\pachard bell\AppData\Local\{5C1CABCA-FF93-4066-AC98-FCF4D553BBA2}
O43 - CFD: 23/02/2012 - 04:52:45 - [0] ----D C:\Users\pachard bell\AppData\Local\{5C2EF136-A00E-4BBF-8CF7-2AAA1AECE083}
O43 - CFD: 22/12/2011 - 00:06:23 - [0] ----D C:\Users\pachard bell\AppData\Local\{5C39DED4-023A-4EC0-B1CB-4364AB94D1F8}
O43 - CFD: 19/11/2011 - 14:40:56 - [0] ----D C:\Users\pachard bell\AppData\Local\{5DBC2AAD-BA5D-406C-8718-C6BAE384D651}
O43 - CFD: 17/03/2012 - 22:07:41 - [0] ----D C:\Users\pachard bell\AppData\Local\{5DD43351-1A21-41F4-B095-11739CC7E1BB}
O43 - CFD: 16/09/2011 - 13:45:05 - [0] ----D C:\Users\pachard bell\AppData\Local\{5F030F96-5D96-4299-A246-CB0D3433A13A}
O43 - CFD: 30/10/2011 - 21:36:59 - [0] ----D C:\Users\pachard bell\AppData\Local\{5F2BB988-CC96-4D1A-9274-EAD70356AC5D}
O43 - CFD: 22/10/2011 - 16:23:19 - [0] ----D C:\Users\pachard bell\AppData\Local\{5FF87D72-BFED-4A01-B741-7625669EDF39}
O43 - CFD: 25/12/2011 - 01:29:37 - [0] ----D C:\Users\pachard bell\AppData\Local\{60DEFB84-5845-4C48-B960-460D87728F15}
O43 - CFD: 7/11/2011 - 06:25:30 - [0] ----D C:\Users\pachard bell\AppData\Local\{60E48B61-DD77-4770-B67C-ACF718EA7CAD}
O43 - CFD: 23/04/2012 - 21:10:56 - [0] ----D C:\Users\pachard bell\AppData\Local\{61300FA7-18B6-4F24-8316-CC02F524A0DE}
O43 - CFD: 7/12/2011 - 06:00:17 - [0] ----D C:\Users\pachard bell\AppData\Local\{61833348-E9A1-426D-A589-DC7C9B06E7C5}
O43 - CFD: 19/05/2012 - 15:57:01 - [0] ----D C:\Users\pachard bell\AppData\Local\{61FA198F-0CF1-41AE-9ED6-C4BE6BB61BD7}
O43 - CFD: 11/08/2011 - 18:28:10 - [0] ----D C:\Users\pachard bell\AppData\Local\{6325A51F-E2D3-46A9-A22E-AD2452D5A29F}
O43 - CFD: 19/12/2011 - 10:11:18 - [0] ----D C:\Users\pachard bell\AppData\Local\{639E520A-9B34-4C86-9B2D-CCEDE27CDB30}
O43 - CFD: 14/03/2012 - 19:34:17 - [0] ----D C:\Users\pachard bell\AppData\Local\{63AFDDD9-D102-4891-B2B2-63BD1E926ED8}
O43 - CFD: 10/11/2011 - 05:40:27 - [0] ----D C:\Users\pachard bell\AppData\Local\{64220C75-A599-43F9-808B-214F0D1FFCB6}
O43 - CFD: 20/01/2012 - 14:03:55 - [0] ----D C:\Users\pachard bell\AppData\Local\{64552918-D6F0-4471-B861-79FA3BE24B33}
O43 - CFD: 21/12/2011 - 17:28:29 - [0] ----D C:\Users\pachard bell\AppData\Local\{6492195E-072F-43AE-B5F3-239BD8F26F49}
O43 - CFD: 2/12/2011 - 00:44:41 - [0] ----D C:\Users\pachard bell\AppData\Local\{64A50C27-51EE-49ED-8A69-D5D01EA1A03F}
O43 - CFD: 16/11/2011 - 23:41:09 - [0] ----D C:\Users\pachard bell\AppData\Local\{64AF10A7-2655-4AEA-B75D-73AF1A7EA606}
O43 - CFD: 2/12/2011 - 07:04:40 - [0] ----D C:\Users\pachard bell\AppData\Local\{6752C350-28E6-4EF6-B7B9-E70980E5F304}
O43 - CFD: 18/08/2011 - 13:00:08 - [0] ----D C:\Users\pachard bell\AppData\Local\{677968A5-C1FE-450F-B742-8682DFADB9E7}
O43 - CFD: 15/07/2011 - 22:05:11 - [0] ----D C:\Users\pachard bell\AppData\Local\{67C79250-C543-4110-A28F-681FD3975EBD}
O43 - CFD: 20/05/2012 - 20:48:53 - [0] ----D C:\Users\pachard bell\AppData\Local\{67D390AB-9298-4294-837E-86FE1EEBE14D}
O43 - CFD: 17/04/2012 - 22:24:16 - [0] ----D C:\Users\pachard bell\AppData\Local\{68F322CC-A842-43F4-8EBF-AA07CA27F1BD}
O43 - CFD: 17/07/2011 - 15:26:51 - [0] ----D C:\Users\pachard bell\AppData\Local\{693E9FC8-12D1-405B-B719-F9DB5337C076}
O43 - CFD: 1/05/2012 - 17:30:24 - [0] ----D C:\Users\pachard bell\AppData\Local\{69797661-E5FC-4F29-B5E2-DB6CD825FAD5}
O43 - CFD: 11/01/2012 - 02:04:38 - [0] ----D C:\Users\pachard bell\AppData\Local\{69A65CE5-F515-43F7-B8E2-93157999E318}
O43 - CFD: 14/12/2011 - 23:00:29 - [0] ----D C:\Users\pachard bell\AppData\Local\{6AADC4F0-D1FE-4FEB-ACA2-6D7976E298C0}
O43 - CFD: 30/11/2011 - 23:39:29 - [0] ----D C:\Users\pachard bell\AppData\Local\{6AC05A26-A1AC-4640-A810-AA7BF1204113}
O43 - CFD: 25/02/2012 - 23:00:27 - [0] ----D C:\Users\pachard bell\AppData\Local\{6AF1157F-0411-4252-8944-05D32E2551F2}
O43 - CFD: 20/12/2011 - 09:06:19 - [0] ----D C:\Users\pachard bell\AppData\Local\{6B7387CA-D502-41DD-BA2B-25897F391DDA}
O43 - CFD: 26/12/2011 - 02:02:49 - [0] ----D C:\Users\pachard bell\AppData\Local\{6BDB3F3F-1805-4F05-B99E-EE1A480F2663}
O43 - CFD: 9/08/2011 - 18:38:09 - [0] ----D C:\Users\pachard bell\AppData\Local\{6BE3505B-7D3D-4788-A80A-3C76E9CDD1B9}
O43 - CFD: 18/08/2011 - 04:58:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{6C3A5CB9-6E2B-4B63-B362-419729B6C5D9}
O43 - CFD: 15/08/2011 - 19:04:45 - [0] ----D C:\Users\pachard bell\AppData\Local\{6C6AC8E3-5E66-4C60-BD13-EC7CB50B0135}
O43 - CFD: 11/08/2011 - 16:08:02 - [0] ----D C:\Users\pachard bell\AppData\Local\{6C9F79C6-1B91-490A-92C9-044AFBBA6B6B}
O43 - CFD: 7/07/2011 - 09:26:01 - [0] ----D C:\Users\pachard bell\AppData\Local\{6D070267-58E0-4818-935D-4E17CB140C9D}
O43 - CFD: 16/02/2012 - 04:31:03 - [0] ----D C:\Users\pachard bell\AppData\Local\{6E79233A-92BC-41B3-9BAE-2359E84418B3}
O43 - CFD: 29/06/2011 - 11:34:19 - [0] ----D C:\Users\pachard bell\AppData\Local\{6FAD8EEB-6A90-428B-9CCC-247CB96C6CCC}
O43 - CFD: 23/04/2012 - 21:11:07 - [0] ----D C:\Users\pachard bell\AppData\Local\{710DA9F8-C3C7-4682-8C24-6B3422A55D6A}
O43 - CFD: 28/12/2011 - 03:29:33 - [0] ----D C:\Users\pachard bell\AppData\Local\{713C30AD-707D-4B30-996B-99A421793A88}
O43 - CFD: 22/12/2011 - 22:38:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{7195D77E-6198-4E33-A7F8-B54E89CCE3CD}
O43 - CFD: 5/07/2011 - 09:37:53 - [0] ----D C:\Users\pachard bell\AppData\Local\{71B6EFC9-E21A-498E-BDFD-EA412E2EF54C}
O43 - CFD: 30/11/2011 - 20:48:10 - [0] ----D C:\Users\pachard bell\AppData\Local\{723FF5D1-57D0-407D-BC9D-22D3941ADC4C}
O43 - CFD: 13/08/2011 - 08:12:11 - [0] ----D C:\Users\pachard bell\AppData\Local\{73029D39-48ED-48B1-A1A2-B538CD2A29D6}
O43 - CFD: 17/02/2012 - 17:04:35 - [0] ----D C:\Users\pachard bell\AppData\Local\{733A5C2F-9309-4328-9698-6C0A6BFE69AD}
O43 - CFD: 17/08/2011 - 10:57:12 - [0] ----D C:\Users\pachard bell\AppData\Local\{7554060B-77D1-43A0-9823-CE2FBE7E355F}
O43 - CFD: 10/12/2011 - 18:41:20 - [0] ----D C:\Users\pachard bell\AppData\Local\{75BF8328-A19C-48EE-A0C0-51E55903B8BB}
O43 - CFD: 30/04/2012 - 20:15:51 - [0] ----D C:\Users\pachard bell\AppData\Local\{76B1DF28-B159-4592-965F-A1AF88BFBC1E}
O43 - CFD: 11/11/2011 - 16:49:15 - [0] ----D C:\Users\pachard bell\AppData\Local\{76B836FC-1BC1-4785-A0DE-A197318010C6}
O43 - CFD: 16/08/2011 - 18:26:37 - [0] ----D C:\Users\pachard bell\AppData\Local\{76BDE6E3-AEAA-41CF-99AB-40D2E2DF0C30}
O43 - CFD: 3/01/2012 - 07:57:34 - [0] ----D C:\Users\pachard bell\AppData\Local\{76F0EE43-2D43-4020-A259-47ABDBBC9601}
O43 - CFD: 30/11/2011 - 13:42:14 - [0] ----D C:\Users\pachard bell\AppData\Local\{7712C63D-4BA1-4CF6-B8D3-1BCE0878ADB9}
O43 - CFD: 20/01/2012 - 13:42:48 - [0] ----D C:\Users\pachard bell\AppData\Local\{7751FDBF-8F20-4A3E-92D4-87C51ECD88B4}
O43 - CFD: 30/06/2011 - 11:54:48 - [0] ----D C:\Users\pachard bell\AppData\Local\{7768CBFE-2F5F-4B6C-95A2-856B42D2C817}
O43 - CFD: 4/08/2011 - 23:48:38 - [0] ----D C:\Users\pachard bell\AppData\Local\{79152B91-CEB8-413F-9F63-D95291E39F8B}
O43 - CFD: 22/08/2011 - 18:00:03 - [0] ----D C:\Users\pachard bell\AppData\Local\{7A295E89-69E1-44E6-A3FE-44A8D57E4901}
O43 - CFD: 3/12/2011 - 12:50:54 - [0] ----D C:\Users\pachard bell\AppData\Local\{7A56228D-9722-4737-BC1C-1B9EECFAF672}
O43 - CFD: 15/08/2011 - 04:11:10 - [0] ----D C:\Users\pachard bell\AppData\Local\{7A7DD9E7-79E6-4A64-ADFF-ADCC3B1DD87B}
O43 - CFD: 27/12/2011 - 10:56:45 - [0] ----D C:\Users\pachard bell\AppData\Local\{7AC0666E-5DEE-4826-B221-7E2D3D9E1F5B}
O43 - CFD: 22/08/2011 - 17:59:53 - [0] ----D C:\Users\pachard bell\AppData\Local\{7B058F67-0084-4914-9D01-0EE4A84FFBF4}
O43 - CFD: 10/01/2012 - 07:43:14 - [0] ----D C:\Users\pachard bell\AppData\Local\{7B0F3688-40A5-4CB3-B24F-BFFF5F51F8D0}
O43 - CFD: 1/03/2012 - 17:07:18 - [0] ----D C:\Users\pachard bell\AppData\Local\{7B4B2559-99F5-496C-B110-B747A213C6CE}
O43 - CFD: 25/12/2011 - 14:33:51 - [0] ----D C:\Users\pachard bell\AppData\Local\{7C1D37F1-955F-4125-83FA-3464A7734160}
O43 - CFD: 17/02/2012 - 19:03:25 - [0] ----D C:\Users\pachard bell\AppData\Local\{7CA615CD-55FE-4939-944A-9FFB0C5F81D9}
O43 - CFD: 2/01/2012 - 12:37:05 - [0] ----D C:\Users\pachard bell\AppData\Local\{7D5F72D0-AD7D
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 12
LaGringadélamancha Messages postés 10 Statut Membre 1
 
Cela me parait beaucoup... :O mais si je me suis gouré dans ma démarche n'hésite pas à me dire ce que je dois faire ! ;)

Un GRAND MERCI ! j'espère me débarrasser de Media Finder très vite ! ;)

J'attend de tes nouvelles !
0
Réponse 6 / 12
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Salut,
Est ce que tu as formaté ce PC ?
tu as des adwares!le rapport ZHPDiag est incomplet!
==================
Fais ceci suivant l'ordre stp :
1/
Télécharge AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur le bouton [ Suppression ]
Patiente...
Poste le rapport qui apparait en fin de recherche.
(Le rapport est sauvegardé aussi sous C:\ AdwCleaner[SX].Txt)

2/
/!\ ATTENTION : cette analyse peut durer quelques heures /!\

* Télécharge MBAM et installe le selon l'emplacement par défaut
https://www.malwarebytes.com/mwb-download/
* Installe-le puis configure-le comme indiqué : <<< ICI >>>
* si tu n'as rien modifié fais directement quitter sinon enregistrer
* Lance Malwarebytes' Anti-Malware
Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.

==> Ce logiciel gratuit est à garder.
* Fais la mise à jour
* Clique dans l'onglet "Recherche"
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"

A la fin de l'analyse, si MBAM n'a rien trouvé :

* Clique sur OK, le rapport s'ouvre spontanément

Si des menaces ont été détectées :

* Clique sur OK puis "Afficher les résultats"
*Vérifie que toutes les lignes sont cochées
* Choisis l'option "Supprimer la sélection"
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
* Le rapport s'ouvre automatiquement après la suppression, il se trouve aussi dans l'onglet "Rapports/Logs"

* Copie/colle le rapport dans le prochain message

Remarque :
- S'il y'a un problème de mise à jour de mbam, tu peux la faire manuellement en téléchargeant ce fichier puis en l'exécutant.

3/
Redémarre ton PC, lance ZHPDiag depuis le bureau et prépare stp un nouveau rapport ZHPDiag à héberger comme suit :
* Rends toi sur pjjoint.malekal.com
* Clique sur le bouton Parcourir
* Sélectionne le fichier que tu veux héberger et clique sur Ouvrir
* Clique sur le bouton Envoyer
* Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015

* Copie le lien dans ta prochaine réponse.

@+

0
Réponse 7 / 12
LaGringadélamancha Messages postés 10 Statut Membre 1
 
Coucou !

Voilà j'ai suivie les démarches comme tu me l'as si gentillement décris ! ;)
Bon faut savoir que je suis pas très calé dans ce domaine (donc j'ignore ce qu'est un adwares :D )... Mais bon je pense avoir bien suivie toutes étapes ! J'espère que j'ai pas foirée :D ...

Alors ! j'ai refait le truc Adwcleaner ... Donc voici le rapport :

# AdwCleaner v1.607 - Rapport créé le 31/05/2012 à 13:16:45
# Mis à jour le 23/05/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium (64 bits)
# Nom d'utilisateur : pachard bell - PACHARDBELL-PC
# Exécuté depuis : C:\Users\pachard bell\Downloads\adwcleaner.exe
# Option [Recherche]

***** [Services] *****

***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Users\pachard bell\chat-land
Dossier Présent : C:\Users\pachard bell\AppData\Local\Babylon
Dossier Présent : C:\Users\pachard bell\AppData\Local\Conduit
Dossier Présent : C:\Users\pachard bell\AppData\Local\Ilivid Player
Dossier Présent : C:\Users\PACHAR~1\AppData\Local\Temp\BabylonToolbar
Dossier Présent : C:\Users\pachard bell\AppData\LocalLow\Conduit
Dossier Présent : C:\Users\pachard bell\AppData\LocalLow\searchquband
Dossier Présent : C:\Users\pachard bell\AppData\Roaming\Babylon
Dossier Présent : C:\Users\pachard bell\AppData\Roaming\Media Finder
Dossier Présent : C:\Users\pachard bell\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@themediafinder.com
Dossier Présent : C:\Users\pachard bell\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Dossier Présent : C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
Dossier Présent : C:\ProgramData\Babylon
Dossier Présent : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
Dossier Présent : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Dossier Présent : C:\Program Files (x86)\BabylonToolbar
Dossier Présent : C:\Program Files (x86)\Conduit
Dossier Présent : C:\Program Files (x86)\Media Finder
Dossier Présent : C:\Program Files (x86)\Windows iLivid Toolbar
Fichier Présent : C:\Users\PACHAR~1\AppData\Local\Temp\kujytuo.exe
Fichier Présent : C:\Users\pachard bell\AppData\Roaming\Microsoft\Windows\Start Menu\Chat-Land site de chat et de rencontre gratuit.URL

***** [Registre] *****

[*] Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT2661018
Clé Présente : HKCU\Software\BabylonToolbar
Clé Présente : HKCU\Software\DataMngr
Clé Présente : HKCU\Software\ilivid
Clé Présente : HKCU\Software\MediaFinder
Clé Présente : HKCU\Software\AppDataLow\Toolbar
Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
Clé Présente : HKCU\Software\AppDataLow\Software\searchqutoolbar
Clé Présente : HKLM\SOFTWARE\Babylon
Clé Présente : HKLM\SOFTWARE\BabylonToolbar
Clé Présente : HKLM\SOFTWARE\Conduit
Clé Présente : HKLM\SOFTWARE\Classes\b
Clé Présente : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Clé Présente : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Clé Présente : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Clé Présente : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Clé Présente : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Clé Présente : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Clé Présente : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Clé Présente : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook
Clé Présente : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1
Clé Présente : HKLM\SOFTWARE\Classes\MF
Clé Présente : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
Valeur Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
[x64] Clé Présente : HKCU\Software\BabylonToolbar
[x64] Clé Présente : HKCU\Software\DataMngr
[x64] Clé Présente : HKCU\Software\ilivid
[x64] Clé Présente : HKCU\Software\MediaFinder
[x64] Clé Présente : HKCU\Software\AppDataLow\Toolbar
[x64] Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
[x64] Clé Présente : HKCU\Software\AppDataLow\Software\searchqutoolbar
[x64] Clé Présente : HKLM\SOFTWARE\DataMngr
[x64] Clé Présente : HKLM\SOFTWARE\Classes\b
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Babylon.dskBnd
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
[x64] Clé Présente : HKLM\SOFTWARE\Classes\bbylnApp.appCore
[x64] Clé Présente : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
[x64] Clé Présente : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
[x64] Clé Présente : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
[x64] Clé Présente : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
[x64] Clé Présente : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook
[x64] Clé Présente : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1
[x64] Clé Présente : HKLM\SOFTWARE\Classes\MF
[x64] Clé Présente : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
[x64] Clé Présente : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
[x64] Valeur Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]

***** [Registre - GUID] *****

Clé Présente : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
[x64] Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
[x64] Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[x64] Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
[x64] Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[x64] Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
[x64] Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
[x64] Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[x64] Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[x64] Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[x64] Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
[x64] Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Google Chrome v19.0.1084.52

Fichier : C:\Users\pachard bell\AppData\Local\Google\Chrome\User Data\Default\Preferences

Présente : "homepage": "hxxp://search.softonic.com/MON00013/tb_v1?SearchSource=48&cc=",
Présente : "urls_to_restore_on_startup": [ "hxxp://search.softonic.com/MON00013/tb_v1?SearchSource=48&[...]
Présente : "description": "The plug-in from the General-Crawler.com website which lets the users[...]
Présente : "homepage_url": "hxxp://www.general-crawler.com",
Présente : "name": "General Crawler",
Présente : "update_url": "hxxp://1.update.general-crawler.com/updates/update_chrome.xml",
Présente : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT266101[...]
Présente : "urls_to_restore_on_startup": [ "hxxp://search.softonic.com/MON00013/tb_v1?SearchSource=48&cc=[...]

*************************

AdwCleaner[R1].txt - [14060 octets] - [26/05/2012 12:59:08]
AdwCleaner[R2].txt - [14104 octets] - [31/05/2012 13:16:45]

########## EOF - C:\AdwCleaner[R2].txt - [14233 octets] ##########

Ensuite voici le rapport du truc la Mbam ... :

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Version de la base de données: v2012.06.01.03

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
pachard bell :: PACHARDBELL-PC [administrateur]

1/06/2012 15:14:30
mbam-log-2012-06-01 (15-14-30).txt

Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 395273
Temps écoulé: 2 heure(s), 43 minute(s), 54 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 1
C:\Users\pachard bell\AppData\Local\Temp\E_N4 (Worm.Autorun) -> Mis en quarantaine et supprimé avec succès.

Fichier(s) détecté(s): 23
C:\Users\pachard bell\AppData\Local\Temp\ICReinstall_FLVPlayerSetup.exe (Adware.Installcore) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\Temp\ICReinstall_ICReinstall_FLVPlayerSetup.exe (Adware.Installcore) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\Temp\E_N4\cnvpe.fne (Worm.Autorun) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\Temp\E_N4\dp1.fne (Worm.Autorun) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\Temp\E_N4\eAPI.fne (Worm.Autorun) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\Temp\E_N4\krnln.fnr (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\Temp\is-42JGH.tmp\MF.exe (Adware.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\Temp\is-F5QUT.tmp\MF.exe (Adware.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\VirtualStore\Windows\SysWOW64\204E98\cnvpe.fne (Worm.Autorun) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\VirtualStore\Windows\SysWOW64\204E98\com.run (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\VirtualStore\Windows\SysWOW64\204E98\dp1.fne (Worm.Autorun) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\VirtualStore\Windows\SysWOW64\204E98\eAPI.fne (Worm.Autorun) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\VirtualStore\Windows\SysWOW64\204E98\internet.fne (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\VirtualStore\Windows\SysWOW64\204E98\krnln.fnr (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\VirtualStore\Windows\SysWOW64\204E98\RegEx.fnr (Worm.AutoRun) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\VirtualStore\Windows\SysWOW64\204E98\spec.fne (Trojan.Autorun) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\Downloads\2_Days_in_Paris__282007_29_R1_Set-720bps.3gp.exe (PUP.Adware.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\Downloads\FLVPlayerSetup.exe (Adware.Installcore) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\Downloads\Projet_X__2012_dvdrip_trufrench_xvid.avi.exe (PUP.Adware.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\Downloads\SoftonicDownloader_pour_microsoft-office-2007-service-pack-2 (1).exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\Downloads\SoftonicDownloader_pour_microsoft-office-2007-service-pack-2 (2).exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\Downloads\SoftonicDownloader_pour_microsoft-office-2007-service-pack-2.exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès.
C:\Users\pachard bell\AppData\Local\Temp\E_N4\shell.fne (Worm.Autorun) -> Mis en quarantaine et supprimé avec succès.

(fin)

Et enfin voici le lien ET le rapport ZHPDiag on sait jamais ;)

https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120601_i5n11x14j12l5

Rapport :

Rapport de ZHPDiag v1.31.095 par Nicolas Coolman, Update du 24/05/2012
Run by pachard bell at 1/06/2012 18:20:34
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.

---\\ Web Browser
MSIE: Internet Explorer v

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4024 MB (61% free)
System Restore: Inconnu (Unknown)
System drive C: has 385 GB (84%) free of 454 GB

---\\ Logged in mode
~ Computer Name: PACHARDBELL-PC
~ User Name: pachard bell
~ All Users Names: pachard bell, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\pachard bell\AppData\Roaming\
~ %Desktop% : C:\Users\pachard bell\Desktop\
~ %Favorites% : C:\Users\pachard bell\Favorites\
~ %LocalAppData% : C:\Users\pachard bell\AppData\Local\
~ %StartMenu% : C:\Users\pachard bell\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 385 Go of 454 Go)
D:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.228443FF3A1FB0B974D278F7C6403FAD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.28/02/2012 - 07:49:56.) -- C:\Windows\System32\wininet.dll [1390080]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.28/10/2009 - 07:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.4/05/2011 - 03:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.378E0E0DFEA67D98AE6EA53ADBBD76BC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:23:06.) -- C:\Windows\system32\Drivers\ntfs.sys [1657216]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/07/2009 - 02:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/86
~ Mes musiques (My Musics) : 9/895
~ Mes Videos (My Videos) : 1/13
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 2/32
~ Mon Bureau (My Desktop) : 1/106
~ Menu demarrer (Programs) : 1/33
~ Scan Hidden Files in 00mn 01s

---\\ Processus lancés
[MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.3244]
[MD5.E0DD774689998F43167C4799F9B69FC3] - (...) -- C:\Users\pachard bell\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [932528] [PID.3524]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [255536] [PID.3584]
[MD5.5AEA1DB5490429EEB0989A0CE2A52D5E] - (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [262912] [PID.3676]
[MD5.4858BE9D0A7ABFA8E6A692D81EFC01B3] - (.Chicony - traybar.) -- C:\Program Files (x86)\Video Web Camera\traybar.exe [600688] [PID.3720]
[MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432] [PID.4200]
[MD5.444EB38A256BE60F2013488C49D2AB3F] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736] [PID.4344]
[MD5.995BEB69AE5C50D354894354F5A6CD5A] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296] [PID.4352]
[MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [748336] [PID.4788]
[MD5.7A6DFCE4B8033CCD303918FACCCA9588] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [307824] [PID.5008]
[MD5.54126CDDEF533083D0FFDB94810AD1AA] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe [247968] [PID.4516]
[MD5.42490FB12B55D9841B2C51365E7A4303] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1240088] [PID.5036]
[MD5.CC926B0811C3FA2363C98711410FEF24] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [4540928] [PID.2976]
~ Scan Processes Running in 00mn 00s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\pachard bell\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] chrome://newtab/
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\pachard bell\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Skype Limited - Facebook Video Calling Plugin.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {3248f342-70c6-418d-a300-b8e925e95556} . (.Skype Limited - Facebook Video Calling Plugin.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s

---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 0

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo desktop\1.6.48.1082\Badoo.desktop.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\pachard bell\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\pachard bell\AppData\Roaming\Spotify\Spotify.exe
O4 - HKCU\..\Run: [Spotify Web Helper] . (...) -- C:\Users\pachard bell\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\pachard bell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\pachard bell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\pachard bell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk . (.Spotify Ltd.) -- C:\Users\pachard bell\AppData\Roaming\Spotify\spotify.exe
O4 - Global Startup: C:\Users\pachard bell\Desktop\Continue FLV Player Installation.lnk . (...) -- C:\Users\pachard bell\AppData\Local\Temp\ICReinstall_FLVPlayerSetup (1).exe
O4 - Global Startup: C:\Users\pachard bell\Desktop\Spotify.lnk . (.Spotify Ltd.) -- C:\Users\pachard bell\AppData\Roaming\Spotify\spotify.exe
O4 - Global Startup: C:\Users\pachard bell\Desktop\Windows Live Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\pachard bell\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\pachard bell\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Scan Global Startup in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files (x86)\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3730807242-2045987243-3839747425-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3730807242-2045987243-3839747425-1000UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.FCC7C432FBF465C38FD5D940580EF9B7] [APT] [FacebookUpdateTaskUserS-1-5-21-3730807242-2045987243-3839747425-1000Core] (.Facebook Inc..) -- C:\Users\pachard bell\AppData\Local\Facebook\Update\FacebookUpdate.exe
[MD5.FCC7C432FBF465C38FD5D940580EF9B7] [APT] [FacebookUpdateTaskUserS-1-5-21-3730807242-2045987243-3839747425-1000UA] (.Facebook Inc..) -- C:\Users\pachard bell\AppData\Local\Facebook\Update\FacebookUpdate.exe
[MD5.0EA8C1256AA9F68287CD8F06EB527238] [APT] [{6F3216B4-FEE5-4AAD-BB75-DD00BFF96839}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 03s

---\\ Composants installés (ActiveSetup Installed Components) (O40) (None)

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/05/2011 - 19:57:09 - [1039,289] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 6/01/2012 - 22:30:41 - [2,316] ----D C:\Program Files (x86)\Apple Software Update
O43 - CFD: 6/01/2012 - 22:34:39 - [0,602] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 31/05/2012 - 10:59:36 - [676,111] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 18/05/2011 - 19:27:57 - [97,067] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 29/06/2011 - 13:52:45 - [301,595] ----D C:\Program Files (x86)\Google
O43 - CFD: 30/06/2011 - 19:21:05 - [727,881] ----D C:\Program Files (x86)\Gulliland
O43 - CFD: 18/05/2011 - 19:28:52 - [48,505] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2/11/2009 - 22:31:13 - [10,585] ----D C:\Program Files (x86)\Intel
O43 - CFD: 12/04/2012 - 19:30:17 - [5,759] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 6/01/2012 - 22:37:41 - [140,752] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 31/05/2012 - 10:57:30 - [92,461] ----D C:\Program Files (x86)\Java
O43 - CFD: 29/06/2011 - 14:00:09 - [4,672] ----D C:\Program Files (x86)\Jeux-
O43 - CFD: 29/06/2011 - 13:59:53 - [96,126] ----D C:\Program Files (x86)\Jeux.fr
O43 - CFD: 18/05/2011 - 19:25:42 - [5,259] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 1/06/2012 - 15:07:15 - [11,554] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 3/07/2011 - 08:45:44 - [9,419] ----D C:\Program Files (x86)\McAfee Security Scan
O43 - CFD: 11/04/2012 - 15:06:09 - [28,654] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 19/07/2011 - 16:41:44 - [562,459] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2/11/2009 - 22:38:44 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 15/05/2012 - 06:09:12 - [40,838] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 18/05/2011 - 19:32:19 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 18/05/2011 - 19:35:05 - [0,627] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 20/05/2011 - 15:21:01 - [139,669] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 29/05/2011 - 11:52:28 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14/05/2012 - 14:18:24 - [0] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 21/05/2011 - 00:13:40 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 30/10/2009 - 07:28:15 - [401,151] ----D C:\Program Files (x86)\Nero
O43 - CFD: 2/11/2009 - 22:42:29 - [26,677] ----D C:\Program Files (x86)\NewTech Infosystems
O43 - CFD: 2/11/2009 - 23:23:11 - [163,571] ----D C:\Program Files (x86)\Norton Internet Security
O43 - CFD: 30/10/2009 - 07:20:36 - [30,373] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 18/05/2011 - 20:11:15 - [0,102] ----D C:\Program Files (x86)\OEM
O43 - CFD: 19/05/2012 - 14:02:29 - [285,319] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 31/05/2012 - 10:59:05 - [33,186] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 2/11/2009 - 22:55:23 - [49,596] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 2/11/2009 - 22:51:04 - [800,436] ----D C:\Program Files (x86)\Packard Bell GameZone
O43 - CFD: 6/01/2012 - 22:33:29 - [72,431] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 30/10/2009 - 07:18:49 - [8,033] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [36,809] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2/06/2011 - 18:07:26 - [26,766] R---D C:\Program Files (x86)\Skype
O43 - CFD: 2/11/2009 - 22:55:17 - [2,100] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 18/05/2011 - 19:23:58 - [11,545] ----D C:\Program Files (x86)\Video Web Camera
O43 - CFD: 25/01/2012 - 02:16:29 - [80,793] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 17/12/2010 - 17:42:47 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 1/06/2011 - 21:21:35 - [176,124] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 20/05/2011 - 16:19:39 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 20/05/2011 - 16:19:17 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 17/12/2010 - 17:42:47 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2/11/2009 - 23:23:54 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 17/12/2010 - 17:42:48 - [5,716] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 26/05/2012 - 13:13:06 - [13,541] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 18/05/2011 - 19:58:36 - [64,874] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2/11/2009 - 23:21:20 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 6/01/2012 - 22:37:18 - [98,972] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 18/05/2011 - 19:27:57 - [0,123] ----D C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 2/11/2009 - 22:33:57 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 31/05/2012 - 10:59:36 - [1,181] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 18/05/2011 - 19:58:35 - [0,622] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 9/03/2012 - 04:04:20 - [273,917] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 30/10/2009 - 07:30:44 - [115,936] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 2/11/2009 - 22:43:05 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 18/05/2011 - 19:58:16 - [4,031] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 2/11/2009 - 23:21:41 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2/06/2011 - 18:07:14 - [2,150] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 18/05/2011 - 19:58:16 - [0,324] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 18/05/2011 - 19:38:01 - [0,590] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 9/03/2012 - 04:03:14 - [42,707] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 18/05/2011 - 19:30:00 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 18/05/2011 - 19:58:36 - [392,772] ----D C:\ProgramData\Adobe
O43 - CFD: 29/06/2011 - 14:00:27 - [3,013] ----D C:\ProgramData\AlawarWrapper
O43 - CFD: 6/01/2012 - 22:35:22 - [61,878] ----D C:\ProgramData\Apple
O43 - CFD: 6/01/2012 - 22:37:18 - [68,501] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 22/02/2012 - 00:45:30 - [0,971] ----D C:\ProgramData\Arcade Lab
O43 - CFD: 2/11/2009 - 22:42:41 - [0,049] ----D C:\ProgramData\BackupManager
O43 - CFD: 16/04/2012 - 19:27:40 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 18/05/2011 - 19:19:20 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 25/02/2012 - 00:58:01 - [0,000] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 18/01/2012 - 10:14:23 - [0,028] ----D C:\ProgramData\FarmFrenzy2
O43 - CFD: 29/06/2011 - 14:17:40 - [0,035] ----D C:\ProgramData\FarmFrenzy3
O43 - CFD: 18/05/2011 - 19:19:20 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 3/07/2011 - 21:29:53 - [0,001] ----D C:\ProgramData\FLEXnet
O43 - CFD: 30/10/2009 - 07:31:49 - [0,514] ----D C:\ProgramData\Google
O43 - CFD: 1/06/2012 - 15:07:13 - [7,900] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 29/06/2011 - 19:12:44 - [0,331] ----D C:\ProgramData\McAfee
O43 - CFD: 29/06/2011 - 19:12:44 - [0,001] ----D C:\ProgramData\McAfee Security Scan
O43 - CFD: 18/05/2011 - 19:19:20 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 11/04/2012 - 15:05:35 - [136,114] -S--D C:\ProgramData\Microsoft
O43 - CFD: 14/05/2012 - 14:40:04 - [0,116] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 18/05/2011 - 19:19:20 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 30/10/2009 - 07:26:57 - [11,107] ----D C:\ProgramData\Nero
O43 - CFD: 18/05/2011 - 19:22:49 - [313,588] ----D C:\ProgramData\Norton
O43 - CFD: 30/10/2009 - 07:20:36 - [6,038] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 18/05/2011 - 19:29:03 - [0,006] ----D C:\ProgramData\OEM
O43 - CFD: 30/10/2009 - 07:39:39 - [0,867] ----D C:\ProgramData\Packard Bell
O43 - CFD: 10/06/2011 - 15:36:37 - [0,002] ----D C:\ProgramData\Partner
O43 - CFD: 29/06/2011 - 13:45:49 - [0] ----D C:\ProgramData\PlayFirst
O43 - CFD: 29/06/2011 - 02:51:16 - [0,178] ----D C:\ProgramData\Sandlot Games
O43 - CFD: 2/06/2011 - 18:07:13 - [22,130] ----D C:\ProgramData\Skype
O43 - CFD: 19/04/2012 - 02:58:55 - [1,793] ----D C:\ProgramData\Skype Extras
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 31/05/2012 - 10:59:37 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 19/05/2011 - 15:59:24 - [0,001] ----D C:\ProgramData\Symantec
O43 - CFD: 22/02/2012 - 01:34:32 - [0,051] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 2/06/2011 - 23:45:51 - [0] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 18/01/2012 - 10:15:29 - [0] -SH-D C:\Users\pachard bell\AppData\Roaming\.#
O43 - CFD: 2/01/2012 - 09:28:34 - [7,677] ----D C:\Users\pachard bell\AppData\Roaming\Adobe
O43 - CFD: 2/06/2011 - 23:47:44 - [0,223] ----D C:\Users\pachard bell\AppData\Roaming\Apple Computer
O43 - CFD: 3/11/2011 - 17:46:39 - [0,002] ----D C:\Users\pachard bell\AppData\Roaming\CyberLink
O43 - CFD: 29/05/2012 - 02:01:04 - [0,000] ----D C:\Users\pachard bell\AppData\Roaming\dvdcss
O43 - CFD: 9/08/2011 - 01:03:05 - [0,017] ----D C:\Users\pachard bell\AppData\Roaming\GameConsole
O43 - CFD: 18/05/2011 - 20:12:30 - [0,013] ----D C:\Users\pachard bell\AppData\Roaming\Google
O43 - CFD: 18/05/2011 - 19:20:15 - [0] ----D C:\Users\pachard bell\AppData\Roaming\Identities
O43 - CFD: 18/05/2011 - 19:26:09 - [0,001] ----D C:\Users\pachard bell\AppData\Roaming\Macromedia
O43 - CFD: 1/06/2012 - 15:07:22 - [20,388] ----D C:\Users\pachard bell\AppData\Roaming\Malwarebytes
O43 - CFD: 30/10/2009 - 07:59:17 - [0] ----D C:\Users\pachard bell\AppData\Roaming\Media Center Programs
O43 - CFD: 29/05/2012 - 16:23:28 - [20,718] -S--D C:\Users\pachard bell\AppData\Roaming\Microsoft
O43 - CFD: 16/04/2012 - 01:28:57 - [0] ----D C:\Users\pachard bell\AppData\Roaming\Mozilla
O43 - CFD: 19/05/2012 - 14:04:17 - [21,393] ----D C:\Users\pachard bell\AppData\Roaming\OpenOffice.org
O43 - CFD: 29/06/2011 - 13:45:49 - [0,001] ----D C:\Users\pachard bell\AppData\Roaming\PlayFirst
O43 - CFD: 19/04/2012 - 22:19:19 - [4,186] ----D C:\Users\pachard bell\AppData\Roaming\Skype
O43 - CFD: 19/04/2012 - 16:03:01 - [0,045] ----D C:\Users\pachard bell\AppData\Roaming\skypePM
O43 - CFD: 1/06/2012 - 18:02:37 - [44,683] ----D C:\Users\pachard bell\AppData\Roaming\Spotify
O43 - CFD: 21/05/2012 - 12:11:48 - [0,013] ----D C:\Users\pachard bell\AppData\Roaming\Template
O43 - CFD: 22/02/2012 - 01:28:19 - [0,003] ----D C:\Users\pachard bell\AppData\Roaming\ViquaSoft
O43 - CFD: 27/02/2012 - 14:41:38 - [0,169] ----D C:\Users\pachard bell\AppData\Roaming\vlc
O43 - CFD: 14/04/2012 - 11:14:18 - [0,000] ----D C:\Users\pachard bell\AppData\Roaming\Windows Live Writer
O43 - CFD: 13/01/2012 - 20:11:36 - [28,426] ----D C:\Users\pachard bell\AppData\Local\Adobe
O43 - CFD: 2/06/2011 - 23:43:46 - [0] ----D C:\Users\pachard bell\AppData\Local\Apple
O43 - CFD: 3/07/2011 - 09:32:33 - [10,654] ----D C:\Users\pachard bell\AppData\Local\Apple Computer
O43 - CFD: 18/05/2011 - 19:19:35 - [0] ----D C:\Users\pachard bell\AppData\Local\Application Data
O43 - CFD: 29/05/2012 - 11:43:45 - [7,385] ----D C:\Users\pachard bell\AppData\Local\Diagnostics
O43 - CFD: 3/11/2011 - 20:24:05 - [7,367] ----D C:\Users\pachard bell\AppData\Local\Facebook
O43 - CFD: 22/03/2012 - 00:17:23 - [850,151] ----D C:\Users\pachard bell\AppData\Local\Google
O43 - CFD: 18/05/2011 - 19:19:35 - [0] ----D C:\Users\pachard bell\AppData\Local\Historique
O43 - CFD: 29/05/2012 - 16:23:29 - [1783,151] ----D C:\Users\pachard bell\AppData\Local\Microsoft
O43 - CFD: 4/12/2011 - 23:40:23 - [0,242] ----D C:\Users\pachard bell\AppData\Local\Microsoft Games
O43 - CFD: 18/05/2011 - 19:34:34 - [0] ----D C:\Users\pachard bell\AppData\Local\Microsoft Help
O43 - CFD: 22/02/2012 - 01:06:47 - [114,251] ----D C:\Users\pachard bell\AppData\Local\Oberon Games
O43 - CFD: 4/02/2012 - 01:33:38 - [0] ----D C:\Users\pachard bell\AppData\Local\PackageAware
O43 - CFD: 18/05/2011 - 19:29:31 - [0,016] ----D C:\Users\pachard bell\AppData\Local\Packard Bell
O43 - CFD: 22/05/2012 - 09:16:39 - [76,177] ----D C:\Users\pachard bell\AppData\Local\Spotify
O43 - CFD: 1/06/2012 - 18:15:02 - [506,279] ----D C:\Users\pachard bell\AppData\Local\Temp
O43 - CFD: 18/05/2011 - 19:19:35 - [0] ----D C:\Users\pachard bell\AppData\Local\Temporary Internet Files
O43 - CFD: 18/08/2011 - 13:08:08 - [1,328] ----D C:\Users\pachard bell\AppData\Local\VirtualStore
O43 - CFD: 28/04/2012 - 04:02:04 - [0,152] ----D C:\Users\pachard bell\AppData\Local\Windows Live
O43 - CFD: 7/04/2012 - 05:32:42 - [0,618] ----D C:\Users\pachard bell\AppData\Local\Windows Live Writer
O43 - CFD: 4/05/2012 - 22:18:56 - [0] ----D C:\Users\pachard bell\AppData\Local\{003FD300-C76F-4DE7-B4CB-C1A519EE7B34}
O43 - CFD: 21/05/2012 - 21:50:18 - [0] ----D C:\Users\pachard bell\AppData\Local\{009B2D72-CF3C-44EF-A9BD-AF08DE475013}
O43 - CFD: 1/06/2012 - 15:01:17 - [0] ----D C:\Users\pachard bell\AppData\Local\{0187996B-A60C-4C53-9CF1-D79203E5A0FC}
O43 - CFD: 26/05/2012 - 06:06:25 - [0] ----D C:\Users\pachard bell\AppData\Local\{01E38EA3-87D9-4CF2-81FC-3C2F32A79FF0}
O43 - CFD: 19/12/2011 - 17:05:58 - [0] ----D C:\Users\pachard bell\AppData\Local\{0204C20D-7EE8-4E28-A14F-21C61DAE0290}
O43 - CFD: 19/08/2011 - 22:42:04 - [0] ----D C:\Users\pachard bell\AppData\Local\{0272479D-E139-4AA2-9B55-D0BD1887CD37}
O43 - CFD: 23/01/2012 - 16:17:03 - [0] ----D C:\Users\pachard bell\AppData\Local\{0335780C-B53F-420E-B9B4-2B04D7D0E289}
O43 - CFD: 7/08/2011 - 23:41:58 - [0] ----D C:\Users\pachard bell\AppData\Local\{036FD569-5310-4A1F-8B0C-13A8BC4CC4E5}
O43 - CFD: 26/02/2012 - 00:48:21 - [0] ----D C:\Users\pachard bell\AppData\Local\{03803733-110E-4207-95EB-68DDFC396C35}
O43 - CFD: 15/04/2012 - 05:08:50 - [0] ----D C:\Users\pachard bell\AppData\Local\{03A35ED8-DB03-4CF4-9AF7-E9E8AE2DEFFD}
O43 - CFD: 29/01/2012 - 08:12:29 - [0] ----D C:\Users\pachard bell\AppData\Local\{03CEEA5C-0B66-4B46-867B-BB03E26EFEC8}
O43 - CFD: 30/10/2011 - 19:23:17 - [0] ----D C:\Users\pachard bell\AppData\Local\{03E47A9C-7760-4626-9ACE-A63BEB659CC6}
O43 - CFD: 31/01/2012 - 13:09:01 - [0] ----D C:\Users\pachard bell\AppData\Local\{05979EE4-E36C-4C53-9269-363A28ABEAED}
O43 - CFD: 18/05/2012 - 22:47:19 - [0] ----D C:\Users\pachard bell\AppData\Local\{05C02B6A-1EF0-46F5-9258-6938E7EE5371}
O43 - CFD: 20/01/2012 - 13:42:59 - [0] ----D C:\Users\pachard bell\AppData\Local\{0807358F-DACE-4337-AA5D-036F947ACF04}
O43 - CFD: 7/11/2011 - 00:40:48 - [0] ----D C:\Users\pachard bell\AppData\Local\{08749EE4-37F1-434B-AF98-37A1E0CAF03C}
O43 - CFD: 23/09/2011 - 13:48:54 - [0] ----D C:\Users\pachard bell\AppData\Local\{0900C5D6-E39D-49BB-A4BA-EBC6C27BB9B0}
O43 - CFD: 7/08/2011 - 23:41:48 - [0] ----D C:\Users\pachard bell\AppData\Local\{09B89E30-20F5-496A-8A4B-147279BE5276}
O43 - CFD: 7/08/2011 - 17:39:17 - [0] ----D C:\Users\pachard bell\AppData\Local\{0B0A1585-B97C-4DEE-83F3-9D1B9C7BA563}
O43 - CFD: 1/05/2012 - 07:39:49 - [0] ----D C:\Users\pachard bell\AppData\Local\{0B39A8CE-3126-41BE-9E89-C38235E6EC4C}
O43 - CFD: 9/08/2011 - 18:38:20 - [0] ----D C:\Users\pachard bell\AppData\Local\{0B75F64A-E061-4811-8956-33C01BEF57CE}
O43 - CFD: 9/10/2011 - 20:20:52 - [0] ----D C:\Users\pachard bell\AppData\Local\{0C4E0872-7CD3-442E-8CD5-ED62F069EA2E}
O43 - CFD: 17/12/2011 - 23:24:45 - [0] ----D C:\Users\pachard bell\AppData\Local\{0C5D169A-14EF-4535-B4B3-5EB127A6C293}
O43 - CFD: 18/04/2012 - 21:25:19 - [0] ----D C:\Users\pachard bell\AppData\Local\{0C7D1BF8-24D2-4954-9C24-2A023F3E0911}
O43 - CFD: 8/08/2011 - 17:32:11 - [0] ----D C:\Users\pachard bell\AppData\Local\{0CAAD852-5EEE-4DAF-BA77-C6DDEC6F01AC}
O43 - CFD: 16/05/2012 - 12:11:21 - [0] ----D C:\Users\pachard bell\AppData\Local\{0CBFB9F6-CE6C-4440-831B-2D03015CAAEE}
O43 - CFD: 2/12/2011 - 00:44:52 - [0] ----D C:\Users\pachard bell\AppData\Local\{0CDA2CCE-1546-44D6-8A70-FC54784CD638}
O43 - CFD: 8/07/2011 - 20:49:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{0D94B367-F0FC-435B-90B3-E038E13038D3}
O43 - CFD: 14/08/2011 - 00:27:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{0E11540F-D6A4-44BB-BB9A-E2E3C68C4D39}
O43 - CFD: 21/02/2012 - 13:52:18 - [0] ----D C:\Users\pachard bell\AppData\Local\{0E14603D-DBBA-4D97-B213-01F465EDF79E}
O43 - CFD: 1/12/2011 - 11:47:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{0F06456E-D5C1-4006-8620-F6ABFFFA2471}
O43 - CFD: 12/01/2012 - 21:15:58 - [0] ----D C:\Users\pachard bell\AppData\Local\{0FE4F8F1-ECE1-41A0-9871-9F801F3EB7F0}
O43 - CFD: 28/12/2011 - 12:57:17 - [0] ----D C:\Users\pachard bell\AppData\Local\{0FF68DC1-1F76-4CD7-BFCF-CF8BA39DF891}
O43 - CFD: 30/04/2012 - 19:19:28 - [0] ----D C:\Users\pachard bell\AppData\Local\{0FFEE2E2-D0D5-43D7-8888-3B40997B1985}
O43 - CFD: 9/01/2012 - 23:16:13 - [0] ----D C:\Users\pachard bell\AppData\Local\{105BC904-C385-43EF-9BF7-990F310B90A3}
O43 - CFD: 6/12/2011 - 16:56:14 - [0] ----D C:\Users\pachard bell\AppData\Local\{135374AC-0504-4A5D-988E-1E5EB748F217}
O43 - CFD: 12/08/2011 - 01:24:28 - [0] ----D C:\Users\pachard bell\AppData\Local\{143FFD22-CBDB-4727-AA2A-5E2B2D971A6F}
O43 - CFD: 12/08/2011 - 18:56:04 - [0] ----D C:\Users\pachard bell\AppData\Local\{14A54BB3-1BC9-4DAC-8BA8-D441BB7144E6}
O43 - CFD: 16/04/2012 - 17:09:12 - [0] ----D C:\Users\pachard bell\AppData\Local\{14CC9C51-53C1-46A5-81CC-2E861AAF132D}
O43 - CFD: 6/07/2011 - 21:25:36 - [0] ----D C:\Users\pachard bell\AppData\Local\{154AE9AE-4419-4FE1-9131-22DCD45E90B2}
O43 - CFD: 21/04/2012 - 23:01:31 - [0] ----D C:\Users\pachard bell\AppData\Local\{1801C03F-3AF2-4645-95FF-F3669A2285EA}
O43 - CFD: 18/12/2011 - 08:32:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{1BCEDE87-8920-4419-B3B2-534852D59904}
O43 - CFD: 22/12/2011 - 00:45:55 - [0] ----D C:\Users\pachard bell\AppData\Local\{1C00C8D0-F70F-4A69-BE95-64FF28944A2C}
O43 - CFD: 23/08/2011 - 18:16:00 - [0] ----D C:\Users\pachard bell\AppData\Local\{1C316490-CEEE-4B2F-9A86-EAE616860C0C}
O43 - CFD: 30/10/2011 - 21:37:09 - [0] ----D C:\Users\pachard bell\AppData\Local\{1D259A02-E9EB-47E6-80BD-BC8EC9B580CA}
O43 - CFD: 22/12/2011 - 18:07:30 - [0] ----D C:\Users\pachard bell\AppData\Local\{1E72EFA9-8A36-4A77-8DAF-7FD3DF4A5770}
O43 - CFD: 13/01/2012 - 08:32:11 - [0] ----D C:\Users\pachard bell\AppData\Local\{1EBB9AA5-43D9-4FF2-B7F0-4FA2CA6EB5C6}
O43 - CFD: 5/11/2011 - 07:38:36 - [0] ----D C:\Users\pachard bell\AppData\Local\{1F2B638C-5C20-4875-A1D1-B0D07619E249}
O43 - CFD: 17/11/2011 - 16:33:58 - [0] ----D C:\Users\pachard bell\AppData\Local\{20C7744F-A322-4E7D-98E5-2CC140DEC59A}
O43 - CFD: 21/12/2011 - 21:05:25 - [0] ----D C:\Users\pachard bell\AppData\Local\{215983F9-7A82-40BD-9BB2-FF3C066D8828}
O43 - CFD: 3/08/2011 - 16:56:27 - [0] ----D C:\Users\pachard bell\AppData\Local\{2238BC14-E15F-432A-81D5-61BA71BFD841}
O43 - CFD: 9/12/2011 - 15:02:04 - [0] ----D C:\Users\pachard bell\AppData\Local\{22E7AD1D-67ED-4D2E-805E-2A0D512EF29C}
O43 - CFD: 21/02/2012 - 16:53:55 - [0] ----D C:\Users\pachard bell\AppData\Local\{23302074-30B8-4D1A-9CB0-FDD41B86B9DA}
O43 - CFD: 14/08/2011 - 23:30:16 - [0] ----D C:\Users\pachard bell\AppData\Local\{238D2AA7-F050-418A-B252-816EF80A1B24}
O43 - CFD: 26/12/2011 - 07:49:45 - [0] ----D C:\Users\pachard bell\AppData\Local\{242A85B7-27FA-4DF8-A5E3-9876AA78D5F3}
O43 - CFD: 21/04/2012 - 23:01:41 - [0] ----D C:\Users\pachard bell\AppData\Local\{243C6FA0-4B0B-44F4-8031-D17F7ACFE05B}
O43 - CFD: 25/08/2011 - 01:12:05 - [0] ----D C:\Users\pachard bell\AppData\Local\{24B00DBA-4D72-440D-82A4-57385AB32954}
O43 - CFD: 6/08/2011 - 16:25:46 - [0] ----D C:\Users\pachard bell\AppData\Local\{24B40C02-D986-4878-A4A7-2B139AB5ACBB}
O43 - CFD: 20/12/2011 - 18:20:36 - [0] ----D C:\Users\pachard bell\AppData\Local\{24FC471A-82AD-489D-B2D9-7CB5F478C5DA}
O43 - CFD: 5/11/2011 - 07:38:48 - [0] ----D C:\Users\pachard bell\AppData\Local\{25431586-D39D-4646-9951-5273E69DD7DE}
O43 - CFD: 23/01/2012 - 16:16:51 - [0] ----D C:\Users\pachard bell\AppData\Local\{254B8DE7-FD56-4011-BBAB-2929F4E61C1D}
O43 - CFD: 31/12/2011 - 08:00:39 - [0] ----D C:\Users\pachard bell\AppData\Local\{25799A49-52DF-447B-A491-720D5CC6699F}
O43 - CFD: 17/11/2011 - 16:33:48 - [0] ----D C:\Users\pachard bell\AppData\Local\{257F341E-1904-4B18-BC98-46B26540AAAF}
O43 - CFD: 25/12/2011 - 14:34:02 - [0] ----D C:\Users\pachard bell\AppData\Local\{2599B43A-5585-4F5F-B654-E315803E1DBC}
O43 - CFD: 4/05/2012 - 22:18:06 - [0] ----D C:\Users\pachard bell\AppData\Local\{265243E7-F8EC-48F5-A7FA-DA893D8264D7}
O43 - CFD: 30/11/2011 - 13:49:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{26D07019-3AD4-4946-A6A7-2A5AF9420296}
O43 - CFD: 4/12/2011 - 07:24:12 - [0] ----D C:\Users\pachard bell\AppData\Local\{276EFB74-048F-4B86-989E-0A8AFAD89119}
O43 - CFD: 19/11/2011 - 14:41:07 - [0] ----D C:\Users\pachard bell\AppData\Local\{2852D86E-043E-452E-AB46-FEB4D9C1B8CC}
O43 - CFD: 10/04/2012 - 13:58:05 - [0] ----D C:\Users\pachard bell\AppData\Local\{28D7D957-2603-4D18-BF15-C24FBDD1C1A1}
O43 - CFD: 15/12/2011 - 23:21:10 - [0] ----D C:\Users\pachard bell\AppData\Local\{297A8CB2-46E5-4812-B622-D56C82D09757}
O43 - CFD: 8/11/2011 - 22:32:16 - [0] ----D C:\Users\pachard bell\AppData\Local\{2A3F71BE-F088-4700-AEFB-2275130BFAB8}
O43 - CFD: 23/08/2011 - 02:39:07 - [0] ----D C:\Users\pachard bell\AppData\Local\{2A4EA72D-2474-421B-84A0-2B9921BF44CB}
O43 - CFD: 28/12/2011 - 12:57:05 - [0] ----D C:\Users\pachard bell\AppData\Local\{2A8754E2-8F75-48CA-BC1A-DABFFF75F685}
O43 - CFD: 14/11/2011 - 16:35:32 - [0] ----D C:\Users\pachard bell\AppData\Local\{2B757CD2-271C-46CC-B31E-AA2C5F3FB26A}
O43 - CFD: 22/05/2012 - 16:19:38 - [0] ----D C:\Users\pachard bell\AppData\Local\{2B7C0136-C02B-4447-9BED-8BA1A7B12280}
O43 - CFD: 13/01/2012 - 19:24:02 - [0] ----D C:\Users\pachard bell\AppData\Local\{2B7CE994-4118-4577-ADBC-5502665C2EE9}
O43 - CFD: 16/12/2011 - 22:38:34 - [0] ----D C:\Users\pachard bell\AppData\Local\{2BBAEBBA-F483-46B3-B5DB-157F5252CAA2}
O43 - CFD: 13/05/2012 - 18:38:50 - [0] ----D C:\Users\pachard bell\AppData\Local\{2D017CAA-8B33-47D7-B059-A9D7D0CA491C}
O43 - CFD: 20/10/2011 - 19:47:20 - [0] ----D C:\Users\pachard bell\AppData\Local\{2D146BC8-792D-4A3D-9A57-D7C786FA9936}
O43 - CFD: 7/01/2012 - 08:54:25 - [0] ----D C:\Users\pachard bell\AppData\Local\{2DBEC24D-FB46-450C-8C15-6B8E2E3F7F9E}
O43 - CFD: 26/12/2011 - 02:02:38 - [0] ----D C:\Users\pachard bell\AppData\Local\{2E697F58-EE5B-492B-AD11-865DB47AAD8C}
O43 - CFD: 10/08/2011 - 17:57:46 - [0] ----D C:\Users\pachard bell\AppData\Local\{2F6A8041-75C0-4BD4-93C9-73A649F873E7}
O43 - CFD: 3/01/2012 - 08:30:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{2F799FBE-CD21-49E7-99E3-4CFC9D4E7821}
O43 - CFD: 1/04/2012 - 17:08:34 - [0] ----D C:\Users\pachard bell\AppData\Local\{2FB26522-32B3-4B85-A1F7-88CA00A3B9FE}
O43 - CFD: 27/06/2011 - 17:05:19 - [0] ----D C:\Users\pachard bell\AppData\Local\{2FF16BAD-B49E-48F9-A548-0E23058460DE}
O43 - CFD: 20/05/2012 - 21:08:55 - [0] ----D C:\Users\pachard bell\AppData\Local\{30017959-08C6-4EE4-8A3E-34EABE1B5F4B}
O43 - CFD: 24/10/2011 - 22:58:34 - [0] ----D C:\Users\pachard bell\AppData\Local\{30614F0A-E671-4352-9AFE-B252F822A7B0}
O43 - CFD: 29/11/2011 - 17:17:41 - [0] ----D C:\Users\pachard bell\AppData\Local\{306D7679-B89F-40A2-8D24-AC40AB712A07}
O43 - CFD: 23/12/2011 - 09:56:15 - [0] ----D C:\Users\pachard bell\AppData\Local\{30F23651-68F7-4142-95E7-76400B33A0B8}
O43 - CFD: 8/05/2012 - 00:16:52 - [0] ----D C:\Users\pachard bell\AppData\Local\{319C3085-A27C-48D8-947B-DB364F4DDDDF}
O43 - CFD: 21/12/2011 - 14:03:45 - [0] ----D C:\Users\pachard bell\AppData\Local\{31A67A6A-B611-46C6-B090-63F620338E34}
O43 - CFD: 24/08/2011 - 04:05:38 - [0] ----D C:\Users\pachard bell\AppData\Local\{32826DA3-FEAE-4572-B213-467A1744F472}
O43 - CFD: 28/04/2012 - 13:56:02 - [0] ----D C:\Users\pachard bell\AppData\Local\{32C2B54A-D5BA-4122-8241-CEEBE8AC7CC5}
O43 - CFD: 2/11/2011 - 16:26:11 - [0] ----D C:\Users\pachard bell\AppData\Local\{330700AA-C79B-4078-8D7D-686BAED4C5A6}
O43 - CFD: 13/08/2011 - 16:18:30 - [0] ----D C:\Users\pachard bell\AppData\Local\{3495AE2D-D8DC-4A3B-B619-09DA1112BD02}
O43 - CFD: 19/05/2012 - 21:06:22 - [0] ----D C:\Users\pachard bell\AppData\Local\{3553B70A-98B1-4BAF-95DE-7311E67C8ED2}
O43 - CFD: 29/10/2011 - 16:35:35 - [0] ----D C:\Users\pachard bell\AppData\Local\{35D113D9-0EF3-459F-B471-709DF8AFAF80}
O43 - CFD: 11/08/2011 - 16:07:34 - [0] ----D C:\Users\pachard bell\AppData\Local\{35F01924-33B9-4509-805C-5CC80C6A8449}
O43 - CFD: 17/08/2011 - 19:16:52 - [0] ----D C:\Users\pachard bell\AppData\Local\{366AAFA1-E7A0-4893-B088-D23C755D72D7}
O43 - CFD: 13/11/2011 - 05:49:28 - [0] ----D C:\Users\pachard bell\AppData\Local\{36D0C4B6-9D51-48DC-90BF-FF99014673C7}
O43 - CFD: 12/11/2011 - 00:53:51 - [0] ----D C:\Users\pachard bell\AppData\Local\{370ADB25-E516-4CCD-966C-957F857C6D5F}
O43 - CFD: 12/11/2011 - 18:41:41 - [0] ----D C:\Users\pachard bell\AppData\Local\{370C6197-243E-4220-B4F1-78D6685373B8}
O43 - CFD: 23/11/2011 - 22:31:03 - [0] ----D C:\Users\pachard bell\AppData\Local\{372FD479-5B9C-4023-966E-9C21A7BA8C34}
O43 - CFD: 20/07/2011 - 08:22:49 - [0] ----D C:\Users\pachard bell\AppData\Local\{3772EC72-2F47-4B6F-8D0C-527AF35E3E0D}
O43 - CFD: 28/10/2011 - 19:10:01 - [0] ----D C:\Users\pachard bell\AppData\Local\{37E83CE3-1663-4DEE-84D4-D00D3AF9C419}
O43 - CFD: 15/08/2011 - 03:44:21 - [0] ----D C:\Users\pachard bell\AppData\Local\{38246631-5B11-4F28
0
Réponse 8 / 12
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Re,
1/
Tu as lancé ADWCleaner en mode recherche et non suppression!
Lance AdwCleaner
Clique sur le bouton [ Suppression ]
Patiente...
Poste le rapport qui apparait en fin de recherche.
(Le rapport est sauvegardé aussi sous C:\ AdwCleaner[SX].Txt)

2/
* Telecharge et install link officiel : >>>USBFix ICI<<<
ou : >>> ICI <<<

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

* Double clique sur le raccourci UsbFix sur ton Bureau (clique droit avec la souris

:exécuter en tant qu'administrateur pour vista/seven), l'installation se fera

automatiquement

* Clique sur "Recherche"
* Laisse travailler l'outil

* A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse (il est aussi sauvegardé a la racine du disque dur : C:\UsbFix.txt )

3/
Le rapport ZHPDiag est incomplet
Tu n'as pas l'hébergé le rapport!ce n'est pas la peine maintenant :-)

@+
0
Réponse 9 / 12
LaGringadélamancha Messages postés 10 Statut Membre 1
 
Ok Ok ! En tout cas un grand merci pr ta patience ! ;))

Bon j'espère que cette fois ci, sera la bonne :D !

rapport adwclear : (mais c la 6ième fois que je le fais donc je t'envoie le R6 si besoin du R1 peux aussi te l'envoyer ... )

# AdwCleaner v1.607 - Rapport créé le 02/06/2012 à 01:13:55
# Mis à jour le 23/05/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium (64 bits)
# Nom d'utilisateur : pachard bell - PACHARDBELL-PC
# Exécuté depuis : C:\Users\pachard bell\Downloads\adwcleaner.exe
# Option [Recherche]

***** [Services] *****

***** [Fichiers / Dossiers] *****

***** [Registre] *****

***** [Registre - GUID] *****

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Google Chrome v19.0.1084.52

Fichier : C:\Users\pachard bell\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [14060 octets] - [26/05/2012 12:59:08]
AdwCleaner[R2].txt - [14121 octets] - [31/05/2012 13:16:45]
AdwCleaner[R3].txt - [14182 octets] - [31/05/2012 14:06:04]
AdwCleaner[S1].txt - [11267 octets] - [31/05/2012 14:06:30]
AdwCleaner[R4].txt - [1216 octets] - [31/05/2012 15:54:31]
AdwCleaner[S2].txt - [1279 octets] - [31/05/2012 15:54:56]
AdwCleaner[S3].txt - [1275 octets] - [01/06/2012 14:58:56]
AdwCleaner[R5].txt - [1333 octets] - [02/06/2012 01:02:50]
AdwCleaner[S4].txt - [1395 octets] - [02/06/2012 01:03:42]
AdwCleaner[R6].txt - [1324 octets] - [02/06/2012 01:13:55]

########## EOF - C:\AdwCleaner[R6].txt - [1452 octets] ##########

Rapport UsbFix :

############################## | UsbFix V 7.084 | [Recherche]

Utilisateur: pachard bell (Administrateur) # PACHARDBELL-PC
Mis à jour le 13/03/2012 par El Desaparecido
Lancé à 11:27:35 | 02/06/2012

Site Web: https://www.sosvirus.net/
Fichier suspect ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: Packard Bell (EasyNote TJ65 ) (x64-based PC) # Notebook
CPU: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz (2100)
RAM -> [ Total : 4025 | Free : 2783 ]
BIOS: Ver 1.00PARTTBL
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AV: Norton Internet Security [ (!) Disabled | (!) Outdated ]
FW: Windows FireWall Service [ Enabled ]

C:\ (%systemdrive%) -> Disque fixe # 454 Go (389 Go libre(s) - 86%) [Packard Bell] # NTFS
D:\ -> CD-ROM
F:\ -> Disque amovible # 2 Go (1 Go libre(s) - 63%) [FLASHDRIVE] # FAT

################## | Processus Actif |

C:\Windows\system32\csrss.exe (408)
C:\Windows\system32\wininit.exe (508)
C:\Windows\system32\csrss.exe (520)
C:\Windows\system32\services.exe (560)
C:\Windows\system32\lsass.exe (580)
C:\Windows\system32\lsm.exe (588)
C:\Windows\system32\svchost.exe (688)
C:\Windows\system32\svchost.exe (752)
C:\Windows\System32\svchost.exe (804)
C:\Windows\system32\winlogon.exe (864)
C:\Windows\System32\svchost.exe (916)
C:\Windows\system32\svchost.exe (972)
C:\Windows\system32\svchost.exe (432)
C:\Windows\system32\svchost.exe (1012)
C:\Windows\System32\spoolsv.exe (1116)
C:\Windows\system32\svchost.exe (1144)
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe (1248)
C:\Windows\system32\taskhost.exe (1388)
C:\Windows\system32\Dwm.exe (1476)
C:\Windows\Explorer.EXE (1520)
c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (1652)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1724)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (1876)
C:\Program Files\Bonjour\mDNSResponder.exe (1904)
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (1960)
C:\Windows\system32\svchost.exe (1984)
C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (2016)
c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (1608)
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (1340)
C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe (2220)
C:\Windows\system32\svchost.exe (2316)
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (2348)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2400)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (2440)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2544)
C:\Windows\system32\SearchIndexer.exe (2640)
C:\Windows\system32\svchost.exe (2868)
C:\Windows\system32\WUDFHost.exe (2896)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (1468)
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (2388)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2464)
C:\Windows\System32\hkcmd.exe (2624)
C:\Windows\System32\igfxpers.exe (3104)
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (3120)
C:\Windows\system32\igfxsrvc.exe (3152)
C:\Users\pachard bell\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (3248)
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (3276)
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (3364)
C:\Program Files (x86)\Video Web Camera\traybar.exe (3508)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3532)
C:\Windows\system32\igfxext.exe (3224)
C:\Program Files (x86)\Launch Manager\LManager.exe (552)
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (380)
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe (3376)
C:\Program Files (x86)\iTunes\iTunesHelper.exe (3660)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2976)
C:\Program Files\Windows Media Player\wmpnetwk.exe (4116)
C:\Windows\system32\wbem\unsecapp.exe (4276)
C:\Windows\system32\wbem\wmiprvse.exe (4368)
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (4460)
C:\Program Files\iPod\bin\iPodService.exe (4660)
C:\Windows\System32\svchost.exe (3428)
C:\Windows\system32\DllHost.exe (5068)
C:\Windows\system32\sppsvc.exe (3584)
C:\Windows\System32\svchost.exe (2448)
C:\Windows\system32\wuauclt.exe (2076)
C:\Windows\servicing\TrustedInstaller.exe (4896)
C:\UsbFix\Go.exe (6096)
C:\Windows\system32\wbem\wmiprvse.exe (1820)

################## | Éléments infectieux |

Présent! C:\Users\PACHAR~1\AppData\Local\Temp\TFR3FFC.tmp
Présent! C:\Users\PACHAR~1\AppData\Local\Temp\7za.exe

################## | Registre |

################## | Mountpoints2 |

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |

Voili Voilou ! MERCI ! ;)
0
Réponse 10 / 12
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Salut,
1/
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

* Double clique sur le raccourci UsbFix sur ton Bureau (clique droit avec la souris

:exécuter en tant qu'administrateur pour vista/seven), l'installation se fera

automatiquement

* Clique sur "Suppression"
* Laisse travailler l'outil

* A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse (il est aussi sauvegardé a la racine du disque dur : C:\UsbFix.txt )

2/
Essais de désinstaller Media Finder en utilisant le logiciel ci-dessous :

Télécharge Revo-uninstaller

Exécute ce fichier pour installation

*******Aide Revo-uninstaller*******

@+
0
Réponse 11 / 12
LaGringadélamancha Messages postés 10 Statut Membre 1
 
coucou ! voici le rapport suppression usbfix :

############################## | UsbFix V 7.084 | [Suppression]

Utilisateur: pachard bell (Administrateur) # PACHARDBELL-PC
Mis à jour le 13/03/2012 par El Desaparecido
Lancé à 16:57:52 | 03/06/2012

Site Web: https://www.sosvirus.net/
Fichier suspect ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: Packard Bell (EasyNote TJ65 ) (x64-based PC) # Notebook
CPU: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz (2100)
RAM -> [ Total : 4025 | Free : 2845 ]
BIOS: Ver 1.00PARTTBL
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AV: Norton Internet Security [ (!) Disabled | (!) Outdated ]
FW: Windows FireWall Service [ Enabled ]

C:\ (%systemdrive%) -> Disque fixe # 454 Go (388 Go libre(s) - 85%) [Packard Bell] # NTFS
D:\ -> CD-ROM

################## | Processus Actif |

C:\Windows\system32\csrss.exe (408)
C:\Windows\system32\wininit.exe (508)
C:\Windows\system32\csrss.exe (520)
C:\Windows\system32\services.exe (560)
C:\Windows\system32\lsass.exe (580)
C:\Windows\system32\lsm.exe (588)
C:\Windows\system32\svchost.exe (688)
C:\Windows\system32\svchost.exe (752)
C:\Windows\System32\svchost.exe (804)
C:\Windows\system32\winlogon.exe (864)
C:\Windows\System32\svchost.exe (916)
C:\Windows\system32\svchost.exe (972)
C:\Windows\system32\svchost.exe (432)
C:\Windows\system32\svchost.exe (1012)
C:\Windows\System32\spoolsv.exe (1116)
C:\Windows\system32\svchost.exe (1144)
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe (1248)
C:\Windows\system32\taskhost.exe (1388)
C:\Windows\system32\Dwm.exe (1476)
C:\Windows\Explorer.EXE (1520)
c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (1652)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1724)
C:\Program Files\Bonjour\mDNSResponder.exe (1904)
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (1960)
C:\Windows\system32\svchost.exe (1984)
C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (2016)
c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (1608)
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (1340)
C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe (2220)
C:\Windows\system32\svchost.exe (2316)
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (2348)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2400)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (2440)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2544)
C:\Windows\system32\SearchIndexer.exe (2640)
C:\Windows\system32\svchost.exe (2868)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (1468)
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (2388)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2464)
C:\Windows\System32\hkcmd.exe (2624)
C:\Windows\System32\igfxpers.exe (3104)
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (3120)
C:\Windows\system32\igfxsrvc.exe (3152)
C:\Users\pachard bell\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (3248)
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (3276)
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (3364)
C:\Program Files (x86)\Video Web Camera\traybar.exe (3508)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3532)
C:\Windows\system32\igfxext.exe (3224)
C:\Program Files (x86)\Launch Manager\LManager.exe (552)
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (380)
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe (3376)
C:\Program Files (x86)\iTunes\iTunesHelper.exe (3660)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2976)
C:\Program Files\Windows Media Player\wmpnetwk.exe (4116)
C:\Windows\system32\wbem\unsecapp.exe (4276)
C:\Windows\system32\wbem\wmiprvse.exe (4368)
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (4460)
C:\Program Files\iPod\bin\iPodService.exe (4660)
C:\Windows\System32\svchost.exe (3428)
C:\Windows\system32\DllHost.exe (5068)
C:\Windows\System32\svchost.exe (2448)
C:\Windows\system32\wuauclt.exe (2076)
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (4484)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (6720)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (6944)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (7116)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (460)
C:\UsbFix\Go.exe (4324)
C:\Windows\system32\wbem\wmiprvse.exe (1064)

################## | Processus Stoppés |

Stoppé! C:\Windows\System32\spoolsv.exe (1116)
Stoppé! C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe (1248)
Stoppé! C:\Windows\system32\taskhost.exe (1388)
Stoppé! C:\Windows\Explorer.EXE (1520)
Stoppé! c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (1652)
Stoppé! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1724)
Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (1904)
Stoppé! C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (1960)
Stoppé! C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (2016)
Stoppé! c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (1608)
Stoppé! C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (1340)
Stoppé! C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe (2220)
Stoppé! C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (2348)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2400)
Stoppé! C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (2440)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2544)
Stoppé! C:\Windows\system32\SearchIndexer.exe (2640)
Stoppé! C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (1468)
Stoppé! C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (2388)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2464)
Stoppé! C:\Windows\System32\hkcmd.exe (2624)
Stoppé! C:\Windows\System32\igfxpers.exe (3104)
Stoppé! C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (3120)
Stoppé! C:\Windows\system32\igfxsrvc.exe (3152)
Stoppé! C:\Users\pachard bell\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (3248)
Stoppé! C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (3276)
Stoppé! C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (3364)
Stoppé! C:\Program Files (x86)\Video Web Camera\traybar.exe (3508)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3532)
Stoppé! C:\Windows\system32\igfxext.exe (3224)
Stoppé! C:\Program Files (x86)\Launch Manager\LManager.exe (552)
Stoppé! C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (380)
Stoppé! C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe (3376)
Stoppé! C:\Program Files (x86)\iTunes\iTunesHelper.exe (3660)
Stoppé! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2976)
Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (4116)
Stoppé! C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (4460)
Stoppé! C:\Program Files\iPod\bin\iPodService.exe (4660)
Stoppé! C:\Windows\system32\DllHost.exe (5068)
Stoppé! C:\Windows\system32\wuauclt.exe (2076)
Stoppé! C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (4484)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (6720)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (6944)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (7116)
Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (460)
Stoppé! c:\program files\windows defender\MpCmdRun.exe (340)

################## | Éléments infectieux |

Supprimé! C:\Users\PACHAR~1\AppData\Local\Temp\TFR3FFC.tmp
Supprimé! C:\Users\PACHAR~1\AppData\Local\Temp\7za.exe
Supprimé! C:\$RECYCLE.BIN\S-1-5-20
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3730807242-2045987243-3839747425-1000

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Mountpoints2 |

################## | Listing |

[03/06/2012 - 17:03:01 | SHD ] C:\$Recycle.Bin
[21/05/2011 - 00:33:46 | D ] C:\56488f9c166b6f32a6b76d7742c789
[17/12/2010 - 17:33:29 | D ] C:\acer
[26/05/2012 - 12:59:14 | N | 14060] C:\AdwCleaner[R1].txt
[31/05/2012 - 13:16:52 | N | 14121] C:\AdwCleaner[R2].txt
[31/05/2012 - 14:06:09 | N | 14182] C:\AdwCleaner[R3].txt
[31/05/2012 - 15:54:35 | N | 1216] C:\AdwCleaner[R4].txt
[02/06/2012 - 01:02:55 | N | 1333] C:\AdwCleaner[R5].txt
[02/06/2012 - 01:14:01 | N | 1453] C:\AdwCleaner[R6].txt
[31/05/2012 - 14:06:53 | N | 11267] C:\AdwCleaner[S1].txt
[31/05/2012 - 15:55:21 | N | 1279] C:\AdwCleaner[S2].txt
[01/06/2012 - 14:59:11 | N | 1275] C:\AdwCleaner[S3].txt
[02/06/2012 - 01:03:48 | N | 1395] C:\AdwCleaner[S4].txt
[14/07/2009 - 03:38:58 | RASH | 383562] C:\bootmgr
[27/07/2009 - 22:40:53 | N | 8192] C:\BOOTSECT.BAK
[22/05/2011 - 19:19:43 | D ] C:\d14e02423d788771dac9
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[18/05/2011 - 20:11:50 | DC ] C:\elements
[11/04/2008 - 10:07:18 | N | 3820] C:\eula.1028.txt
[11/04/2008 - 10:07:18 | N | 15428] C:\eula.1031.txt
[11/04/2008 - 10:07:18 | N | 10058] C:\eula.1033.txt
[11/04/2008 - 10:07:18 | N | 12246] C:\eula.1036.txt
[11/04/2008 - 10:07:18 | N | 13912] C:\eula.1040.txt
[11/04/2008 - 10:07:18 | N | 5868] C:\eula.1041.txt
[11/04/2008 - 10:07:18 | N | 5970] C:\eula.1042.txt
[11/04/2008 - 10:07:18 | N | 10134] C:\eula.1049.txt
[11/04/2008 - 10:07:18 | N | 3814] C:\eula.2052.txt
[11/04/2008 - 10:07:18 | N | 12936] C:\eula.3082.txt
[11/04/2008 - 10:07:18 | N | 1110] C:\globdata.ini
[02/06/2012 - 11:15:39 | ASH | 3165331456] C:\hiberfil.sys
[11/04/2008 - 08:03:48 | N | 562688] C:\install.exe
[11/04/2008 - 10:07:18 | N | 843] C:\install.ini
[11/04/2008 - 08:03:48 | N | 76304] C:\install.res.1028.dll
[11/04/2008 - 08:03:48 | N | 96272] C:\install.res.1031.dll
[11/04/2008 - 08:03:48 | N | 91152] C:\install.res.1033.dll
[11/04/2008 - 08:03:48 | N | 97296] C:\install.res.1036.dll
[11/04/2008 - 08:03:48 | N | 95248] C:\install.res.1040.dll
[11/04/2008 - 08:03:48 | N | 81424] C:\install.res.1041.dll
[11/04/2008 - 08:03:48 | N | 79888] C:\install.res.1042.dll
[11/04/2008 - 10:09:24 | N | 93200] C:\install.res.1049.dll
[11/04/2008 - 08:03:48 | N | 75792] C:\install.res.2052.dll
[11/04/2008 - 08:03:48 | N | 96272] C:\install.res.3082.dll
[11/03/2012 - 00:01:32 | D ] C:\Intel
[02/11/2009 - 22:31:47 | RHD ] C:\MSOCache
[18/05/2011 - 19:26:23 | D ] C:\oem
[02/06/2012 - 11:16:01 | ASH | 4220444672] C:\pagefile.sys
[04/11/2009 - 09:16:25 | N | 4734] C:\Patch.rev
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[18/05/2011 - 19:19:41 | N | 217] C:\Preload.rev
[15/05/2012 - 06:09:11 | D ] C:\Program Files
[01/06/2012 - 15:07:12 | D ] C:\Program Files (x86)
[01/06/2012 - 15:07:13 | HD ] C:\ProgramData
[18/05/2011 - 19:19:21 | SHD ] C:\Recovery
[01/06/2012 - 20:01:03 | SHD ] C:\System Volume Information
[03/06/2012 - 17:03:01 | D ] C:\UsbFix
[03/06/2012 - 16:58:13 | A | 11899] C:\UsbFix.txt
[14/05/2012 - 14:33:11 | N | 3149] C:\user.js
[18/05/2011 - 19:19:32 | D ] C:\Users
[11/04/2008 - 10:07:18 | N | 5686] C:\vcredist.bmp
[11/04/2008 - 10:09:38 | N | 3797292] C:\VC_RED.cab
[11/04/2008 - 10:11:40 | N | 233472] C:\VC_RED.MSI
[18/05/2012 - 00:15:02 | D ] C:\Windows
[01/06/2012 - 18:20:47 | D ] C:\ZHP

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PACHARDBELL-PC.zip
http://eldesaparecido.com/upload.html
Merci de votre contribution.

################## | E.O.F |
0
Réponse 12 / 12
Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
 
Re,

On va vérifier s'il y'a des traces de : Media Finder :
Lance ZHPDiag depuis le bureau, clique sur la flèche verte (mise à jour)
Ensuite coche tout au tournevis puis lance l'analyse, ferme le et héberge le rapport. colle le lien dans ta prochaine réponse

Hébergement de rapport sur pjjoint.malekal.com

* Rends toi sur pjjoint.malekal.com
* Clique sur le bouton Parcourir
* Sélectionne le fichier que tu veux héberger et clique sur Ouvrir
* Clique sur le bouton Envoyer
* Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015

* Copie le lien dans ta prochaine réponse.

@+
0

Discussions similaires

Snap média chargé
Tessfuen -
Lilith22h22 -

2 réponses
Comment envoyer un Snap violet avec ses vidéos ?
Nono -
Radinoz -

1 réponse
Carte snap
Antho1515151515 -
IrvLox -

1 réponse
Dictature d’une appli devenus trop grosse Snap !
chuky-chuk -
brucine -

2 réponses