Demande d'analyse rapport ZHPDiag [Résolu/Fermé]

Signaler
Messages postés
9
Date d'inscription
mercredi 6 juin 2012
Statut
Membre
Dernière intervention
7 juin 2012
-
Messages postés
9
Date d'inscription
mercredi 6 juin 2012
Statut
Membre
Dernière intervention
7 juin 2012
-
Bonjour,




Mon pc envois des mails tout seul!

merci de votre aide..

Rapport de ZHPDiag v1.31.095 par Nicolas Coolman, Update du 24/05/2012
Run by Hinda at 06/06/2012 19:30:31
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5940 MB (71% free)
System Restore: Inconnu (Unknown)
System drive C: has 498 GB (85%) free of 581 GB

---\\ Logged in mode
~ Computer Name: HINDA-PC
~ User Name: Hinda
~ All Users Names: Hinda, Guest, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Hinda\AppData\Roaming\
~ %Desktop% : C:\Users\Hinda\Desktop\
~ %Favorites% : C:\Users\Hinda\Favorites\
~ %LocalAppData% : C:\Users\Hinda\AppData\Local\
~ %StartMenu% : C:\Users\Hinda\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 498 Go of 581 Go)
D:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DE03C917EDED2A999C942A4F943D3068] - (.Microsoft Corporation - Internet Extensions for Win32.) (.28/02/2012 - 07:39:37.) -- C:\Windows\System32\wininet.dll [1188864]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Windows Logon Application.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - NT File System Driver.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2932
~ Mes musiques (My Musics) : 1/18
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 1/91
~ Mon Bureau (My Desktop) : 2/256
~ Menu demarrer (Programs) : 1/26
~ Scan Hidden Files in 00mn 01s



---\\ Processus lancés
[MD5.1136B11FB4B6A598051BD9648A798F7C] - (.Pas de propriétaire - Stage Remote Manager.) -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976] [PID.4832]
[MD5.812DD9FBA5EF2136AEF738CAA499D47C] - (.Pas de propriétaire - Dell Stage.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824] [PID.4980]
[MD5.4164A47F3A2DA7EA44572904C3DF44A4] - (.Pas de propriétaire - Roxio Burn Launcher.) -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544] [PID.1276]
[MD5.30293898C1A9DFBCFE38EB6A2F7D555A] - (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562] [PID.4220]
[MD5.782FEF655DBF8653C9F2722BEBF7A8A6] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4241512] [PID.4184]
[MD5.638C728F21CCC7EC4F8517A212C34353] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160] [PID.4768]
[MD5.D898A66D91BAB6FB579A94D21793073F] - (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files (x86)\Athan\Athan.exe [1204224] [PID.4212]
[MD5.C265BFF559718F341D16C8355B4EDAED] - (.Pas de propriétaire - Stage Remote Service.) -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe [474176] [PID.5128]
[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.5176]
[MD5.71200E7924D30860F032C7BE3EDDCB3B] - (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe [901800] [PID.5268]
[MD5.53EDBE9C1D6B0CEC11A573852B5B6DAD] - (.Pas de propriétaire - AccuWeather.com desktop weather widget.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048] [PID.5308]
[MD5.F168869067FDF08BC6291988173B5025] - (.Pas de propriétaire - Dell Stage.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe [1850224] [PID.5740]
[MD5.4F69AABB5D82AA4EF6DFF7871212ADF6] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924600] [PID.6808]
[MD5.CC926B0811C3FA2363C98711410FEF24] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [4540928] [PID.1412]
~ Scan Processes Running in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Hinda\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
G0 - GCSP: Preference [User Data\Default] https://www.google.com/?gws_rd=ssl
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
G0 - GCSP: Preference [User Data\Default] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Hinda\AppData\Roaming\Mozilla\Firefox\Profiles\xzmb5539.default\prefs.js
M3 - MFPP: Plugins - [Hinda] -- C:\Users\Hinda\AppData\Roaming\Mozilla\Firefox\Profiles\xzmb5539.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [Hinda] -- C:\Users\Hinda\AppData\Roaming\Mozilla\Firefox\Profiles\xzmb5539.default\searchplugins\googlefr.xml
M3 - MFPP: Plugins - [Hinda] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\4shared.xml
M3 - MFPP: Plugins - [Hinda] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Hinda] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Hinda] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Hinda] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Hinda] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Hinda] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Hinda] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Hinda - xzmb5539.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [Hinda - xzmb5539.default\toolbar@ask.com] [] v (.Ask.com.)
M2 - MFEP: prefs.js [Hinda - xzmb5539.default\{33e0daa6-3af3-d8b5-6752-10e949c61516}] [] Complitly - Speed up your search with your personal search suggestions tool v1.1 (.SimplyGen Ltd..)
M2 - MFEP: prefs.js [Hinda - xzmb5539.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.9 (.Michel Gutierrez.)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://websearch.4shared.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R3 - URLSearchHook: (no name) [64Bits] - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {CA3EB689-8F09-4026-AA10-B9534C691CE0} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 0



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [4Sync] C:\Program Files (x86)\4Sync\4Sync.exe (.not file.)
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Hinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Hinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Hinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk . (...) -- C:\Users\Hinda\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
O4 - Global Startup: C:\Users\Hinda\Desktop\Athan.lnk . (.www.IslamicFinder.org.) -- C:\Program Files (x86)\Athan\Athan.exe
O4 - Global Startup: C:\Users\Hinda\Desktop\Paltalk Messenger.lnk . (.AVM Software Inc..) -- C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
O4 - Global Startup: C:\Users\Hinda\Desktop\Upgrade to Paltalk Extreme.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Hinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Hinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Hinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - dell.lnk . (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &4shared Search - (.not file.) - C:\Program Files (x86)\4shared Toolbar\4sharedbar64.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SystemToolsDailyTest.job
[MD5.12F362A0198B2007F5C8A3B1FA3E96FC] [APT] [MusicStage Updater] (.Caphyon LTD.) -- C:\Program Files (x86)\Dell Stage\MusicStage\updater.exe
[MD5.0F334B40D2D274E2CA5E5A61BC70BD27] [APT] [PCDEventLauncher] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\sessionchecker.exe
[MD5.229122522D455B2B2B0BE57C5716B7DF] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe
[MD5.14426438EDA546F331650854F4CD63A8] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe
[MD5.229122522D455B2B2B0BE57C5716B7DF] [APT] [SystemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 02s



---\\ Composants installés (ActiveSetup Installed Components) (O40) (None)

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 19/05/2012 - 23:48:20 - [0] ----D C:\Program Files (x86)\4shared Toolbar
O43 - CFD: 21/05/2012 - 10:19:04 - [0] ----D C:\Program Files (x86)\4Sync
O43 - CFD: 18/11/2011 - 11:25:08 - [9,187] ----D C:\Program Files (x86)\AbiWord
O43 - CFD: 05/10/2011 - 12:44:01 - [126,767] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 04/06/2011 - 18:13:49 - [2,200] ----D C:\Program Files (x86)\Apple Software Update
O43 - CFD: 17/12/2011 - 21:51:27 - [2,827] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 14/08/2011 - 17:33:07 - [18,801] ----D C:\Program Files (x86)\Athan
O43 - CFD: 04/06/2011 - 18:13:22 - [0,592] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 02/03/2011 - 13:21:51 - [3,432] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 02/03/2011 - 13:37:28 - [3,380] ----D C:\Program Files (x86)\Citrix
O43 - CFD: 16/04/2012 - 10:38:17 - [448,612] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 21/11/2011 - 20:34:59 - [0,744] ----D C:\Program Files (x86)\Complitly
O43 - CFD: 02/03/2011 - 13:46:30 - [1,535] ----D C:\Program Files (x86)\Cozi Express
O43 - CFD: 02/03/2011 - 13:23:56 - [1,904] ----D C:\Program Files (x86)\Creative
O43 - CFD: 02/03/2011 - 13:23:11 - [0,109] ----D C:\Program Files (x86)\Creative Live! Cam
O43 - CFD: 08/08/2011 - 15:56:24 - [260,999] ----D C:\Program Files (x86)\Dell
O43 - CFD: 05/06/2012 - 23:47:57 - [402,044] ----D C:\Program Files (x86)\Dell DataSafe Local Backup
O43 - CFD: 18/11/2011 - 11:22:11 - [127,271] ----D C:\Program Files (x86)\Dell Stage
O43 - CFD: 29/04/2012 - 01:07:20 - [0,000] ----D C:\Program Files (x86)\Dell Touch Software Suite
O43 - CFD: 02/03/2011 - 13:23:17 - [103,716] ----D C:\Program Files (x86)\Dell Webcam
O43 - CFD: 02/03/2011 - 13:39:33 - [0,891] ----D C:\Program Files (x86)\eBay
O43 - CFD: 30/05/2012 - 15:56:02 - [215,736] ----D C:\Program Files (x86)\Google
O43 - CFD: 02/03/2011 - 13:46:48 - [45,761] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 02/03/2011 - 13:21:58 - [16,729] ----D C:\Program Files (x86)\Intel
O43 - CFD: 16/04/2012 - 01:00:41 - [5,630] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 04/06/2011 - 18:15:53 - [120,509] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 26/11/2011 - 08:21:51 - [87,518] ----D C:\Program Files (x86)\Java
O43 - CFD: 20/05/2012 - 09:31:43 - [11,554] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 11/12/2011 - 12:25:34 - [0] ----D C:\Program Files (x86)\McAfee
O43 - CFD: 20/10/2011 - 10:54:27 - [19,718] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 20/02/2012 - 02:22:05 - [12,399] ----D C:\Program Files (x86)\Microsoft Application Virtualization Client
O43 - CFD: 08/08/2011 - 22:16:43 - [6,425] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 09/05/2012 - 03:26:15 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 21/05/2011 - 16:03:53 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 10/05/2012 - 09:08:50 - [42,736] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 10/05/2012 - 09:08:52 - [0,210] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 18/11/2011 - 16:30:16 - [0] ----D C:\Program Files (x86)\MSECACHE
O43 - CFD: 06/09/2011 - 07:24:00 - [4,912] ----D C:\Program Files (x86)\MSI
O43 - CFD: 15/05/2011 - 11:55:24 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 18/05/2012 - 11:49:55 - [285,319] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 18/12/2011 - 08:28:26 - [36,773] ----D C:\Program Files (x86)\Paltalk Messenger
O43 - CFD: 04/06/2011 - 18:14:30 - [72,787] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 14/07/2009 - 07:32:38 - [35,219] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 02/03/2011 - 13:19:30 - [452,887] ----D C:\Program Files (x86)\Roxio
O43 - CFD: 21/11/2011 - 20:34:51 - [3,651] ----D C:\Program Files (x86)\searchweb
O43 - CFD: 16/04/2012 - 10:38:17 - [31,783] R---D C:\Program Files (x86)\Skype
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 02/03/2011 - 13:41:59 - [343,413] ----D C:\Program Files (x86)\WildTangent
O43 - CFD: 04/06/2012 - 20:22:04 - [9,451] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 14/07/2009 - 07:37:47 - [0,488] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 18/11/2011 - 16:27:18 - [0,136] ----D C:\Program Files (x86)\Windows Installer Clean Up
O43 - CFD: 23/01/2012 - 15:30:30 - [116,200] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 18/11/2011 - 11:25:50 - [5,833] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 11/10/2011 - 10:41:23 - [4,777] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,504] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 11/10/2011 - 10:41:23 - [4,191] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 11/10/2011 - 10:41:23 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 11/10/2011 - 10:41:23 - [5,713] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 18/11/2011 - 11:25:04 - [1,930] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 05/06/2012 - 10:23:18 - [13,541] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 05/10/2011 - 12:44:10 - [3,835] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 04/06/2011 - 18:15:16 - [82,149] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 08/08/2011 - 22:16:43 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 02/03/2011 - 13:22:56 - [3,499] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/11/2011 - 08:22:09 - [1,201] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 11/12/2011 - 12:25:34 - [0,784] ----D C:\Program Files (x86)\Common Files\McAfee
O43 - CFD: 23/01/2012 - 15:25:52 - [36,948] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 02/03/2011 - 13:21:59 - [0,154] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 02/03/2011 - 13:19:50 - [4,328] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 02/03/2011 - 13:20:05 - [260,345] ----D C:\Program Files (x86)\Common Files\Roxio Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 16/04/2012 - 10:38:17 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 02/03/2011 - 13:19:26 - [3,591] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 02/03/2011 - 13:19:25 - [0,699] ----D C:\Program Files (x86)\Common Files\SureThing Shared
O43 - CFD: 18/11/2011 - 16:12:12 - [9,728] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 02/03/2011 - 13:25:59 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 19/05/2012 - 22:51:31 - [0] ----D C:\ProgramData\4Sync
O43 - CFD: 05/10/2011 - 12:46:13 - [198,916] ----D C:\ProgramData\Adobe
O43 - CFD: 04/06/2011 - 18:13:08 - [31,583] ----D C:\ProgramData\Apple
O43 - CFD: 04/06/2011 - 18:15:15 - [64,003] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 08/08/2011 - 15:57:02 - [0,001] ----D C:\ProgramData\ArcSoft
O43 - CFD: 20/05/2011 - 20:10:27 - [28,243] ----D C:\ProgramData\AVAST Software
O43 - CFD: 02/03/2011 - 13:46:30 - [1,563] ----D C:\ProgramData\Cozi
O43 - CFD: 20/08/2011 - 06:15:21 - [2,132] ----D C:\ProgramData\Creative
O43 - CFD: 18/11/2011 - 11:22:32 - [272,655] ----D C:\ProgramData\Dell
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 05/11/2011 - 15:01:51 - [3,520] ----D C:\ProgramData\EPSON
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 23/01/2012 - 15:05:43 - [0,502] ----D C:\ProgramData\Google
O43 - CFD: 02/03/2011 - 13:17:39 - [3,389] ----D C:\ProgramData\Macrovision
O43 - CFD: 20/05/2012 - 09:31:41 - [6,899] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 11/12/2011 - 12:24:54 - [0,011] ----D C:\ProgramData\McAfee
O43 - CFD: 22/05/2011 - 16:33:44 - [1,320] ----D C:\ProgramData\MFAData
O43 - CFD: 23/01/2012 - 15:26:59 - [1844,851] ----D C:\ProgramData\Microsoft
O43 - CFD: 10/05/2012 - 09:08:52 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 26/05/2012 - 11:25:21 - [115,239] ----D C:\ProgramData\PCDr
O43 - CFD: 02/03/2011 - 13:19:18 - [17,271] ----D C:\ProgramData\PhotoShow Shared Assets
O43 - CFD: 02/03/2011 - 13:54:45 - [20,832] ----D C:\ProgramData\Roxio
O43 - CFD: 16/04/2012 - 10:38:12 - [66,861] ----D C:\ProgramData\Skype
O43 - CFD: 12/04/2012 - 22:28:03 - [1,793] ----D C:\ProgramData\Skype Extras
O43 - CFD: 29/12/2011 - 12:02:51 - [0,154] ----D C:\ProgramData\Sonic
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 02/03/2011 - 13:09:03 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 02/03/2011 - 13:12:51 - [0,035] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 02/03/2011 - 13:20:05 - [5,825] ----D C:\ProgramData\Uninstall
O43 - CFD: 10/08/2011 - 23:15:29 - [0] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 04/06/2012 - 20:25:23 - [1206,112] ----D C:\ProgramData\WildTangent
O43 - CFD: 30/01/2012 - 09:55:46 - [3,705] --H-D C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
O43 - CFD: 04/06/2011 - 18:15:54 - [0] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 19/05/2012 - 22:53:04 - [0,016] ----D C:\Users\Hinda\AppData\Roaming\4Sync
O43 - CFD: 05/10/2011 - 12:45:32 - [10,061] ----D C:\Users\Hinda\AppData\Roaming\Adobe
O43 - CFD: 21/06/2011 - 10:07:44 - [0,224] ----D C:\Users\Hinda\AppData\Roaming\Apple Computer
O43 - CFD: 21/11/2011 - 20:34:58 - [0,467] ----D C:\Users\Hinda\AppData\Roaming\Complitly
O43 - CFD: 03/05/2011 - 04:14:51 - [0,001] ----D C:\Users\Hinda\AppData\Roaming\Creative
O43 - CFD: 09/05/2011 - 16:43:25 - [7,484] ----D C:\Users\Hinda\AppData\Roaming\Dell
O43 - CFD: 03/05/2011 - 04:14:43 - [0] ----D C:\Users\Hinda\AppData\Roaming\Dell Touch Zone
O43 - CFD: 29/04/2012 - 01:08:54 - [0,012] ----D C:\Users\Hinda\AppData\Roaming\Fingertapps
O43 - CFD: 09/12/2011 - 14:34:31 - [0] ----D C:\Users\Hinda\AppData\Roaming\Google
O43 - CFD: 03/05/2011 - 04:14:17 - [0] ----D C:\Users\Hinda\AppData\Roaming\Identities
O43 - CFD: 05/10/2011 - 09:18:34 - [0] ----D C:\Users\Hinda\AppData\Roaming\InterTrust
O43 - CFD: 09/05/2011 - 16:41:43 - [0,027] ----D C:\Users\Hinda\AppData\Roaming\Macromedia
O43 - CFD: 20/05/2012 - 09:31:48 - [6,514] ----D C:\Users\Hinda\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\Hinda\AppData\Roaming\Media Center Programs
O43 - CFD: 18/05/2012 - 12:19:08 - [9,929] -S--D C:\Users\Hinda\AppData\Roaming\Microsoft
O43 - CFD: 10/05/2011 - 23:10:42 - [37,578] ----D C:\Users\Hinda\AppData\Roaming\Mozilla
O43 - CFD: 18/05/2012 - 11:51:36 - [21,385] ----D C:\Users\Hinda\AppData\Roaming\OpenOffice.org
O43 - CFD: 11/06/2011 - 21:20:44 - [0,058] ----D C:\Users\Hinda\AppData\Roaming\Paltalk
O43 - CFD: 21/05/2011 - 18:07:41 - [6,379] ----D C:\Users\Hinda\AppData\Roaming\PCDr
O43 - CFD: 10/05/2011 - 20:27:27 - [0] ----D C:\Users\Hinda\AppData\Roaming\Reallusion
O43 - CFD: 03/05/2011 - 04:14:54 - [0,004] ----D C:\Users\Hinda\AppData\Roaming\Roxio
O43 - CFD: 29/05/2011 - 21:30:31 - [0] ----D C:\Users\Hinda\AppData\Roaming\Roxio Burn
O43 - CFD: 22/05/2012 - 15:51:29 - [5,711] ----D C:\Users\Hinda\AppData\Roaming\Skype
O43 - CFD: 13/04/2012 - 00:05:06 - [0,010] ----D C:\Users\Hinda\AppData\Roaming\skypePM
O43 - CFD: 21/05/2012 - 13:44:44 - [1,140] ----D C:\Users\Hinda\AppData\Roaming\SoftGrid Client
O43 - CFD: 08/08/2011 - 22:17:26 - [0] ----D C:\Users\Hinda\AppData\Roaming\TP
O43 - CFD: 04/06/2012 - 20:22:22 - [3,860] ----D C:\Users\Hinda\AppData\Roaming\WildTangent
O43 - CFD: 20/10/2011 - 11:15:34 - [0] ----D C:\Users\Hinda\AppData\Roaming\Windows Live Writer
O43 - CFD: 12/11/2011 - 21:17:11 - [0,000] ----D C:\Users\Hinda\AppData\Roaming\WinRAR
O43 - CFD: 05/10/2011 - 12:42:52 - [15,396] ----D C:\Users\Hinda\AppData\Local\Adobe
O43 - CFD: 17/12/2011 - 21:51:19 - [0,148] ----D C:\Users\Hinda\AppData\Local\APN
O43 - CFD: 04/06/2011 - 18:13:50 - [0] ----D C:\Users\Hinda\AppData\Local\Apple
O43 - CFD: 22/11/2011 - 17:06:50 - [15,190] ----D C:\Users\Hinda\AppData\Local\Apple Computer
O43 - CFD: 03/05/2011 - 04:04:56 - [0] ----D C:\Users\Hinda\AppData\Local\Application Data
O43 - CFD: 15/06/2011 - 01:24:11 - [7,924] ----D C:\Users\Hinda\AppData\Local\ArcSoft
O43 - CFD: 08/08/2011 - 22:02:33 - [21,730] ----D C:\Users\Hinda\AppData\Local\Dell
O43 - CFD: 03/05/2011 - 04:05:07 - [0] ----D C:\Users\Hinda\AppData\Local\Dell Edoc Viewer
O43 - CFD: 05/06/2012 - 14:20:32 - [0] ----D C:\Users\Hinda\AppData\Local\Diagnostics
O43 - CFD: 08/08/2011 - 15:54:48 - [113,720] ----D C:\Users\Hinda\AppData\Local\Downloaded Installations
O43 - CFD: 21/12/2011 - 19:08:02 - [0] ----D C:\Users\Hinda\AppData\Local\ElevatedDiagnostics
O43 - CFD: 23/01/2012 - 15:05:43 - [233,272] ----D C:\Users\Hinda\AppData\Local\Google
O43 - CFD: 03/05/2011 - 04:04:56 - [0] ----D C:\Users\Hinda\AppData\Local\History
O43 - CFD: 28/11/2011 - 12:04:19 - [1004,796] ----D C:\Users\Hinda\AppData\Local\Microsoft
O43 - CFD: 12/05/2011 - 01:08:03 - [0,221] ----D C:\Users\Hinda\AppData\Local\Microsoft Games
O43 - CFD: 10/05/2011 - 23:09:42 - [159,660] ----D C:\Users\Hinda\AppData\Local\Mozilla
O43 - CFD: 22/11/2011 - 16:58:18 - [0] ----D C:\Users\Hinda\AppData\Local\PackageAware
O43 - CFD: 08/08/2011 - 22:17:22 - [0,633] ----D C:\Users\Hinda\AppData\Local\SoftGrid Client
O43 - CFD: 25/10/2011 - 15:58:00 - [0,020] ----D C:\Users\Hinda\AppData\Local\SoftThinks
O43 - CFD: 06/06/2012 - 19:28:37 - [826,652] ----D C:\Users\Hinda\AppData\Local\Temp
O43 - CFD: 03/05/2011 - 04:04:56 - [0] ----D C:\Users\Hinda\AppData\Local\Temporary Internet Files
O43 - CFD: 12/05/2011 - 01:15:21 - [14,737] ----D C:\Users\Hinda\AppData\Local\VirtualStore
O43 - CFD: 14/04/2012 - 00:06:59 - [0,184] ----D C:\Users\Hinda\AppData\Local\Windows Live
O43 - CFD: 20/10/2011 - 11:15:51 - [0,618] ----D C:\Users\Hinda\AppData\Local\Windows Live Writer
O43 - CFD: 15/09/2011 - 11:05:46 - [0] ----D C:\Users\Hinda\AppData\Local\{005C4D63-7C06-4D32-AA08-ABB6FE64D140}
O43 - CFD: 11/09/2011 - 06:12:55 - [0] ----D C:\Users\Hinda\AppData\Local\{00D0E232-51E1-4DB8-B234-076032036C18}
O43 - CFD: 09/08/2011 - 13:23:37 - [0] ----D C:\Users\Hinda\AppData\Local\{0154C55B-FFF5-4B63-A326-611295FEE59B}
O43 - CFD: 30/08/2011 - 06:38:22 - [0] ----D C:\Users\Hinda\AppData\Local\{018DCC1E-C2F5-4CF0-96C2-F98084506ED7}
O43 - CFD: 16/11/2011 - 16:09:23 - [0] ----D C:\Users\Hinda\AppData\Local\{01A91F29-B8A2-4580-B72D-E39E29AE2DF6}
O43 - CFD: 09/10/2011 - 19:07:26 - [0] ----D C:\Users\Hinda\AppData\Local\{03986CEA-D99E-4FF9-8C4E-61C905FAC75B}
O43 - CFD: 24/06/2011 - 10:00:18 - [0] ----D C:\Users\Hinda\AppData\Local\{03AA0C55-03F5-4B1D-B0AC-EA145EB14A7B}
O43 - CFD: 08/09/2011 - 14:22:54 - [0] ----D C:\Users\Hinda\AppData\Local\{04B1407D-95C7-48F9-8E87-FEF9F3359B97}
O43 - CFD: 26/10/2011 - 00:04:55 - [0] ----D C:\Users\Hinda\AppData\Local\{0529D8F3-3358-4330-9B8B-EADF84337075}
O43 - CFD: 02/11/2011 - 23:37:53 - [0] ----D C:\Users\Hinda\AppData\Local\{05FD738E-6EB9-4DF1-AF86-CC43D486DBF0}
O43 - CFD: 18/11/2011 - 14:34:36 - [0] ----D C:\Users\Hinda\AppData\Local\{0637C8E2-AAE8-4E43-A6C8-64F8D86D122F}
O43 - CFD: 26/10/2011 - 00:07:44 - [0] ----D C:\Users\Hinda\AppData\Local\{06440E2D-2F7B-408F-A282-01DA82F363CA}
O43 - CFD: 08/06/2011 - 05:15:54 - [0] ----D C:\Users\Hinda\AppData\Local\{06AA6D2D-FFE1-4D51-82BE-EB1BA2D8A023}
O43 - CFD: 18/09/2011 - 00:29:30 - [0] ----D C:\Users\Hinda\AppData\Local\{070A1190-77F9-4B91-B29B-B2421FD7ED37}
O43 - CFD: 22/06/2011 - 20:08:53 - [0] ----D C:\Users\Hinda\AppData\Local\{07C4BAC3-3DFD-4E49-A078-EB0E2B0BEE3D}
O43 - CFD: 18/04/2012 - 00:13:46 - [0] ----D C:\Users\Hinda\AppData\Local\{07D80258-E0EE-458F-B06D-F050C6553D8A}
O43 - CFD: 22/05/2011 - 06:11:11 - [0] ----D C:\Users\Hinda\AppData\Local\{07DABF88-B99E-4AC5-8536-DE24EF20BAC2}
O43 - CFD: 16/04/2012 - 01:03:57 - [0] ----D C:\Users\Hinda\AppData\Local\{07EA27D1-90E5-4F6E-9E02-593CA1F189F8}
O43 - CFD: 08/01/2012 - 09:22:25 - [0] ----D C:\Users\Hinda\AppData\Local\{07FBC40E-C498-41E0-AEAB-02D61CF53130}
O43 - CFD: 04/02/2012 - 10:13:52 - [0] ----D C:\Users\Hinda\AppData\Local\{0800A81A-8A30-4086-B04A-107D3A4E23A7}
O43 - CFD: 15/01/2012 - 19:30:51 - [0] ----D C:\Users\Hinda\AppData\Local\{087ABD51-2C41-48F5-8552-951B522A4DA1}
O43 - CFD: 20/12/2011 - 01:10:16 - [0] ----D C:\Users\Hinda\AppData\Local\{08F7E896-C983-4FF4-BA14-14575E05C551}
O43 - CFD: 21/05/2012 - 20:43:24 - [0] ----D C:\Users\Hinda\AppData\Local\{090AD349-D1A6-40BA-9873-0EB0AA29854D}
O43 - CFD: 25/12/2011 - 00:49:44 - [0] ----D C:\Users\Hinda\AppData\Local\{09581854-1AB9-4623-9C07-EA4D20823BBB}
O43 - CFD: 31/05/2012 - 19:58:27 - [0] ----D C:\Users\Hinda\AppData\Local\{09BCEBC4-CE7A-4DA4-98B9-0EB8167FB68B}
O43 - CFD: 02/06/2012 - 10:39:08 - [0] ----D C:\Users\Hinda\AppData\Local\{09D9EC23-9777-4708-BF13-A8015A57F143}
O43 - CFD: 08/10/2011 - 19:27:18 - [0] ----D C:\Users\Hinda\AppData\Local\{0A0004C8-9465-4DE6-A8A3-01407D88D704}
O43 - CFD: 28/09/2011 - 06:31:20 - [0] ----D C:\Users\Hinda\AppData\Local\{0A3A8F42-AF51-484B-B0CA-54C7F9798A2B}
O43 - CFD: 25/10/2011 - 21:09:00 - [0] ----D C:\Users\Hinda\AppData\Local\{0A6EC30D-C00C-49A3-8AA4-6D2E76D26937}
O43 - CFD: 04/11/2011 - 12:39:21 - [0] ----D C:\Users\Hinda\AppData\Local\{0B5272C8-6A93-4E0A-8A39-22F80D302CD3}
O43 - CFD: 25/06/2011 - 22:08:56 - [0] ----D C:\Users\Hinda\AppData\Local\{0B9228FC-A670-4096-A1FC-2CFF9D0BA928}
O43 - CFD: 05/06/2012 - 20:27:37 - [0] ----D C:\Users\Hinda\AppData\Local\{0BB56BD8-9AA8-46D5-901E-BF92E142653B}
O43 - CFD: 19/12/2011 - 08:48:22 - [0] ----D C:\Users\Hinda\AppData\Local\{0C4E9325-3062-4824-B8DB-14C7FABCC782}
O43 - CFD: 19/11/2011 - 13:50:20 - [0] ----D C:\Users\Hinda\AppData\Local\{0C5993BA-6026-45D0-8E14-DD11890F02E7}
O43 - CFD: 19/08/2011 - 17:10:52 - [0] ----D C:\Users\Hinda\AppData\Local\{0D680D7A-7167-4843-BD61-CCBD0BE52BDF}
O43 - CFD: 11/10/2011 - 07:13:23 - [0] ----D C:\Users\Hinda\AppData\Local\{0D730671-EF3E-416D-92C7-DEFF36BBE5F7}
O43 - CFD: 21/05/2011 - 16:00:25 - [0] ----D C:\Users\Hinda\AppData\Local\{0DBB0374-C7EE-4640-A63E-D9CB570B5B9A}
O43 - CFD: 04/02/2012 - 23:38:11 - [0] ----D C:\Users\Hinda\AppData\Local\{0E60C3AF-F70E-4484-A8F5-07EA4B409B29}
O43 - CFD: 11/12/2011 - 12:27:29 - [0] ----D C:\Users\Hinda\AppData\Local\{0E78070E-1199-40FC-8747-095D032E8BEB}
O43 - CFD: 31/12/2011 - 13:18:00 - [0] ----D C:\Users\Hinda\AppData\Local\{0E82BC0F-EB62-4C05-8718-58B83648494F}
O43 - CFD: 29/11/2011 - 12:07:35 - [0] ----D C:\Users\Hinda\AppData\Local\{0EB2AD31-CA26-40D3-B5D0-17335DE47A82}
O43 - CFD: 28/04/2012 - 20:12:30 - [0] ----D C:\Users\Hinda\AppData\Local\{0EDF7F51-E73B-49C5-B2E8-5A194CC604B7}
O43 - CFD: 04/02/2012 - 23:38:46 - [0] ----D C:\Users\Hinda\AppData\Local\{0EFE7A65-22A7-428B-940E-91CBEE62990F}
O43 - CFD: 16/11/2011 - 16:10:00 - [0] ----D C:\Users\Hinda\AppData\Local\{0F5F738C-57C1-4133-84EC-9D9F1FFB43D0}
O43 - CFD: 26/08/2011 - 02:43:23 - [0] ----D C:\Users\Hinda\AppData\Local\{0FB400F0-9FA4-43A5-9C8E-4CB517033399}
O43 - CFD: 13/03/2012 - 02:18:55 - [0] ----D C:\Users\Hinda\AppData\Local\{101AE259-D8F7-41A5-9291-1FB4736F9172}
O43 - CFD: 18/05/2012 - 09:06:02 - [0] ----D C:\Users\Hinda\AppData\Local\{102A7EAA-297C-4347-9797-9F4E7F6C5E8A}
O43 - CFD: 31/01/2012 - 00:07:12 - [0] ----D C:\Users\Hinda\AppData\Local\{10636E9E-DB7C-4DED-B3D2-F9CE7B9B3552}
O43 - CFD: 28/10/2011 - 10:42:36 - [0] ----D C:\Users\Hinda\AppData\Local\{10B5FA22-181B-47B1-B2F3-E1C49271E8C4}
O43 - CFD: 04/06/2012 - 10:42:08 - [0] ----D C:\Users\Hinda\AppData\Local\{10BB6EA5-82E2-4DA7-B95C-EA1695767C3D}
O43 - CFD: 12/11/2011 - 19:15:36 - [0] ----D C:\Users\Hinda\AppData\Local\{1113E0F1-AA95-4ADB-8ED1-EC0028AE4658}
O43 - CFD: 15/09/2011 - 20:21:33 - [0] ----D C:\Users\Hinda\AppData\Local\{11277E86-D903-48F1-BA03-8E9F20DFDBCD}
O43 - CFD: 03/01/2012 - 02:20:28 - [0] ----D C:\Users\Hinda\AppData\Local\{11688FC9-1EC2-4F57-9B2E-753544970672}
O43 - CFD: 12/08/2011 - 12:55:46 - [0] ----D C:\Users\Hinda\AppData\Local\{11985518-846F-413D-B788-4CD28B82C1E8}
O43 - CFD: 02/01/2012 - 01:21:25 - [0] ----D C:\Users\Hinda\AppData\Local\{11A8613D-819C-4B2E-A314-6F3709F240C8}
O43 - CFD: 21/03/2012 - 23:53:12 - [0] ----D C:\Users\Hinda\AppData\Local\{11BECEB5-894D-4E07-AB01-9286380B6B7E}
O43 - CFD: 23/03/2012 - 01:19:24 - [0] ----D C:\Users\Hinda\AppData\Local\{11CC2439-0E5C-482E-92BD-5881E07632CD}
O43 - CFD: 18/03/2012 - 00:31:59 - [0] ----D C:\Users\Hinda\AppData\Local\{12246519-2C68-46D7-A2AD-FE17D605B4E6}
O43 - CFD: 01/12/2011 - 19:01:56 - [0] ----D C:\Users\Hinda\AppData\Local\{12828BB6-0A3B-4D7C-B615-43B41B373B05}
O43 - CFD: 30/03/2012 - 00:04:35 - [0] ----D C:\Users\Hinda\AppData\Local\{12DEFBF4-7434-46F5-92AF-479ABC50A5B3}
O43 - CFD: 03/11/2011 - 11:39:13 - [0] ----D C:\Users\Hinda\AppData\Local\{135D0602-C203-4B7E-B185-3E087B670BAC}
O43 - CFD: 30/09/2011 - 10:07:52 - [0] ----D C:\Users\Hinda\AppData\Local\{141F1EEA-4E5D-4374-86D0-DF6827BEDE87}
O43 - CFD: 28/08/2011 - 02:42:48 - [0] ----D C:\Users\Hinda\AppData\Local\{145341CC-F2CD-48AD-BCF5-097D70003656}
O43 - CFD: 05/01/2012 - 07:58:41 - [0] ----D C:\Users\Hinda\AppData\Local\{15768CFA-C6E2-41B9-B8E4-817F5BA31A74}
O43 - CFD: 13/08/2011 - 14:29:27 - [0] ----D C:\Users\Hinda\AppData\Local\{158F36D4-1AB7-4DB9-9653-84C8FB5E21F5}
O43 - CFD: 23/06/2011 - 08:09:18 - [0] ----D C:\Users\Hinda\AppData\Local\{17786DEB-8963-455F-AB40-C8811E9155CC}
O43 - CFD: 23/01/2012 - 15:33:28 - [0] ----D C:\Users\Hinda\AppData\Local\{179BE3CB-CC8B-473D-8357-7BD6D72C97B7}
O43 - CFD: 17/12/2011 - 08:55:44 - [0] ----D C:\Users\Hinda\AppData\Local\{17C32720-EB22-4B74-A89B-F0BEB980096F}
O43 - CFD: 14/01/2012 - 13:09:28 - [0] ----D C:\Users\Hinda\AppData\Local\{17D7C12E-034C-4553-8F60-011BDD817C55}
O43 - CFD: 04/06/2012 - 10:42:19 - [0] ----D C:\Users\Hinda\AppData\Local\{17DE04DF-A8B1-42BB-80DC-6E414769B5B2}
O43 - CFD: 03/06/2012 - 22:54:30 - [0] ----D C:\Users\Hinda\AppData\Local\{18BBCAB4-465C-4927-A22C-739C945B397B}
O43 - CFD: 29/04/2012 - 15:04:06 - [0] ----D C:\Users\Hinda\AppData\Local\{18EF66F6-CA27-4385-886F-95F43DFD8698}
O43 - CFD: 25/09/2011 - 11:21:40 - [0] ----D C:\Users\Hinda\AppData\Local\{195AC565-0852-4EFC-98C3-089BA711163C}
O43 - CFD: 03/06/2012 - 22:54:41 - [0] ----D C:\Users\Hinda\AppData\Local\{1963696A-81F8-4177-964D-15A607DFCE87}
O43 - CFD: 13/01/2012 - 08:33:54 - [0] ----D C:\Users\Hinda\AppData\Local\{196EBA60-81AF-448E-A288-ADF1CDDD16EB}
O43 - CFD: 14/10/2011 - 23:29:17 - [0] ----D C:\Users\Hinda\AppData\Local\{19BEBD34-91E3-4B5D-925E-47ED2667FB01}
O43 - CFD: 30/10/2011 - 00:52:35 - [0] ----D C:\Users\Hinda\AppData\Local\{1A361B50-E5DD-4C21-9E06-7AB045AE0C6C}
O43 - CFD: 17/01/2012 - 00:04:01 - [0] ----D C:\Users\Hinda\AppData\Local\{1A709C43-078F-42F1-97DA-C74C7AB70359}
O43 - CFD: 08/01/2012 - 09:22:57 - [0] ----D C:\Users\Hinda\AppData\Local\{1B114C4B-984C-48DC-9B11-F8936A18D213}
O43 - CFD: 19/01/2012 - 08:45:25 - [0] ----D C:\Users\Hinda\AppData\Local\{1B650AB7-078F-4CD9-8BF0-56CA56252AE1}
O43 - CFD: 29/08/2011 - 14:22:53 - [0] ----D C:\Users\Hinda\AppData\Local\{1C28CC28-E84F-495F-83F9-3CCC5166C587}
O43 - CFD: 01/10/2011 - 08:36:09 - [0] ----D C:\Users\Hinda\AppData\Local\{1C33FDE7-8B90-4A98-B309-11F886196A02}
O43 - CFD: 21/05/2012 - 10:21:20 - [0] ----D C:\Users\Hinda\AppData\Local\{1CB51A7D-8DB6-43C3-9B33-F92223AEE957}
O43 - CFD: 09/06/2011 - 21:51:19 - [0] ----D C:\Users\Hinda\AppData\Local\{1D8657AF-C7D6-4E5C-8FC7-1836415F5321}
O43 - CFD: 08/05/2012 - 20:33:59 - [0] ----D C:\Users\Hinda\AppData\Local\{1D939646-6331-4A68-9191-161734E78566}
O43 - CFD: 22/01/2012 - 17:01:00 - [0] ----D C:\Users\Hinda\AppData\Local\{1DC43AA9-6928-457E-BD64-28FE547793A1}
O43 - CFD: 23/09/2011 - 15:37:41 - [0] ----D C:\Users\Hinda\AppData\Local\{1E1747D9-596C-4EC0-8377-2BB666E56818}
O43 - CFD: 15/10/2011 - 11:59:25 - [0] ----D C:\Users\Hinda\AppData\Local\{1E1BF608-D443-4852-8F5B-DDFDC5B9C86C}
O43 - CFD: 30/01/2012 - 12:06:30 - [0] ----D C:\Users\Hinda\AppData\Local\{1ED5AF29-37F0-4055-966C-B474BB3C5A69}
O43 - CFD: 28/11/2011 - 10:48:38 - [0] ----D C:\Users\Hinda\AppData\Local\{1F0EC3B3-37EE-4E30-87FC-0D46879807FE}
O43 - CFD: 25/10/2011 - 23:49:38 - [0] ----D C:\Users\Hinda\AppData\Local\{1FDBE547-CC3D-466A-8E01-81FA361540AC}
O43 - CFD: 17/08/2011 - 13:10:35 - [0] ----D C:\Users\Hinda\AppData\Local\{202B1C11-41E0-4A33-B3B6-21352AB2DAD9}
O43 - CFD: 01/10/2011 - 08:24:42 - [0] ----D C:\Users\Hinda\AppData\Local\{206946C9-22B3-4CC5-8561-02301B7558B5}
O43 - CFD: 11/11/2011 - 12:03:27 - [0] ----D C:\Users\Hinda\AppData\Local\{20767652-A9E2-42A3-AD12-1790C21F39DF}
O43 - CFD: 26/01/2012 - 00:30:17 - [0] ----D C:\Users\Hinda\AppData\Local\{20E2B541-4286-4226-8EF7-F8C053243A5D}
O43 - CFD: 30/04/2012 - 13:07:48 - [0] ----D C:\Users\Hinda\AppData\Local\{20E41411-46D8-4062-B8F0-03599FE7DF02}
O43 - CFD: 26/05/2011 - 14:15:45 - [0] ----D C:\Users\Hinda\AppData\Local\{220A8AD6-81E5-4669-987F-21933270386B}
O43 - CFD: 05/01/2012 - 20:51:36 - [0] ----D C:\Users\Hinda\AppData\Local\{22742596-0A1C-4180-A0F8-CBC469ADE490}
O43 - CFD: 05/06/2012 - 20:27:26 - [0] ----D C:\Users\Hinda\AppData\Local\{2277CC49-DF87-4A8E-B529-178B2D3C4F7D}
O43 - CFD: 16/08/2011 - 22:15:31 - [0] ----D C:\Users\Hinda\AppData\Local\{2291D248-DA60-4A4E-8829-9994F64DCBE7}
O43 - CFD: 01/02/2012 - 23:35:23 - [0] ----D C:\Users\Hinda\AppData\Local\{22AAF294-2BA5-4271-BEB2-2E24C559BB9D}
O43 - CFD: 04/04/2012 - 23:28:34 - [0] ----D C:\Users\Hinda\AppData\Local\{22BE9EF9-B6FD-471C-AFF5-001F28540A66}
O43 - CFD: 06/01/2012 - 08:52:14 - [0] ----D C:\Users\Hinda\AppData\Local\{22E39AF5-DC8D-492A-8A97-6579E9829B56}
O43 - CFD: 11/10/2011 - 14:15:04 - [0] ----D C:\Users\Hinda\AppData\Local\{22F8F77A-997B-43C8-B7D5-0BEAE7C9DA10}
O43 - CFD: 31/10/2011 - 01:03:20 - [0] ----D C:\Users\Hinda\AppData\Local\{23781AE8-51EB-465A-8A39-EFDFBDC0A6C1}
O43 - CFD: 16/06/2011 - 23:44:08 - [0] ----D C:\Users\Hinda\AppData\Local\{23BE5F41-385A-47CC-B09A-AC790751D6FC}
O43 - CFD: 04/05/2012 - 02:47:05 - [0] ----D C:\Users\Hinda\AppData\Local\{24BB6EBB-89AE-44CC-A624-4B3E8C37DCCF}
O43 - CFD: 30/05/2012 - 16:00:03 - [0] ----D C:\Users\Hinda\AppData\Local\{2774A60C-009D-483A-852C-64671786C889}
O43 - CFD: 23/12/2011 - 12:32:04 - [0] ----D C:\Users\Hinda\AppData\Local\{27E69137-98FE-454D-BF6E-A20F0A1ABE21}
O43 - CFD: 27/11/2011 - 20:24:32 - [0] ----D C:\Users\Hinda\AppData\Local\{287EA990-064D-46C7-8475-0852FABBA3A3}
O43 - CFD: 06/11/2011 - 11:54:42 - [0] ----D C:\Users\Hinda\AppData\Local\{289C7AE7-C8DD-4297-BB92-6E0422095BFC}
O43 - CFD: 16/07/2011 - 19:17:37 - [0] ----D C:\Users\Hinda\AppData\Local\{28B795D7-5501-433E-9322-F2A2140F7643}
O43 - CFD: 01/09/2011 - 00:26:59 - [0] ----D C:\Users\Hinda\AppData\Local\{291FC91E-DD08-4B7D-9FC7-1EFB032F46E1}
O43 - CFD: 17/01/2012 - 00:04:46 - [0] ----D C:\Users\Hinda\AppData\Local\{295986A1-5C63-4454-8345-BB4BB4C56C01}
O43 - CFD: 16/10/2011 - 23:38:00 - [0] ----D C:\Users\Hinda\AppData\Local\{29A8EB31-81BC-4C29-A994-E016795BF71D}
O43 - CFD: 27/04/2012 - 18:56:31 - [0] ----D C:\Users\Hinda\AppData\Local\{29FC302C-FBB1-4878-84B2-0CFEEA6270A4}
O43 - CFD: 20/08/2011 - 01:11:20 - [0] ----D C:\Users\Hinda\AppData\Local\{2AE6E607-2D9F-4D80-93E1-82E6EB57AD2F}
O43 - CFD: 18/10/2011 - 00:06:23 - [0] ----D C:\Users\Hinda\AppData\Local\{2BD786FA-DEC5-44CB-9DBB-FD9582A495C5}
O43 - CFD: 12/12/2011 - 00:28:13 - [0] ----D C:\Users\Hinda\AppData\Local\{2C0030C6-0176-4E11-9D53-672F668DA437}
O43 - CFD: 13/05/2012 - 18:17:30 - [0] ----D C:\Users\Hinda\AppData\Local\{2C59C4DA-61C6-4FF3-8601-CEEB54FCA731}
O43 - CFD: 26/11/2011 - 08:15:36 - [0] ----D C:\Users\Hinda\AppData\Local\{2CD18348-08F9-4733-9183-3DE481C3013E}
O43 - CFD: 24/10/2011 - 13:03:33 - [0] ----D C:\Users\Hinda\AppData\Local\{2D75AF0D-5E9C-4349-AB0E-14D646ADEA0A}
O43 - CFD: 24/08/2011 - 14:11:43 - [0] ----D C:\Users\Hinda\AppData\Local\{2DA2EE24-54CC-489D-8E5A-D463A750B9CF}
O43 - CFD: 01/01/2012 - 01:20:44 - [0] ----D C:\Users\Hinda\AppData\Local\{2E1F4121-B6D0-4CD8-B199-18AAA8B980F1}
O43 - CFD: 20/02/2012 - 02:14:54 - [0] ----D C:\Users\Hinda\AppData\Local\{2E682814-4561-497A-96D1-AF3FB14CCA7B}
O43 - CFD: 14/09/2011 - 23:13:03 - [0] ----D C:\Users\Hinda\AppData\Local\{2E8E0532-554B-42B1-9004-AC0F72E09AC8}
O43 - CFD: 28/09/2011 - 10:07:53 - [0] ----D C:\Users\Hinda\AppData\Local\{2EF7B9F1-313B-4816-AB99-A9CECFA166C2}
O43 - CFD: 29/08/2011 - 14:22:42 - [0] ----D C:\Users\Hinda\AppData\Local\{2F0CEEC5-90B5-4048-B935-DB895981E763}
O43 - CFD: 06/03/2012 - 22:46:06 - [0] ----D C:\Users\Hinda\AppData\Local\{2F452024-C3FE-4C56-855A-BC84A96243B9}
O43 - CFD: 03/11/2011 - 11:39:30 - [0] ----D C:\Users\Hinda\AppData\Local\{2F4928F4-9626-4CB0-872A-04576B51C9B1}
O43 - CFD: 27/11/2011 - 08:19:54 - [0] ----D C:\Users\Hinda\AppData\Local\{307147A3-9A0F-4D68-9BDC-D44E497A03F7}
O43 - CFD: 28/09/2011 - 22:01:52 - [0] ----D C:\Users\Hinda\AppData\Local\{30B911C7-A855-4F65-82CB-395AEAAFFC73}
O43 - CFD: 29/01/2012 - 12:04:26 - [0] ----D C:\Users\Hinda\AppData\Local\{30DE3D46-448F-4FC7-B883-172EFA3BA426}
O43 - CFD: 06/06/2011 - 00:07:35 - [0] ----D C:\Users\Hinda\AppData\Local\{30F7E98E-5180-4EF8-AA48-5BACE2E546BB}
O43 - CFD: 01/02/2012 - 11:34:43 - [0] ----D C:\Users\Hinda\AppData\Local\{310AF317-2CD2-4FB7-A454-68B5CB6F03F5}
O43 - CFD: 04/06/2011 - 10:52:28 - [0] ----D C:\Users\Hinda\AppData\Local\{3135532E-BA31-4AF5-A35F-690CC4892E6A}
O43 - CFD: 09/01/2012 - 22:00:48 - [0] ----D C:\Users\Hinda\AppData\Local\{31502E2F-91A7-453A-9259-77A6F16BAD64}
O43 - CFD: 04/06/2012 - 19:34:34 - [0] ----D C:\Users\Hinda\AppData\Local\{315C3DEC-9BC9-4C47-8496-E86765B8D9AC}
O43 - CFD: 12/08/2011 - 00:07:34 - [0] ----D C:\Users\Hinda\AppData\Local\{31A6D0F0-E6A6-484A-83C9-E470A166AD36}
O43 - CFD: 17/08/2011 - 16:08:34 - [0] ----D C:\Users\Hinda\AppData\Local\{31B56A92-4CF1-48F8-AE80-4E9E6232A75A}
O43 - CFD: 06/12/2011 - 13:09:01 - [0] ----D C:\Users\Hinda\AppData\Local\{31CEDF38-F499-4600-B0A7-D5E7F6880998}
O43 - CFD: 28/08/2011 - 02:42:37 - [0] ----D C:\Users\Hinda\AppData\Local\{328C9A1F-74C1-462A-9CC0-2EFD8091D395}
O43 - CFD: 13/08/2011 - 05:34:08 - [0] ----D C:\Users\Hinda\AppData\Local\{32DF4560-CCCA-4263-8B46-001564871A02}
O43 - CFD: 30/10/2011 - 13:01:59 - [0] ----D C:\Users\Hinda\AppData\Local\{332E6F23-4185-4917-AAD0-A4EF386EE827}
O43 - CFD: 09/09/2011 - 15:11:57 - [0] ----D C:\Users\Hinda\AppData\Local\{334BE758-41FD-462E-93C6-6B5A32BFF743}
O43 - CFD: 06/08/2011 - 18:33:14 - [0] ----D C:\Users\Hinda\AppData\Local\{33FCB4E6-591B-40F6-A7D7-C4B3BCE10CB4}
O43 - CFD: 17/05/2012 - 09:36:52 - [0] ----D C:\Users\Hinda\AppData\Local\{34420BF5-118D-48B1-A16A-4C5614622B79}
O43 - CFD: 08/05/2012 - 20:34:13 - [0] ----D C:\Users\Hinda\AppData\Local\{34616349-C34C-450A-9626-813EE20BCDA5}
O43 - CFD: 12/12/2011 - 00:27:45 - [0] ----D C:\Users\Hinda\AppData\Local\{34C2086E-5D13-4F42-B898-13E312CADCAE}
O43 - CFD: 06/09/2011 - 18:47:46 - [0] ----D C:\Users\Hinda\AppData\Local\{34CF1309-6AEB-40CA-88D8-25ACCE6E3743}
O43 - CFD: 09/07/2011 - 22:27:07 - [0] ----D C:\Users\Hinda\AppData\Local\{35172916-9406-4764-9D5E-609640E288E3}
O43 - CFD: 26/12/2011 - 00:41:12 - [0] ----D C:\Users\Hinda\AppData\Local\{35828A22-D1D2-4B79-A2F2-5334863E2DBC}
O43 - CFD: 25/10/2011 - 07:29:56 - [0] ----D C:\Users\Hinda\AppData\Local\{35F4D9C2-980C-43F0-AA70-BBB7334CBFAA}
O43 - CFD: 24/05/2011 - 20:05:27 - [0] ----D C:\Users\Hinda\AppData\Local\{36B1AE82-A151-4DEE-B929-EDA3594BC167}
O43 - CFD: 21/09/2011 - 10:14:15 - [0] ----D C:\Users\Hinda\AppData\Local\{36BC4A03-A5A5-4B33-867A-8621D8A05B97}
O43 - CFD: 14/12/2011 - 00:38:16 - [0] ----D C:\Users\Hinda\AppData\Local\{373E53FB-4F93-4B08-A823-AD2563487861}
O43 - CFD: 30/10/2011 - 00:52:53 - [0] ----D C:\Users\Hinda\AppData\Local\{374C0401-20F4-4ACB-B13D-F9EF3049582A}
O43 - CFD: 31/05/2012 - 18:41:28 - [0] ----D C:\Users\Hinda\AppData\Local\{3785C43A-1789-494C-944D-1B0229D104FC}
O43 - CFD: 16/08/2011 - 01:05:28 - [0] ----D C:\Users\Hinda\AppData\Local\{38AC1A56-5E7B-46E3-B2DB-71A9F0ECA5C3}
O43 - CFD: 15/12/2011 - 08:29:08 - [0] ----D C:\Users\Hinda\AppData\Local\{38FB127B-9C2A-46E3-BC57-18EFCB569178}
O43 - CFD: 13/02/2012 - 00:35:08 - [0] ----D C:\Users\Hinda\AppData\Local\{396BE370-24CA-4232-9988-3AC1745FE9FA}
O43 - CFD: 29/08/2011 - 14:07:57 - [0] ----D C:\Users\Hinda\AppData\Local\{3981F0B0-0699-4D0E-AF0D-501FF59504D1}
O43 - CFD: 23/11/2011 - 23:10:01 - [0] ----D C:\Users\Hinda\AppData\Local\{39ECF2EE-673B-47E0-BE62-E1BADB613DDB}
O43 - CFD: 05/06/2012 - 23:48:56 - [0] ----D C:\Users\Hinda\AppData\Local\{3A5ADAF6-532D-4AE0-88E4-01BB86A99EE0}
O43 - CFD: 22/09/2011 - 06:42:29 - [0] ----D C:\Users\Hinda\AppData\Local\{3AC6D03B-7480-4FF5-8501-27E2A6BF2EE8}
O43 - CFD: 10/09/2011 - 06:30:19 - [0] ----D C:\Users\Hinda\AppData\Local\{3B203F26-AFCE-484A-B007-E0F36A760862}
O43 - CFD: 05/02/2012 - 11:47:03 - [0] ----D C:\Users\Hinda\AppData\Local\{3B278E37-1A91-430D-AB85-7C82763DCCF1}
O43 - CFD: 18/05/2012 - 11:33:07 - [0] ----D C:\Users\Hinda\AppData\Local\{3B2DCD3F-17CB-4545-A9C3-210975BEAE60}
O43 - CFD: 05/08/2011 - 17:53:20 - [0] ----D C:\Users\Hinda\AppData\Local\{3BB8721B-BE3B-4648-8B16-2A86FCAFF22E}
O43 - CFD: 30/04/2012 - 13:07:36 - [0] ----D C:\Users\Hinda\AppData\Local\{3CD7AE37-2EE4-4232-98E5-A8AB4E16BD54}
O43 - CFD: 15/01/2012 - 19:30:39 - [0] ----D C:\Users\Hinda\AppData\Local\{3D6A4390-4C87-467F-A5C9-324B84A7E3D7}
O43 - CFD: 24/07/2011 - 13:18:36 - [0] ----D C:\Users\Hinda\AppData\Local\{3D6D3658-A08C-4070-94C9-C607D4C49071}
O43 - CFD: 02/05/2012 - 19:29:07 - [0] ----D C:\Users\Hinda\AppData\Local\{3DBB88AE-3EF1-451D-AC1F-B9CE237A1AC7}
O43 - CFD: 23/06/2011 - 21:59:51 - [0] ----D C:\Users\Hinda\AppData\Local\{3E31D3F1-3CF1-408E-A390-307E5D097CD1}
O43 - CFD: 18/04/2012 - 13:38:16 - [0] ----D C:\Users\Hinda\AppData\Local\{3E437905-814F-47A8-B852-6698808C5F91}
O43 - CFD: 27/09/2011 - 23:07:46 - [0] ----D C:\Users\Hinda\AppData\Local\{3E6E4E19-16B7-4AF6-8E05-A49E17A8086F}
O43 - CFD: 16/09/2011 - 16:18:30 - [0] ----D C:\Users\Hinda\AppData\Local\{3EBFC3CC-AC09-4C65-9E16-D35403CCA499}
O43 - CFD: 24/12/2011 - 00:48:28 - [0] ----D C:\Users\Hinda\AppData\Local\{3EF0D313-B89A-48E2-AEB5-A58D938C9385}
O43 - CFD: 07/12/2011 - 01:10:54 - [0] ----D C:\Users\Hinda\AppData\Local\{3EF75472-296D-4738-BB75-939BC4DAC3F7}
O43 - CFD: 13/11/2011 - 15:21:38 - [0] ----D C:\Users\Hinda\AppData\Local\{3F073D61-9F63-49AD-A175-794A27201F20}
O43 - CFD: 09/10/2011 - 19:07:37 - [0] ----D C:\Users\Hinda\AppData\Local\{3F384A85-B52D-42E6-A615-FCF53997E427}
O43 - CFD: 23/05/2012 - 06:02:25 - [0] ----D C:\Users\Hinda\AppData\Local\{3F4B463C-32A5-4154-BCC4-654D45482B73}
O43 - CFD: 27/12/2011 - 17:02:06 - [0] ----D C:\Users\Hinda\AppData\Local\{3FBEB27C-B01C-4C91-B0BE-223D003C4178}
O43 - CFD: 24/11/2011 - 19:08:13 - [0] ----D C:\Users\Hinda\AppData\Local\{3FD72E1A-CEA9-49A9-BBED-3890FF22B0DE}
O43 - CFD: 18/09/2011 - 06:16:00 - [0] ----D C:\Users\Hinda\AppData\Local\{402242F0-3625-4D25-8EB3-88867AD6B79A}
O43 - CFD: 13/01/2012 - 08:34:08 - [0] ----D C:\Users\Hinda\AppData\Local\{402C59B0-5054-4C68-BB6B-1AF372CE8AED}
O43 - CFD: 23/09/2011 - 06:46:47 - [0] ----D C:\Users\Hinda\AppData\Local\{40B21678-9FB8-49CF-861F-FD3939D83F25}
O43 - CFD: 25/03/2012 - 23:01:05 - [0] ----D C:\Users\Hinda\AppData\Local\{41BEFCF4-5CB0-4D24-8FF4-B167B83B6C6F}
O43 - CFD: 01/02/2012 - 23:35:10 - [0] ----D C:\Users\Hinda\AppData\Local\{41D2D3F5-2DE4-4CDA-B582-5802733FC72D}
O43 - CFD: 08/11/2011 - 10:32:11 - [0] ----D C:\Users\Hinda\AppData\Local\{42FAAAF0-97BD-46FE-9ACB-10D1B082B40C}
O43 - CFD: 19/09/2011 - 06:38:35 - [0] ----D C:\Users\Hinda\AppData\Local\{432F29E9-946E-47DE-A217-64F3FB2B357E}
O43 - CFD: 11/10/2011 - 07:13:11 - [0] ----D C:\Users\Hinda\AppData\Local\{4389C8B3-D6A5-45B3-9B58-A097E5714F7B}
O43 - CFD: 10/10/2011 - 15:38:06 - [0] ----D C:\Users\Hinda\AppData\Local\{44122FB3-51BF-4364-A756-94FED94D77A2}
O43 - CFD: 17/08/2011 - 16:08:22 - [0] ----D C:\Users\Hinda\AppData\Local\{44C61F12-595A-41C4-96FF-D76651058388}
O43 - CFD: 08/12/2011 - 21:45:30 - [0] ----D C:\Users\Hinda\AppData\Local\{44F9FBE8-BF35-4B93-9F6D-25386D4D9BA6}
O43 - CFD: 20/10/2011 - 11:01:29 - [0] ----D C:\Users\Hinda\AppData\Local\{4504FBD0-4035-4C35-A9DB-C4A3BC838185}
O43 - CFD: 10/08/2011 - 22:56:42 - [0] ----D C:\Users\Hinda\AppData\Local\{46C5B74D-B5B6-42D5-A6B3-3A8584AABAF3}
O43 - CFD: 20/08/2011 - 06:00:24 - [0] ----D C:\Users\Hinda\AppData\Local\{46CC2963-CFC5-4B78-BBC9-DCE98E4AB6DB}
O43 - CFD: 08/08/2011 - 14:12:45 - [0] ----D C:\Users\Hinda\AppData\Local\{470EC19D-DE49-4C87-AB63-0032AD6C6267}
O43 - CFD: 26/12/2011 - 12:41:27 - [0] ----D C:\Users\Hinda\AppData\Local\{4729912F-CF19-4089-91A9-2500F409627A}
O43 - CFD: 27/05/2012 - 21:38:42 - [0] ----D C:\Users\Hinda\AppData\Local\{4788F538-B67C-480C-ACE0-FC991F837D17}
O43 - CFD: 18/10/2011 - 15:54:07 - [0] ----D C:\Users\Hinda\AppData\Local\{47D18289-1559-4C6E-9DFF-F84B73528654}
O43 - CFD: 11/09/2011 - 06:12:44 - [0] ----D C:\Users\Hinda\AppData\Local\{47FE9198-B8CB-4D65-80AC-E307DAD73C99}
O43 - CFD: 18/11/2011 - 10:58:48 - [0] ----D C:\Users\Hinda\AppData\Local\{480A49B9-6658-4840-A56C-284561FAE356}
O43 - CFD: 23/09/2011 - 23:23:02 - [0] ----D C:\Users\Hinda\AppData\Local\{48918319-17FE-486D-9F13-190267195142}
O43 - CFD: 27/09/2011 - 10:10:26 - [0] ----D C:\Users\Hinda\AppData\Local\{48C83885-0A78-4143-8EDA-04B470039ECC}
O43 - CFD: 27/01/2012 - 00:31:11 - [0] ----D C:\Users\Hinda\AppData\Local\{48F3EF3B-A5BC-4E2F-9F28-143F7EB17CD2}
O43 - CFD: 21/05/2012 - 20:43:38 - [0] ----D C:\Users\Hinda\AppData\Local\{49BBC0EC-9329-418A-8668-5C13B5A27786}
O43 - CFD: 28/02/2012 - 10:47:50 - [0] ----D C:\Users\Hinda\AppData\Local\{4B50E28B-DC56-48ED-BBFE-0F717BB0BE44}
O43 - CFD: 23/10/2011 - 01:31:18 - [0] ----D C:\Users\Hinda\AppData\Local\{4C12B944-3B64-4922-9FDA-5D2209C457E1}
O43 - CFD: 25/05/2011 - 12:04:26 - [0] ----D C:\Users\Hinda\AppData\Local\{4C4C769E-38CE-4772-8EC2-A915E0A02F62}
O43 - CFD: 12/09/2011 - 06:30:40 - [0] ----D C:\Users\Hinda\AppData\Local\{4C6F5A19-FCE3-44C3-AD03-744D96367973}
O43 - CFD: 10/02/2012 - 22:41:33 - [0] ----D C:\Users\Hinda\AppData\Local\{4C9AB7E0-BF52-4ABB-A6A3-C863838859DD}
O43 - CFD: 23/05/2012 - 06:02:38 - [0] ----D C:\Users\Hinda\AppData\Local\{4D292FA5-3B0C-4159-BD68-F846AA7CB2D4}
O43 - CFD: 13/05/2012 - 22:47:27 - [0] ----D C:\Users\Hinda\AppData\Local\{4D462F8F-364B-4A42-9371-CB78CA540D06}
O43 - CFD: 04/08/2011 - 11:47:57 - [0] ----D C:\Users\Hinda\AppData\Local\{4D6188ED-7E08-4E09-AF0D-08AF1F172952}
O43 - CFD: 03/06/2012 - 11:12:05 - [0] ----D C:\Users\Hinda\AppData\Local\{4D8EF273-2609-422C-8E8B-12D0676523E5}
O43 - CFD: 08/08/2011 - 11:28:01 - [0] ----D C:\Users\Hinda\AppData\Local\{4E051B92-5D47-4A56-8F77-C71611DC2919}
O43 - CFD: 04/12/2011 - 08:19:34 - [0] ----D C:\Users\Hinda\AppData\Local\{4E61FBF4-1DD4-4E73-891F-5BC7D703837F}
O43 - CFD: 26/05/2011 - 00:04:36 - [0] ----D C:\Users\Hinda\AppData\Local\{4E6FA669-EE97-485A-AEFC-E20D89D41E36}
O43 - CFD: 16/09/2011 - 05:41:33 - [0] ----D C:\Users\Hinda\AppData\Local\{4E9835EC-824B-4EA6-A64B-2553CD12014F}
O43 - CFD: 19/03/2012 - 00:05:12 - [0] ----D C:\Users\Hinda\AppData\Local\{4EA94275-7F5D-4BA8-922B-40E91F72A5FA}
O43 - CFD: 13/01/2012 - 20:34:57 - [0] ----D C:\Users\Hinda\AppData\Local\{4F31A076-E817-4D17-B945-2491445E4449}
O43 - CFD: 20/05/2012 - 09:41:14 - [0] ----D C:\Users\Hinda\AppData\Local\{4F6CC865-937B-4596-8959-AC020875F624}
O43 - CFD: 02/02/2012 - 15:44:05 - [0] ----D C:\Users\Hinda\AppData\Local\{4FF8ED1C-07A0-4DDE-8867-581465C70C3D}
O43 - CFD: 21/10/2011 - 19:35:47 - [0] ----D C:\Users\Hinda\AppData\Local\{508C1720-758D-4F17-BF18-07E74BCFB508}
O43 - CFD: 07/02/2012 - 12:04:28 - [0] ----D C:\Users\Hinda\AppData\Local\{51754855-5FE0-4824-BB35-95F0A77B337A}
O43 - CFD: 21/05/2012 - 10:21:32 - [0] ----D C:\Users\Hinda\AppData\Local\{51DFA751-28DD-480F-A05D-170DBCAF444A}
O43 - CFD: 18/09/2011 - 06:16:11 - [0] ----D C:\Users\Hinda\AppData\Local\{5280D9EA-17CD-4EAD-85FD-E1FE27AB5EF8}
O43 - CFD: 23/10/2011 - 16:56:46 - [0] ----D C:\Users\Hinda\AppData\Local\{52EA778E-62E5-45A2-89AA-F7553BFD392C}
O43 - CFD: 09/03/2012 - 01:00:08 - [0] ----D C:\Users\Hinda\AppData\Local\{535F32C9-925D-4660-838B-B70589CED0EE}
O43 - CFD: 24/06/2011 - 22:00:42 - [0] ----D C:\Users\Hinda\AppData\Local\{536A2D83-05E4-422A-B71B-703FECAFAEEE}
O43 - CFD: 31/10/2011 - 14:29:35 - [0] ----D C:\Users\Hinda\AppData\Local\{54790855-9C9D-4517-88CB-EE9667156460}
O43 - CFD: 28/09/2011 - 10:07:42 - [0] ----D C:\Users\Hinda\AppData\Local\{54AAA205-7630-476D-A7F4-FCAAA1279297}
O43 - CFD: 25/09/2011 - 11:05:43 - [0] ----D C:\Users\Hinda\AppData\Local\{55084910-9E05-45A2-9AF9-C75AF9A443E4}
O43 - CFD: 19/11/2011 - 13:49:38 - [0] ----D C:\Users\Hinda\AppData\Local\{555827D1-136E-44BA-8DBA-D23FC2830703}
O43 - CFD: 28/03/2012 - 23:17:38 - [0] ----D C:\Users\Hinda\AppData\Local\{55A034B5-F701-41F0-8CC5-AE1C8C3F9B49}
O43 - CFD: 12/05/2012 - 09:39:06 - [0] ----D C:\Users\Hinda\AppData\Local\{55E692A3-3E44-4F1B-8FE5-7E710E9AE705}
O43 - CFD: 16/08/2011 - 11:20:08 - [0] ----D C:\Users\Hinda\AppData\Local\{55EEBFF9-5F86-4B3D-B5A3-DB8B6B0CFBE3}
O43 - CFD: 26/10/2011 - 14:00:34 - [0] ----D C:\Users\Hinda\AppData\Local\{56078D16-FB0C-45A5-A4E8-F9646B387A35}
O43 - CFD: 07/04/2012 - 00:45:34 - [0] ----D C:\Users\Hinda\AppData\Local\{5613DA78-1735-4B27-882F-603C52B63B0B}
O43 - CFD: 27/04/2012 - 18:56:44 - [0] ----D C:\Users\Hinda\AppData\Local\{562C957B-2161-47F3-964A-7FB4A9AAE9F2}
O43 - CFD: 06/10/2011 - 00:45:49 - [0] ----D C:\Users\Hinda\AppData\Local\{563602D5-474A-4B68-B238-33180BF5D296}
O43 - CFD: 07/06/2011 - 05:23:19 - [0] ----D C:\Users\Hinda\AppData\Local\{56561458-9EB1-4921-AB46-AAD8CFE9CFCC}
O43 - CFD: 14/08/2011 - 13:09:11 - [0] ----D C:\Users\Hinda\AppData\Local\{569402A9-7BA2-41E0-9ABC-DF2A8AC04954}
O43 - CFD: 08/02/2012 - 22:03:04 - [0] ----D C:\Users\Hinda\AppData\Local\{56A1B09B-39BE-42AB-911C-CE31F6C9B655}
O43 - CFD: 19/09/2011 - 06:38:21 - [0] ----D C:\Users\Hinda\AppData\Local\{571CAA14-9689-47B1-9D08-38E25B21BB81}
O43 - CFD: 27/04/2012 - 03:39:27 - [0] ----D C:\Users\Hinda\AppData\Local\{576680BF-8AE3-4C4A-B113-DE0B8360CEC0}
O43 - CFD: 16/08/2011 - 22:15:43 - [0] ----D C:\Users\Hinda\AppData\Local\{577A9D53-1E26-4AEF-93BC-50D68C4CC51B}
O43 - CFD: 30/08/2011 - 06:38:33 - [0] ----D C:\Users\Hinda\AppData\Local\{57936F31-A652-4E75-BFDE-35E356D644CD}
O43 - CFD: 03/01/2012 - 02:21:03 - [0] ----D C:\Users\Hinda\AppData\Local\{57A55FF6-1EB6-44D5-B07C-E9364A08B2E3}
O43 - CFD: 08/12/2011 - 09:44:27 - [0] ----D C:\Users\Hinda\AppData\Local\{57B2C9EB-A30D-4826-9BDA-BD60BC055579}
O43 - CFD: 01/09/2011 - 12:50:55 - [0] ----D C:\Users\Hinda\AppData\Local\{57C97219-B2D0-4F6A-BD04-8907EE878F33}
O43 - CFD: 22/08/2011 - 13:32:44 - [0] ----D C:\Users\Hinda\AppData\Local\{5892D4F4-B6F6-4222-A532-5BAB13D4E66A}
O43 - CFD: 08/08/2011 - 14:11:21 - [0] ----D C:\Users\Hinda\AppData\Local\{59451170-A65C-4842-BDB2-AC459D8E0E69}
O43 - CFD: 27/06/2011 - 00:30:11 - [0] ----D C:\Users\Hinda\AppData\Local\{59476940-B065-4006-9B70-B76F1A35AD13}
O43 - CFD: 21/10/2011 - 07:33:59 - [0] ----D C:\Users\Hinda\AppData\Local\{5993CA94-F682-4618-BE10-B67FF06BB934}
O43 - CFD: 23/05/2012 - 00:10:34 - [0] ----D C:\Users\Hinda\AppData\Local\{59E1ED6B-7190-47BC-B97A-B964BB36CF1B}
O43 - CFD: 22/12/2011 - 12:12:42 - [0] ----D C:\Users\Hinda\AppData\Local\{5B8F98A6-3A6E-47AD-A0BA-D9A94823D158}
O43 - CFD: 14/09/2011 - 23:12:53 - [0] ----D C:\Users\Hinda\AppData\Local\{5BC2C028-5FEA-491D-8F25-C54B14FC2A69}
O43 - CFD: 24/09/2011 - 10:34:38 - [0] ----D C:\Users\Hinda\AppData\Local\{5BCFB280-6EF5-4B14-ADB2-6C651C5FE836}
O4

14 réponses


salut

▶ Téléchargez UsbFix (créé par El Desaparecido) sur votre Bureau.

▶ Si votre antivirus affiche une alerte, ignorez-la et désactivez l'antivirus temporairement.
Branchez toutes vos sources de données externes à votre PC (clé USB, disque dur externe, etc...) sans les ouvrir.
▶ Double cliquez sur UsbFix.exe.

▶ Cliquez sur Suppression.
▶ Laissez travailler l'outil.

▶ À la fin du scan, un rapport va s'afficher, postez-le dans votre prochaine réponse sur le forum.

▶ Le rapport est aussi sauvegardé à la racine du disque système ( C:\UsbFix.txt ).
Tutoriel vidéo

Messages postés
9
Date d'inscription
mercredi 6 juin 2012
Statut
Membre
Dernière intervention
7 juin 2012

bonsoir,

voici le rapport Usb fix:

############################## | UsbFix V 7.088 | [Research]

User: Hinda (Administrator) # HINDA-PC
Updated 16/05/2012 by El Desaparecido
Started at 23:29:51 | 06/06/2012

Website: https://www.sosvirus.net/
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: Dell Inc. (Inspiron N7010) (x64-based PC) # Notebook
CPU: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz (2534)
RAM -> [ Total : 5941 | Free : 4346 ]
BIOS: Ver 1.00 BIOS A09 PARTTBL
BOOT: Normal boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 8.0.7601.17514

SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AV: avast! Antivirus [ Enabled | Updated ]
FW: Windows FireWall Service [ Enabled ]

C:\ (%systemdrive%) -> Fixed drive # 581 Gb (498 Mb free - 86%) [OS] # NTFS
D:\ -> CD-ROM

################## | Active Processes |

C:\Windows\system32\csrss.exe (488)
C:\Windows\system32\wininit.exe (568)
C:\Windows\system32\csrss.exe (592)
C:\Windows\system32\services.exe (628)
C:\Windows\system32\lsass.exe (656)
C:\Windows\system32\lsm.exe (664)
C:\Windows\system32\svchost.exe (764)
C:\Windows\system32\svchost.exe (852)
C:\Windows\System32\svchost.exe (916)
C:\Windows\System32\svchost.exe (948)
C:\Windows\system32\svchost.exe (976)
C:\Windows\system32\winlogon.exe (508)
C:\Windows\system32\svchost.exe (836)
C:\Windows\system32\svchost.exe (1084)
C:\Windows\system32\WLANExt.exe (1268)
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (1284)
C:\Windows\system32\conhost.exe (1308)
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe (1332)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1340)
C:\Windows\System32\spoolsv.exe (1968)
C:\Windows\system32\svchost.exe (2004)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1172)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (1700)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1676)
C:\Program Files (x86)\Bonjour\mDNSResponder.exe (1520)
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (1876)
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (2308)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (2332)
C:\Windows\system32\svchost.exe (2396)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2452)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (2548)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2768)
C:\Windows\system32\taskhost.exe (3064)
C:\Windows\system32\Dwm.exe (2836)
C:\Windows\Explorer.EXE (2448)
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (3208)
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE (3248)
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (3492)
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (3552)
C:\Windows\System32\alg.exe (3860)
C:\Windows\system32\svchost.exe (4092)
C:\Windows\system32\svchost.exe (3392)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (4120)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4404)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (4504)
C:\Windows\System32\igfxtray.exe (4564)
C:\Windows\System32\hkcmd.exe (4636)
C:\Windows\System32\igfxpers.exe (4672)
C:\Program Files\Dell\QuickSet\quickset.exe (4712)
C:\Windows\system32\wbem\wmiprvse.exe (4760)
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (4780)
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe (4832)
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe (4980)
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (4996)
C:\Windows\system32\SearchIndexer.exe (4400)
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe (1276)
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (4220)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (4184)
C:\Program Files (x86)\iTunes\iTunesHelper.exe (4768)
C:\Program Files (x86)\Athan\Athan.exe (4212)
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe (5128)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (5176)
C:\Program Files (x86)\Ask.com\Updater\Updater.exe (5268)
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe (5308)
C:\Program Files\iPod\bin\iPodService.exe (6136)
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe (5740)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (6784)
C:\Windows\System32\svchost.exe (6912)
C:\Program Files\Windows Media Player\wmpnetwk.exe (6932)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (7004)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (864)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (6808)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (6996)
C:\Windows\system32\wbem\wmiprvse.exe (6712)
c:\program files\windows defender\MpCmdRun.exe (8176)
C:\UsbFix\Go.exe (2984)

################## | Files # Infected Folders |

Found ! C:\Users\Hinda\AppData\Local\Temp\EpsonInkjetDriverDownloader.EXE
Found ! C:\Users\Hinda\AppData\Local\Temp\7za.exe

################## | Registry |


################## | Mountpoints2 |



################## | Vaccin |

(!) This computer is not vaccinated!

################## | E.O.F |

pourquoi tu fais pas ce que je demande ?
Messages postés
9
Date d'inscription
mercredi 6 juin 2012
Statut
Membre
Dernière intervention
7 juin 2012

??? cet a dire?

relis
Messages postés
9
Date d'inscription
mercredi 6 juin 2012
Statut
Membre
Dernière intervention
7 juin 2012

ok c'est bon:

############################## | UsbFix V 7.088 | [Deletion]

User: Hinda (Administrator) # HINDA-PC
Updated 16/05/2012 by El Desaparecido
Started at 23:52:31 | 06/06/2012

Website: https://www.sosvirus.net/
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: Dell Inc. (Inspiron N7010) (x64-based PC) # Notebook
CPU: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz (2534)
RAM -> [ Total : 5941 | Free : 4225 ]
BIOS: Ver 1.00 BIOS A09 PARTTBL
BOOT: Normal boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 8.0.7601.17514

SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AV: avast! Antivirus [ Enabled | Updated ]
FW: Windows FireWall Service [ Enabled ]

C:\ (%systemdrive%) -> Fixed drive # 581 Gb (498 Mb free - 86%) [OS] # NTFS
D:\ -> CD-ROM

################## | Active Processes |

C:\Windows\system32\csrss.exe (488)
C:\Windows\system32\wininit.exe (568)
C:\Windows\system32\csrss.exe (592)
C:\Windows\system32\services.exe (628)
C:\Windows\system32\lsass.exe (656)
C:\Windows\system32\lsm.exe (664)
C:\Windows\system32\svchost.exe (764)
C:\Windows\system32\svchost.exe (852)
C:\Windows\System32\svchost.exe (916)
C:\Windows\System32\svchost.exe (948)
C:\Windows\system32\svchost.exe (976)
C:\Windows\system32\winlogon.exe (508)
C:\Windows\system32\svchost.exe (836)
C:\Windows\system32\svchost.exe (1084)
C:\Windows\system32\WLANExt.exe (1268)
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (1284)
C:\Windows\system32\conhost.exe (1308)
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe (1332)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1340)
C:\Windows\System32\spoolsv.exe (1968)
C:\Windows\system32\svchost.exe (2004)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1172)
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (1700)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1676)
C:\Program Files (x86)\Bonjour\mDNSResponder.exe (1520)
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (1876)
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (2308)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (2332)
C:\Windows\system32\svchost.exe (2396)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2452)
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (2548)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2768)
C:\Windows\system32\taskhost.exe (3064)
C:\Windows\system32\Dwm.exe (2836)
C:\Windows\Explorer.EXE (2448)
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (3208)
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE (3248)
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (3492)
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (3552)
C:\Windows\System32\alg.exe (3860)
C:\Windows\system32\svchost.exe (4092)
C:\Windows\system32\svchost.exe (3392)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (4120)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4404)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (4504)
C:\Windows\System32\igfxtray.exe (4564)
C:\Windows\System32\hkcmd.exe (4636)
C:\Windows\System32\igfxpers.exe (4672)
C:\Program Files\Dell\QuickSet\quickset.exe (4712)
C:\Windows\system32\wbem\wmiprvse.exe (4760)
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (4780)
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe (4832)
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe (4980)
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (4996)
C:\Windows\system32\SearchIndexer.exe (4400)
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe (1276)
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (4220)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (4184)
C:\Program Files (x86)\iTunes\iTunesHelper.exe (4768)
C:\Program Files (x86)\Athan\Athan.exe (4212)
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe (5128)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (5176)
C:\Program Files (x86)\Ask.com\Updater\Updater.exe (5268)
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe (5308)
C:\Program Files\iPod\bin\iPodService.exe (6136)
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe (5740)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (6784)
C:\Windows\System32\svchost.exe (6912)
C:\Program Files\Windows Media Player\wmpnetwk.exe (6932)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (7004)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (864)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (6808)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (6996)
C:\Windows\system32\taskeng.exe (2192)
C:\Windows\system32\SearchProtocolHost.exe (4156)
C:\Windows\system32\SearchFilterHost.exe (7444)
C:\UsbFix\Go.exe (7500)
C:\Windows\system32\wbem\wmiprvse.exe (7424)

################## | Stopped processes |

Stopped! C:\Windows\system32\WLANExt.exe (1268)
Stopped! C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (1284)
Stopped! C:\Windows\system32\conhost.exe (1308)
Stopped! C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe (1332)
Stopped! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1340)
Stopped! C:\Windows\System32\spoolsv.exe (1968)
Stopped! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1172)
Stopped! C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (1700)
Stopped! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1676)
Stopped! C:\Program Files (x86)\Bonjour\mDNSResponder.exe (1520)
Stopped! C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (1876)
Stopped! C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (2308)
Stopped! C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (2332)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2452)
Stopped! C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (2548)
Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2768)
Stopped! C:\Windows\system32\taskhost.exe (3064)
Stopped! C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (3208)
Stopped! C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE (3248)
Stopped! C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (3492)
Stopped! C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (3552)
Stopped! C:\Windows\System32\alg.exe (3860)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (4120)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4404)
Stopped! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (4504)
Stopped! C:\Windows\System32\igfxtray.exe (4564)
Stopped! C:\Windows\System32\hkcmd.exe (4636)
Stopped! C:\Windows\System32\igfxpers.exe (4672)
Stopped! C:\Program Files\Dell\QuickSet\quickset.exe (4712)
Stopped! C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (4780)
Stopped! C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe (4832)
Stopped! C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe (4980)
Stopped! C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (4996)
Stopped! C:\Windows\system32\SearchIndexer.exe (4400)
Stopped! C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe (1276)
Stopped! C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (4220)
Stopped! C:\Program Files\AVAST Software\Avast\AvastUI.exe (4184)
Stopped! C:\Program Files (x86)\iTunes\iTunesHelper.exe (4768)
Stopped! C:\Program Files (x86)\Athan\Athan.exe (4212)
Stopped! C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe (5128)
Stopped! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (5176)
Stopped! C:\Program Files (x86)\Ask.com\Updater\Updater.exe (5268)
Stopped! C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe (5308)
Stopped! C:\Program Files\iPod\bin\iPodService.exe (6136)
Stopped! C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe (5740)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (6784)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (6932)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (7004)
Stopped! C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (864)
Stopped! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (6808)
Stopped! C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (6996)
Stopped! C:\Windows\system32\taskeng.exe (2192)
Stopped! c:\program files\windows defender\MpCmdRun.exe (3668)

################## | Files # Infected Folders |

Deleted ! C:\Users\Hinda\AppData\Local\Temp\EpsonInkjetDriverDownloader.EXE
Deleted ! C:\Users\Hinda\AppData\Local\Temp\7za.exe
Deleted ! C:\$RECYCLE.BIN\S-1-5-20
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-2647959408-2079287883-1907983367-1000
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-2647959408-2079287883-1907983367-500

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[06/06/2012 - 23:56:33 | SHD ] C:\$Recycle.Bin
[11/10/2011 - 07:29:36 | D ] C:\677420aa8d24365805e09ad3640bfa7a
[21/05/2011 - 16:03:12 | D ] C:\8b2331a490933910dc0db3e4
[02/03/2011 - 13:25:56 | D ] C:\Apps
[11/10/2011 - 07:19:35 | D ] C:\b9211b024fe978971616
[12/10/2011 - 13:17:35 | D ] C:\c787aa7d247d004c4392ba5ad4df6267
[09/05/2011 - 15:53:48 | D ] C:\DELL
[25/02/2011 - 20:11:30 | N | 3855] C:\dell.sdr
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[02/03/2011 - 14:59:45 | D ] C:\Drivers
[11/04/2008 - 10:07:18 | N | 3820] C:\eula.1028.txt
[11/04/2008 - 10:07:18 | N | 15428] C:\eula.1031.txt
[11/04/2008 - 10:07:18 | N | 10058] C:\eula.1033.txt
[11/04/2008 - 10:07:18 | N | 12246] C:\eula.1036.txt
[11/04/2008 - 10:07:18 | N | 13912] C:\eula.1040.txt
[11/04/2008 - 10:07:18 | N | 5868] C:\eula.1041.txt
[11/04/2008 - 10:07:18 | N | 5970] C:\eula.1042.txt
[11/04/2008 - 10:07:18 | N | 10134] C:\eula.1049.txt
[11/04/2008 - 10:07:18 | N | 3814] C:\eula.2052.txt
[11/04/2008 - 10:07:18 | N | 12936] C:\eula.3082.txt
[18/11/2011 - 11:25:09 | D ] C:\FIND_EULA_PATH
[11/04/2008 - 10:07:18 | N | 1110] C:\globdata.ini
[05/06/2012 - 23:46:41 | ASH | 4671815680] C:\hiberfil.sys
[11/04/2008 - 08:03:48 | N | 562688] C:\install.exe
[11/04/2008 - 10:07:18 | N | 843] C:\install.ini
[11/04/2008 - 08:03:48 | N | 76304] C:\install.res.1028.dll
[11/04/2008 - 08:03:48 | N | 96272] C:\install.res.1031.dll
[11/04/2008 - 08:03:48 | N | 91152] C:\install.res.1033.dll
[11/04/2008 - 08:03:48 | N | 97296] C:\install.res.1036.dll
[11/04/2008 - 08:03:48 | N | 95248] C:\install.res.1040.dll
[11/04/2008 - 08:03:48 | N | 81424] C:\install.res.1041.dll
[11/04/2008 - 08:03:48 | N | 79888] C:\install.res.1042.dll
[11/04/2008 - 10:09:24 | N | 93200] C:\install.res.1049.dll
[11/04/2008 - 08:03:48 | N | 75792] C:\install.res.2052.dll
[11/04/2008 - 08:03:48 | N | 96272] C:\install.res.3082.dll
[02/03/2011 - 15:01:57 | D ] C:\Intel
[08/08/2011 - 22:32:28 | RHD ] C:\MSOCache
[05/06/2012 - 23:46:44 | ASH | 6229090304] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[23/01/2012 - 15:26:42 | D ] C:\Program Files
[05/06/2012 - 10:23:15 | D ] C:\Program Files (x86)
[20/05/2012 - 09:31:41 | HD ] C:\ProgramData
[09/05/2011 - 16:04:39 | SHD ] C:\System Recovery
[05/06/2012 - 14:12:24 | SHD ] C:\System Volume Information
[02/03/2011 - 13:47:44 | D ] C:\Temp
[06/06/2012 - 23:56:33 | D ] C:\UsbFix
[06/06/2012 - 23:55:15 | A | 12209] C:\UsbFix.txt
[03/05/2011 - 04:04:56 | D ] C:\Users
[07/11/2007 - 09:00:40 | N | 5686] C:\vcredist.bmp
[11/04/2008 - 10:09:38 | N | 3797292] C:\VC_RED.cab
[11/04/2008 - 10:11:40 | N | 233472] C:\VC_RED.MSI
[20/05/2012 - 20:26:14 | D ] C:\Windows
[06/06/2012 - 19:30:39 | D ] C:\ZHP

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_HINDA-PC.zip
http://eldesaparecido.com/upload.php
Thank you for your contribution.

################## | E.O.F |

Désactive toutes tes protections si possible , antivirus , sandbox , etc....

telecharge et enregistre Pre_Scan sur ton bureau :

http://forums-fec.be/gen-hackman/Pre_Scan.exe
http://general-changelog-team.fr/fr/downloads/viewdownload/41-outils-de-gen-hackman/52-pre-scan

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"

si l'outil est bloqué par l'infection utilise cette version avec extension .pif :

http://forums-fec.be/gen-hackman/Pre_Scan.pif

ou cette version renommée winlogon.exe :

http://forums-fec.be/gen-hackman/winlogon.exe

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan


NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider
Messages postés
9
Date d'inscription
mercredi 6 juin 2012
Statut
Membre
Dernière intervention
7 juin 2012

mets internet explorer à jour
mets mozilla à jour

========

ne telecharge plus sur 01net , ils refourguent des toolbars pourries avec les installeurs de programmes , ils les repackent à leur sauce !

========

desinstalle 4shared toolbar
desinstalle complitly
desinstalle Ask.com/Ask.Toolbar
desinstalle searchweb
desinstalle tout Java

========

Selectionne tout le texte en gras ci-dessous sans les lignes de dessus-dessous, puis (clic droit/copier ou ctrl+c) :
___________________________________________________
Kill::

Registry::
[-HKU\S-1-5-21-2647959408-2079287883-1907983367-1000\Software\Microsoft\Internet Explorer\SearchScopes\{12995981-2FD6-4BEE-9FB0-B1674E8E5E7E}]
[-HKU\S-1-5-21-2647959408-2079287883-1907983367-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A63FB974-580C-4D15-96A1-A783DCFC7CD1}]
[-HKU\S-1-5-21-2647959408-2079287883-1907983367-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}]
[-HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}]
[-HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}]
[-HKU\S-1-5-21-2647959408-2079287883-1907983367-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}]
[-HKU\S-1-5-21-2647959408-2079287883-1907983367-1000_Classes\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}]
[-HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}]
[-HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}]
[-HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
""=-
"QuickTime Task"=-
"ApnUpdater"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
""=-
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]
"Locked"=-
"{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
"{95080B13-AA71-4EE8-B951-7E98221E1ED5}"=-
[HKU\S-1-5-21-2647959408-2079287883-1907983367-1000\Software\Microsoft\Internet Explorer\Toolbar]
"Locked"=-
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95525BD9-6136-4A26-8263-9CEE295D442D}]
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0924543-15FD-4F3D-889C-0B4562A9CB45}]
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[-HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
[-HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[-HKU\S-1-5-21-2647959408-2079287883-1907983367-1000\Software\4shared Toolbar]
[-HKU\S-1-5-21-2647959408-2079287883-1907983367-1000\Software\APN]
[-HKU\S-1-5-21-2647959408-2079287883-1907983367-1000\Software\Ask.com]
[-HKU\S-1-5-21-2647959408-2079287883-1907983367-1000\Software\Complitly]
[-HKLM\Software\APN]
[-HKLM\Software\AskToolbar]

File::
C:\Users\Guillaume\Downloads\SweetImSetup.exe
C:\Program Files (x86)\Mozilla Firefox\searchplugins\4shared.xml
C:\Windows\,÷e
C:\Users\Hinda\Downloads\avast_free6_01Net.exe
C:\Users\Hinda\AppData\Roaming\Mozilla\Firefox\Profiles\xzmb5539.default\extensions\4sharedToolbar.xpi

Folder::
C:\Program Files (x86)\searchweb
C:\Program Files (x86)\Ask.com
C:\Users\Hinda\AppData\Roaming\Mozilla\Firefox\Profiles\xzmb5539.default\extensions\toolbar@ask.com
C:\Users\Hinda\AppData\Roaming\Complitly
C:\Program Files (x86)\4shared Toolbar
C:\677420aa8d24365805e09ad3640bfa7a
C:\8b2331a490933910dc0db3e4
C:\b9211b024fe978971616
C:\c787aa7d247d004c4392ba5ad4df6267
C:\Users\Hinda\AppData\Local\APN
C:\Program Files (x86)\Complitly

MBR::

clean::

Reboot::

___________________________________________________

Relance Pre_scan puis choisis l'option "Script"

une page va s'ouvrir

logiquement le texte que tu as sélectionné s'y trouve déjà , donc tu fermes et le programme va travailler.

sinon colle-le (clic droit/coller ou ctrl+V) dans la page vierge.

puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte

des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille

poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan_Concept ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Messages postés
9
Date d'inscription
mercredi 6 juin 2012
Statut
Membre
Dernière intervention
7 juin 2012

merci beaucoup de ton aide!

voici le rapport:

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 2.606 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Hinda : Windows 7 Home Premium (64 bits)

Switchs : https://gen-hackman.kanak.fr/

Script : 11:40:04

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Absent : C:\Users\Guillaume\Downloads\SweetImSetup.exe
Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\4shared.xml
Supprimé : C:\Windows\,÷e
Supprimé : C:\Users\Hinda\Downloads\avast_free6_01Net.exe
Supprimé : C:\Users\Hinda\AppData\Roaming\Mozilla\Firefox\Profiles\xzmb5539.default\extensions\4sharedToolbar.xpi

¤

Supprimé : C:\Program Files (x86)\searchweb
Absent : C:\Program Files (x86)\Ask.com
Absent : C:\Users\Hinda\AppData\Roaming\Mozilla\Firefox\Profiles\xzmb5539.default\extensions\toolbar@ask.com
Absent : C:\Users\Hinda\AppData\Roaming\Complitly
Supprimé : C:\Program Files (x86)\4shared Toolbar
Supprimé : C:\677420aa8d24365805e09ad3640bfa7a
Supprimé : C:\8b2331a490933910dc0db3e4
Supprimé : C:\b9211b024fe978971616
non Supprimé : C:\c787aa7d247d004c4392ba5ad4df6267
Supprimé : C:\Users\Hinda\AppData\Local\APN
Absent : C:\Program Files (x86)\Complitly

¤


Fin : 11:40:06

¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤

t'es sur qu'il y ait eu tout ce que était en gras ?
Messages postés
9
Date d'inscription
mercredi 6 juin 2012
Statut
Membre
Dernière intervention
7 juin 2012

voila de nouveau

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 2.606 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Hinda : Windows 7 Home Premium (64 bits)

Switchs : https://gen-hackman.kanak.fr/

Script : 13:42:33

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Modification du registre effectuée

¤

Absent : C:\Users\Guillaume\Downloads\SweetImSetup.exe
Absent : C:\Program Files (x86)\Mozilla Firefox\searchplugins\4shared.xml
Absent : C:\Windows\,÷e
Absent : C:\Users\Hinda\Downloads\avast_free6_01Net.exe
Absent : C:\Users\Hinda\AppData\Roaming\Mozilla\Firefox\Profiles\xzmb5539.default\extensions\4sharedToolbar.xpi

¤

Absent : C:\Program Files (x86)\searchweb
Absent : C:\Program Files (x86)\Ask.com
Absent : C:\Users\Hinda\AppData\Roaming\Mozilla\Firefox\Profiles\xzmb5539.default\extensions\toolbar@ask.com
Absent : C:\Users\Hinda\AppData\Roaming\Complitly
Absent : C:\Program Files (x86)\4shared Toolbar
Absent : C:\677420aa8d24365805e09ad3640bfa7a
Absent : C:\8b2331a490933910dc0db3e4
Absent : C:\b9211b024fe978971616
non Supprimé : C:\c787aa7d247d004c4392ba5ad4df6267
Absent : C:\Users\Hinda\AppData\Local\APN
Absent : C:\Program Files (x86)\Complitly

¤

¤¤¤¤¤¤¤¤¤¤ | MBR

Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron N7010
Logical Drives Mask: 0x0001000c

Analysis of file "C:\Pre_Scan\MBR.bin":
Windows 2008 MBR code detected

¤


¤¤¤¤¤¤¤¤¤¤ | Nettoyage disque

Nettoyage du disque effectué

¤


explorer.exe -> Processus redémarré

Fin : 13:43:06

¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤

Télécharge et enregistre ADWcleaner sur ton bureau :

ADWCleaner (Merci à Xplode)

Lance le,

clique sur suppression et poste son rapport.
Messages postés
9
Date d'inscription
mercredi 6 juin 2012
Statut
Membre
Dernière intervention
7 juin 2012

voila

# AdwCleaner v1.608 - Logfile created 06/07/2012 at 19:02:34
# Updated 27/05/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Hinda - HINDA-PC
# Running from : C:\Users\Hinda\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Hinda\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Hinda\AppData\LocalLow\Toolbar4
File Deleted : C:\Users\Hinda\AppData\Roaming\Mozilla\Firefox\Profiles\xzmb5539.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\TBSB02609.IEToolbar
[*] Key Deleted : HKLM\SOFTWARE\Classes\TBSB02609.IEToolbar.1
[*] Key Deleted : HKLM\SOFTWARE\Classes\TBSB02609.TBSB02609
[*] Key Deleted : HKLM\SOFTWARE\Classes\TBSB02609.TBSB02609.3
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB02609
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB02609.1
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C0924543-15FD-4F3D-889C-0B4562A9CB45}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0924543-15FD-4F3D-889C-0B4562A9CB45}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C0924543-15FD-4F3D-889C-0B4562A9CB45}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0924543-15FD-4F3D-889C-0B4562A9CB45}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (fr)

Profile name : default
File : C:\Users\Hinda\AppData\Roaming\Mozilla\Firefox\Profiles\xzmb5539.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v19.0.1084.52

File : C:\Users\Hinda\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [12531 octets] - [07/06/2012 19:01:03]
AdwCleaner[S1].txt - [270 octets] - [07/06/2012 19:01:19]
AdwCleaner[R2].txt - [12651 octets] - [07/06/2012 19:02:08]
AdwCleaner[R3].txt - [12712 octets] - [07/06/2012 19:02:26]
AdwCleaner[S2].txt - [9528 octets] - [07/06/2012 19:02:34]

########## EOF - C:\AdwCleaner[S2].txt - [9656 octets] ##########