Virus Trojan Generic, que faire?
Résolu/Fermé
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
-
Modifié par mandragores le 22/07/2012 à 17:23
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 - 24 juil. 2012 à 20:32
juju666 Messages postés 35446 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 21 avril 2024 - 24 juil. 2012 à 20:32
Bonjour,
depuis une semaine, un virus trojan generic est apparu sur mon ordinateur, bitdefender arrive à supprimer tout les autres mais pas celui là, tout du moins, pas de manière permanente. Son nom est trojan generic 7552386.
J'arrive à bout et tout ce que je fais échoue lamentablement, auriez-vous une solution? J'ai entendu parler de divers logiciel, mais lesquels?
Merci pour vos réponses.
depuis une semaine, un virus trojan generic est apparu sur mon ordinateur, bitdefender arrive à supprimer tout les autres mais pas celui là, tout du moins, pas de manière permanente. Son nom est trojan generic 7552386.
J'arrive à bout et tout ce que je fais échoue lamentablement, auriez-vous une solution? J'ai entendu parler de divers logiciel, mais lesquels?
Merci pour vos réponses.
A voir également:
- Java.trojan.genericgba
- Tlauncher virus ✓ - Forum Jeux vidéo
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Trojan wacatac ✓ - Forum Virus
- Svchost.exe virus - Guide
- Virus trojan al11 ✓ - Forum Virus
25 réponses
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 795
22 juil. 2012 à 17:25
22 juil. 2012 à 17:25
Salut,
Trojan Generic .... bah c'est générique comme nom, ça parle pas beaucoup :p
tu as des rapports de bit defender à nous montrer qu'on voit un peu sur quels fichiers ça se passe ?
Trojan Generic .... bah c'est générique comme nom, ça parle pas beaucoup :p
tu as des rapports de bit defender à nous montrer qu'on voit un peu sur quels fichiers ça se passe ?
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
22 juil. 2012 à 17:29
22 juil. 2012 à 17:29
Le fichier est situé dans C:\Windows\assembly\GAC_32\Desktop.ini, j'ai bien essayé de chercher ce fichier mais introuvable, même en faisant apparaitre les fichiers protégés du système d'exploitation.
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 795
22 juil. 2012 à 17:33
22 juil. 2012 à 17:33
Arf c'est 0access ça.
désactive bit defender
===================================
Télécharge combofix sur ton bureau et pas ailleurs
https://www.bleepingcomputer.com/download/combofix/
si possible renomme-le avant de l'enregistrer (clic droit sur le lien -> enregistrer la cible du lien sous -> à ce moment tu change son nom et tu mets comme destination ton bureau)
lance combofix, il devra redémarrer ton pc
à la fin poste son rapport
désactive bit defender
===================================
Télécharge combofix sur ton bureau et pas ailleurs
https://www.bleepingcomputer.com/download/combofix/
si possible renomme-le avant de l'enregistrer (clic droit sur le lien -> enregistrer la cible du lien sous -> à ce moment tu change son nom et tu mets comme destination ton bureau)
lance combofix, il devra redémarrer ton pc
à la fin poste son rapport
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
22 juil. 2012 à 18:17
22 juil. 2012 à 18:17
Voilà le rapport de combofix:
ComboFix 12-07-21.01 - Jeffrey 22/07/2012 17:45:31.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.6071.4167 [GMT 2:00]
Lancé depuis: c:\users\Jeffrey\Desktop\Contre.exe
AV: Bitdefender Antivirus *Enabled/Outdated* {50909708-FF80-02AF-F814-B28405891E92}
FW: Bitdefender Pare-feu *Enabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
SP: Bitdefender Antispyware *Enabled/Outdated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Incredibar.com
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\inCRedibar.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibar.crx
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\inCRedibartlbr.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\program files (x86)\Windows Searchqu Toolbar
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml.alt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf.alt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\as_guid.dat
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\engines.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\search.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\about.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\neterror.xhtml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\partner.coupons.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\preferences.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\template.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.htm
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluelite.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluesky.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn_settings.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ca.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dictionary.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\downloadcom.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dtxlogo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ebay.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email_on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\facebook.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\games.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphredna.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\grey.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ico-shield.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_radio_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_seperator_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_twitter.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_youtube.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\images.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\imesh.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\add.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\aol.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\blank.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\chevron.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\collapse.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\comcast.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\dtx.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\expand.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\found.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\gmail.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\imap.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lock.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\modify.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\move.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\pop.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\reload.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\remove.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rename.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rss.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search-go.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lichen.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-about.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-separator.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\mail.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\maps.bmp
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify-save.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modifyhot.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\music.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\news.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-main.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\orange.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\pixsy.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\protect-id.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\relatedlinks.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-collapse.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-delete.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-expand.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-feed.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-found.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rssback.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rsstopback.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_over_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\settings.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\shopping.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\siteinfo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-lichen.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-orange.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-yellow.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\technorati.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\throbber.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\translate.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\video.bmp
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\weather.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\web.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\wikipedia.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yahoosearch.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yellow.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\youtube.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\zoom.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\manifest.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngr.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngrUI.exe
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\DnsBHO.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\IEBHO.dll
c:\program files (x86)\Windows Searchqu Toolbar\sysid.ini
c:\program files (x86)\Windows Searchqu Toolbar\uninstall.exe
c:\program files\Web Assistant\ExTEnsion32.dll
c:\programdata\1334578463.bdinstall.bin
c:\programdata\1342522710.bdinstall.bin
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\L\00000004.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\n
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\00000004.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\00000008.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\000000cb.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000000.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000032.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000064.@
c:\users\Jeffrey\AppData\Local\EoRezo
c:\users\Jeffrey\AppData\Local\EoRezo\EoRezo\eorezo_confMedia.cyp
c:\users\Jeffrey\AppData\Local\EoRezo\EoRezo\EoStats\eoStats.txt
c:\users\Jeffrey\AppData\Local\EoRezo\EoRezo\user.cyp
c:\users\Jeffrey\AppData\Local\EoRezo\EoRezo\user_profil.cyp
c:\users\Jeffrey\AppData\Roaming\eoRezo
c:\users\Jeffrey\AppData\Roaming\eoRezo\cmhost.cyp
c:\users\Jeffrey\AppData\Roaming\eoRezo\ConfMedia.cyp
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather.cfg
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\EoWeather.cfg
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\EoWeatherVal_02EC282.cfg
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\67_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\67_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\69_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\69_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\70_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\70_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\78_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\78_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\82_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\82_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\83_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\83_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\84_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\84_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\85_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\85_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\89_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\89_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\back.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\background.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\background_1.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\background_1days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\background_2days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\background_7days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\backPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\band.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\band_small.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\close.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\closePressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\dayPrevisionBackground.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\dayPrevisionClose.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\earth.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\fonds_écran.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\help.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\helpPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\minimise.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\minimisePressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\next.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\nextPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\option.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\optionPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\reflet_ecran.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\small_background.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\Thumbs.db
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\67_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\67_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\69_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\69_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\70_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\70_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\78_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\78_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\82_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\82_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\83_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\83_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\84_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\84_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\85_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\85_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\89_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\89_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\about.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\back.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_1.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_1days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_2days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_7days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\backPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\close.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\closePressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\earth.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\fonds_écran.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\help.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\helpPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\minimise.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\minimisePressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\next.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\nextPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\option.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\optionPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\reflet_ecran.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\Thumbs.db
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\txt_14x13.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\host.cyp
c:\users\Jeffrey\AppData\Roaming\eoRezo\user.cyp
c:\users\Jeffrey\Documents\~WRL0003.tmp
c:\users\Ornella\AppData\Local\EoRezo
c:\users\Ornella\AppData\Local\EoRezo\EoRezo\eorezo_confMedia.cyp
c:\users\Ornella\AppData\Local\EoRezo\EoRezo\user.cyp
c:\users\Ornella\AppData\Local\EoRezo\EoRezo\user_profil.cyp
c:\users\Ornella\AppData\Roaming\eoRezo
c:\users\Ornella\AppData\Roaming\eoRezo\cmhost.cyp
c:\users\Ornella\AppData\Roaming\eoRezo\ConfMedia.cyp
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather.cfg
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\EoWeather.cfg
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\EoWeatherVal_02EC282.cfg
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\67_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\67_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\69_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\69_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\70_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\70_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\78_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\78_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\82_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\82_ni
ComboFix 12-07-21.01 - Jeffrey 22/07/2012 17:45:31.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.6071.4167 [GMT 2:00]
Lancé depuis: c:\users\Jeffrey\Desktop\Contre.exe
AV: Bitdefender Antivirus *Enabled/Outdated* {50909708-FF80-02AF-F814-B28405891E92}
FW: Bitdefender Pare-feu *Enabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
SP: Bitdefender Antispyware *Enabled/Outdated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Incredibar.com
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\inCRedibar.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibar.crx
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\inCRedibartlbr.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\program files (x86)\Windows Searchqu Toolbar
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml.alt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf.alt
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\as_guid.dat
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\engines.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\search.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\about.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\neterror.xhtml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\partner.coupons.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\preferences.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\template.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.htm
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.xul
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluelite.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluesky.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn_settings.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ca.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dictionary.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\downloadcom.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dtxlogo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ebay.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email_on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\facebook.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\games.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4_5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphredna.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\grey.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ico-shield.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_radio_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_seperator_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_twitter.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_youtube.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\images.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\imesh.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\add.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\aol.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\blank.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\chevron.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\collapse.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\comcast.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\dtx.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\expand.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\found.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\gmail.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\imap.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lock.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\modify.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\move.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\pop.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\reload.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\remove.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rename.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rss.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search-go.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lichen.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-about.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-separator.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\mail.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\maps.bmp
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify-save.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modifyhot.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\music.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\news.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-main.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\orange.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\pixsy.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\protect-id.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\relatedlinks.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-collapse.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-delete.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-expand.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-feed.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-found.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rssback.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rsstopback.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search-over.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_over_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\settings.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\shopping.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\siteinfo.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-grey.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-lichen.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-orange.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-yellow.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\technorati.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\throbber.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\translate.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\video.bmp
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.css
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\weather.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\web.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\wikipedia.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yahoosearch.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yellow.gif
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\youtube.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\zoom.png
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\manifest.xml
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngr.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngrUI.exe
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\DnsBHO.dll
c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\IEBHO.dll
c:\program files (x86)\Windows Searchqu Toolbar\sysid.ini
c:\program files (x86)\Windows Searchqu Toolbar\uninstall.exe
c:\program files\Web Assistant\ExTEnsion32.dll
c:\programdata\1334578463.bdinstall.bin
c:\programdata\1342522710.bdinstall.bin
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\L\00000004.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\n
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\00000004.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\00000008.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\000000cb.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000000.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000032.@
c:\users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000064.@
c:\users\Jeffrey\AppData\Local\EoRezo
c:\users\Jeffrey\AppData\Local\EoRezo\EoRezo\eorezo_confMedia.cyp
c:\users\Jeffrey\AppData\Local\EoRezo\EoRezo\EoStats\eoStats.txt
c:\users\Jeffrey\AppData\Local\EoRezo\EoRezo\user.cyp
c:\users\Jeffrey\AppData\Local\EoRezo\EoRezo\user_profil.cyp
c:\users\Jeffrey\AppData\Roaming\eoRezo
c:\users\Jeffrey\AppData\Roaming\eoRezo\cmhost.cyp
c:\users\Jeffrey\AppData\Roaming\eoRezo\ConfMedia.cyp
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather.cfg
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\EoWeather.cfg
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\EoWeatherVal_02EC282.cfg
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\67_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\67_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\69_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\69_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\70_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\70_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\78_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\78_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\82_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\82_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\83_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\83_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\84_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\84_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\85_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\85_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\89_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\89_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\back.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\background.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\background_1.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\background_1days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\background_2days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\background_7days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\backPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\band.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\band_small.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\close.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\closePressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\dayPrevisionBackground.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\dayPrevisionClose.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\earth.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\fonds_écran.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\help.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\helpPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\minimise.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\minimisePressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\next.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\nextPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\option.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\optionPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\reflet_ecran.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\small_background.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_classic\Thumbs.db
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\67_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\67_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\69_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\69_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\70_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\70_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\78_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\78_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\82_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\82_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\83_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\83_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\84_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\84_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\85_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\85_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\89_day.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\89_night.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\about.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\back.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_1.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_1days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_2days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_7days.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\backPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\close.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\closePressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\earth.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\fonds_écran.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\help.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\helpPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\minimise.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\minimisePressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\next.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\nextPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\option.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\optionPressed.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\reflet_ecran.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\Thumbs.db
c:\users\Jeffrey\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\txt_14x13.png
c:\users\Jeffrey\AppData\Roaming\eoRezo\host.cyp
c:\users\Jeffrey\AppData\Roaming\eoRezo\user.cyp
c:\users\Jeffrey\Documents\~WRL0003.tmp
c:\users\Ornella\AppData\Local\EoRezo
c:\users\Ornella\AppData\Local\EoRezo\EoRezo\eorezo_confMedia.cyp
c:\users\Ornella\AppData\Local\EoRezo\EoRezo\user.cyp
c:\users\Ornella\AppData\Local\EoRezo\EoRezo\user_profil.cyp
c:\users\Ornella\AppData\Roaming\eoRezo
c:\users\Ornella\AppData\Roaming\eoRezo\cmhost.cyp
c:\users\Ornella\AppData\Roaming\eoRezo\ConfMedia.cyp
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather.cfg
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\EoWeather.cfg
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\EoWeatherVal_02EC282.cfg
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\67_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\67_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\69_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\69_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\70_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\70_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\78_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\78_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\82_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\82_ni
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
22 juil. 2012 à 18:20
22 juil. 2012 à 18:20
ght.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\83_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\83_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\84_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\84_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\85_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\85_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\89_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\89_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\back.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\background.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\background_1.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\background_1days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\background_2days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\background_7days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\backPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\band.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\band_small.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\close.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\closePressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\dayPrevisionBackground.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\dayPrevisionClose.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\earth.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\fonds_écran.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\help.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\helpPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\minimise.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\minimisePressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\next.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\nextPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\option.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\optionPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\reflet_ecran.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\small_background.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\Thumbs.db
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\67_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\67_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\69_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\69_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\70_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\70_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\78_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\78_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\82_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\82_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\83_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\83_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\84_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\84_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\85_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\85_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\89_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\89_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\about.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\back.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_1.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_1days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_2days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_7days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\backPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\close.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\closePressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\earth.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\fonds_écran.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\help.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\helpPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\minimise.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\minimisePressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\next.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\nextPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\option.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\optionPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\reflet_ecran.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\Thumbs.db
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\txt_14x13.png
c:\users\Ornella\AppData\Roaming\eoRezo\host.cyp
c:\users\Ornella\AppData\Roaming\eoRezo\user.cyp
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\@
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\L\00000004.@
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\L\1afb2d56
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\L\201d3dde
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\n
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000032.@
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000064.@
c:\windows\SysWow64\muzapp.exe
.
Une copie infectée de c:\windows\system32\Services.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-06-22 au 2012-07-22 ))))))))))))))))))))))))))))))))))))
.
.
2012-07-22 16:03 . 2012-07-22 16:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-22 16:03 . 2012-07-22 16:03 -------- d-----w- c:\users\Fabiola\AppData\Local\temp
2012-07-22 16:03 . 2012-07-22 16:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-18 11:49 . 2012-07-18 11:49 79952 ------w- c:\windows\system32\drivers\bdsandbox.sys
2012-07-18 10:05 . 2012-07-18 10:05 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\Seik
2012-07-18 06:04 . 2012-07-18 06:04 -------- d-----w- c:\users\Fabiola\AppData\Roaming\Bitdefender
2012-07-17 11:08 . 2012-07-17 11:08 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\liQeNSoft
2012-07-17 11:07 . 2012-07-17 11:11 -------- d-----w- c:\users\Jeffrey\AppData\Local\liQeNSoft
2012-07-17 11:02 . 2012-07-17 11:02 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\Bitdefender
2012-07-17 11:02 . 2012-07-17 11:03 -------- d-----w- c:\programdata\Bitdefender
2012-07-17 10:58 . 2011-10-27 13:07 329800 ------w- c:\windows\system32\drivers\trufos.sys
2012-07-17 10:58 . 2011-08-16 12:59 442088 ------w- c:\windows\system32\drivers\bdfsfltr.sys
2012-07-16 11:00 . 2012-07-16 11:00 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-07-16 10:50 . 2012-07-17 11:50 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\xsecva
2012-07-12 06:56 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-07 18:40 . 2012-07-07 18:40 -------- d-----w- c:\programdata\Wild Tangent
2012-07-07 18:38 . 2012-07-07 18:38 -------- d-----w- c:\users\Ornella\AppData\Roaming\FloodLightGames
2012-07-07 18:38 . 2012-07-07 18:38 -------- d-----w- c:\programdata\FloodLightGames
2012-07-07 18:31 . 2012-07-07 18:31 -------- d-----w- c:\users\Ornella\AppData\Roaming\WildTangent
2012-06-29 11:20 . 2012-03-15 00:00 2529540 ----a-w- c:\windows\system32\nvcoproc.bin
2012-06-29 11:04 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-06-29 11:04 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-06-22 16:58 . 2012-07-15 03:26 -------- d-----w- c:\programdata\Recovery
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-16 12:43 . 2012-04-01 20:21 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-16 12:43 . 2011-05-16 20:39 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 06:48 . 2011-05-17 15:29 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-02 22:19 . 2012-06-21 06:55 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 06:55 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 06:56 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 06:55 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 06:55 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 06:55 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 06:55 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 06:55 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 06:55 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-28 22:38 . 2012-05-28 22:38 330240 ------w- c:\windows\MASetupCaller.dll
2012-05-23 16:50 . 2011-08-04 19:02 4659712 ------w- c:\windows\SysWow64\Redemption.dll
2012-05-23 16:49 . 2012-05-23 16:49 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-05-23 16:49 . 2011-08-04 19:02 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-05-21 02:09 . 2012-06-16 15:46 99384 ------w- c:\windows\system32\drivers\ssudbus.sys
2012-05-21 02:09 . 2012-06-16 15:46 203320 ------w- c:\windows\system32\drivers\ssudmdm.sys
2012-05-19 12:17 . 2012-05-19 12:17 27176 ------w- c:\windows\system32\drivers\ggsemc.sys
2012-05-19 12:17 . 2012-05-19 12:17 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-05-19 12:17 . 2012-05-19 12:17 13352 ------w- c:\windows\system32\drivers\ggflt.sys
2012-05-17 10:02 . 2012-05-17 10:02 2577 ----a-w- c:\windows\system32\bdaB38A.tmp
2012-05-15 04:01 . 2012-06-13 06:20 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 03:59 . 2012-06-13 06:20 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-05-15 03:03 . 2012-06-13 06:20 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-05-04 11:06 . 2012-06-13 06:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 06:19 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 06:19 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 06:19 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 06:19 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 06:19 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 06:19 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 06:19 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 06:19 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 06:19 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 06:19 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 06:19 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 06:19 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 06:19 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2011-08-24 130864]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2012-02-10 09:28 1307928 ------w- c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-08-24 16:21 1299248 ------w- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"= "c:\program files (x86)\DevNet\Toolbar\DevNet.dll" [2012-05-30 488784]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{3ea8d036-c9e7-4721-bcdf-c13d00c4cc39}]
[HKEY_CLASSES_ROOT\IadahToolbar.IEHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{A26CCE4F-8765-482B-A9F5-7D0A1635C08C}]
[HKEY_CLASSES_ROOT\IadahToolbar.IEHook]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid\Vid.exe" [2010-05-11 6061400]
"Logitech Vid HD"="c:\program files (x86)\Logitech\Vid\vid.exe" [2010-05-11 6061400]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2012-06-08 958392]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-04-25 61112]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-02 847872]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"PMSpeed"="c:\program files (x86)\NewSoft\Presto! PageManager 9 for EP\PMSpeed.EXE" [2009-12-04 112464]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2011-12-05 114992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"LogMeIn Hamachi Ui"="j:\logiciel\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
.
c:\users\Jeffrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dyn Updater Tray Icon.lnk - j:\logiciel\DynDNS Updater\DynTray.exe [2011-11-15 78192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 DhaHelper;DhaHelper;c:\windows\system32\drivers\dhahelper.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-07-20 36328]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2012-02-17 545064]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [2012-07-18 79952]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-05-21 99384]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-02 16640]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-20 21712]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-06-26 1436424]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-05-19 13352]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
R3 lvsels64;Logitech Selective Suspend Filter;c:\windows\system32\DRIVERS\lvsels64.sys [2010-05-14 68064]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-07-09 421376]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2012-07-18 75384]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-07-20 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-07-20 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-07-20 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-07-20 146920]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-05-21 203320]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-14 466736]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-17 1255736]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2012-03-20 691896]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-11-14 90192]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [2010-01-19 103944]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
S2 Dyn Updater;Dyn Updater;j:\logiciel\DynDNS Updater\DynUpSvc.exe [2011-11-15 95608]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;j:\logiciel\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2010-07-15 2641920]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-15 2458944]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-07-18 67904]
S2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-05-08 185856]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2011-11-25 258736]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [2012-01-18 25632]
S3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);c:\windows\system32\DRIVERS\hcwD3bda64.sys [2010-07-15 116352]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-12-19 852256]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-11-09 187200]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
Contenu du dossier 'Tâches planifiées'
.
2012-07-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 12:43]
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 19:29]
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 19:29]
.
2012-06-24 c:\windows\Tasks\HPCeeScheduleForFABIOLA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-18 c:\windows\Tasks\HPCeeScheduleForFabiola.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-11 c:\windows\Tasks\HPCeeScheduleForJeffrey.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-06 c:\windows\Tasks\HPCeeScheduleForOrnella.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
2012-05-08 13:15 201728 ------w- c:\program files\Web Assistant\Extension64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2010-05-17 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe" [2010-05-17 148280]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2008-05-24 26448]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"CTCheck"="c:\program files\Creative\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2012-07-18 1067768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: Télécharger avec Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
TCP: DhcpNameServer = 192.168.0.254
TCP: Interfaces\{7A374A40-0B69-43C4-BE91-B7D3D057AD68}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?hl=fr&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-incredibar - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-Windows Searchqu Toolbar - c:\program files (x86)\Windows Searchqu Toolbar\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\SetId\Internal]
@Denied: (A 2) (LocalSystem)
"DATA2"="<settings accountStatus=\"1\" oldDevice=\"\" timeDiff=\"1342524685\" expireTime=\"31494514\" productStatus=\"1\" obSize=\"2\" InstallTS=\"1289332796\" isSubsc=\"0\" authStat_ts=\"0\" version=\"14.1\" keyType=\"194\" prodId=\"1\" moduleId1=\"7\" moduleId2=\"10\" relType=\"1\" />"
"DEVICE2"="vaaur8rPygA="
.
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:91,ad,28,fb,72,0a,75,03,6a,fe,b9,33,31,eb,9c,5e,d5,f1,7f,d3,d7,0f,07,
2c,53,a0,42,1a,91,67,b7,6a,4f,60,98,5e,6d,8f,83,cb,00,8b,b3,54,a3,3c,40,bd,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\License information*]
"datasecu"=hex:93,08,ab,39,3b,b4,61,16,ca,54,20,07,ed,3c,59,03,54,7c,98,38,07,
a8,28,a7,a2,a6,7a,4e,9e,d5,aa,9d,44,bf,f7,e9,cb,b8,b7,b3,0b,a9,91,ee,d2,57,\
"rkeysecu"=hex:c9,5b,ca,7b,1d,08,02,54,4e,82,b1,30,3a,7a,d2,f2
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\windows\System32\spool\drivers\x64\3\WrtProc.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
.
**************************************************************************
.
Heure de fin: 2012-07-22 18:14:02 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-07-22 16:14
.
Avant-CF: 92 157 243 392 octets libres
Après-CF: 124 870 631 424 octets libres
.
- - End Of File - - 3CD8891BB3AE4F374B57FFC5F7651CF3
Voila la suite.
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\83_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\83_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\84_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\84_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\85_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\85_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\89_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\89_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\back.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\background.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\background_1.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\background_1days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\background_2days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\background_7days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\backPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\band.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\band_small.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\close.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\closePressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\dayPrevisionBackground.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\dayPrevisionClose.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\earth.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\fonds_écran.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\help.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\helpPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\minimise.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\minimisePressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\next.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\nextPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\option.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\optionPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\reflet_ecran.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\small_background.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_classic\Thumbs.db
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\67_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\67_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\69_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\69_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\70_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\70_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\78_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\78_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\82_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\82_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\83_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\83_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\84_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\84_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\85_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\85_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\89_day.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\89_night.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\about.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\back.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_1.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_1days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_2days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\background_7days.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\backPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\close.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\closePressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\earth.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\fonds_écran.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\help.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\helpPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\minimise.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\minimisePressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\next.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\nextPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\option.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\optionPressed.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\reflet_ecran.png
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\Thumbs.db
c:\users\Ornella\AppData\Roaming\eoRezo\EoWeather\images_station_meteo\txt_14x13.png
c:\users\Ornella\AppData\Roaming\eoRezo\host.cyp
c:\users\Ornella\AppData\Roaming\eoRezo\user.cyp
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\@
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\L\00000004.@
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\L\1afb2d56
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\L\201d3dde
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\n
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000032.@
c:\windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000064.@
c:\windows\SysWow64\muzapp.exe
.
Une copie infectée de c:\windows\system32\Services.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-06-22 au 2012-07-22 ))))))))))))))))))))))))))))))))))))
.
.
2012-07-22 16:03 . 2012-07-22 16:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-22 16:03 . 2012-07-22 16:03 -------- d-----w- c:\users\Fabiola\AppData\Local\temp
2012-07-22 16:03 . 2012-07-22 16:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-18 11:49 . 2012-07-18 11:49 79952 ------w- c:\windows\system32\drivers\bdsandbox.sys
2012-07-18 10:05 . 2012-07-18 10:05 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\Seik
2012-07-18 06:04 . 2012-07-18 06:04 -------- d-----w- c:\users\Fabiola\AppData\Roaming\Bitdefender
2012-07-17 11:08 . 2012-07-17 11:08 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\liQeNSoft
2012-07-17 11:07 . 2012-07-17 11:11 -------- d-----w- c:\users\Jeffrey\AppData\Local\liQeNSoft
2012-07-17 11:02 . 2012-07-17 11:02 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\Bitdefender
2012-07-17 11:02 . 2012-07-17 11:03 -------- d-----w- c:\programdata\Bitdefender
2012-07-17 10:58 . 2011-10-27 13:07 329800 ------w- c:\windows\system32\drivers\trufos.sys
2012-07-17 10:58 . 2011-08-16 12:59 442088 ------w- c:\windows\system32\drivers\bdfsfltr.sys
2012-07-16 11:00 . 2012-07-16 11:00 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-07-16 10:50 . 2012-07-17 11:50 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\xsecva
2012-07-12 06:56 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-07 18:40 . 2012-07-07 18:40 -------- d-----w- c:\programdata\Wild Tangent
2012-07-07 18:38 . 2012-07-07 18:38 -------- d-----w- c:\users\Ornella\AppData\Roaming\FloodLightGames
2012-07-07 18:38 . 2012-07-07 18:38 -------- d-----w- c:\programdata\FloodLightGames
2012-07-07 18:31 . 2012-07-07 18:31 -------- d-----w- c:\users\Ornella\AppData\Roaming\WildTangent
2012-06-29 11:20 . 2012-03-15 00:00 2529540 ----a-w- c:\windows\system32\nvcoproc.bin
2012-06-29 11:04 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-06-29 11:04 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-06-22 16:58 . 2012-07-15 03:26 -------- d-----w- c:\programdata\Recovery
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-16 12:43 . 2012-04-01 20:21 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-16 12:43 . 2011-05-16 20:39 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 06:48 . 2011-05-17 15:29 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-02 22:19 . 2012-06-21 06:55 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 06:55 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 06:56 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 06:55 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 06:55 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 06:55 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 06:55 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 06:55 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 06:55 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-28 22:38 . 2012-05-28 22:38 330240 ------w- c:\windows\MASetupCaller.dll
2012-05-23 16:50 . 2011-08-04 19:02 4659712 ------w- c:\windows\SysWow64\Redemption.dll
2012-05-23 16:49 . 2012-05-23 16:49 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-05-23 16:49 . 2011-08-04 19:02 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-05-21 02:09 . 2012-06-16 15:46 99384 ------w- c:\windows\system32\drivers\ssudbus.sys
2012-05-21 02:09 . 2012-06-16 15:46 203320 ------w- c:\windows\system32\drivers\ssudmdm.sys
2012-05-19 12:17 . 2012-05-19 12:17 27176 ------w- c:\windows\system32\drivers\ggsemc.sys
2012-05-19 12:17 . 2012-05-19 12:17 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-05-19 12:17 . 2012-05-19 12:17 13352 ------w- c:\windows\system32\drivers\ggflt.sys
2012-05-17 10:02 . 2012-05-17 10:02 2577 ----a-w- c:\windows\system32\bdaB38A.tmp
2012-05-15 04:01 . 2012-06-13 06:20 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 03:59 . 2012-06-13 06:20 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-05-15 03:03 . 2012-06-13 06:20 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-05-04 11:06 . 2012-06-13 06:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 06:19 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 06:19 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 06:19 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 06:19 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 06:19 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 06:19 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 06:19 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 06:19 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 06:19 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 06:19 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 06:19 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 06:19 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 06:19 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2011-08-24 130864]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2012-02-10 09:28 1307928 ------w- c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-08-24 16:21 1299248 ------w- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"= "c:\program files (x86)\DevNet\Toolbar\DevNet.dll" [2012-05-30 488784]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{3ea8d036-c9e7-4721-bcdf-c13d00c4cc39}]
[HKEY_CLASSES_ROOT\IadahToolbar.IEHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{A26CCE4F-8765-482B-A9F5-7D0A1635C08C}]
[HKEY_CLASSES_ROOT\IadahToolbar.IEHook]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid\Vid.exe" [2010-05-11 6061400]
"Logitech Vid HD"="c:\program files (x86)\Logitech\Vid\vid.exe" [2010-05-11 6061400]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2012-06-08 958392]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-04-25 61112]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-02 847872]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"PMSpeed"="c:\program files (x86)\NewSoft\Presto! PageManager 9 for EP\PMSpeed.EXE" [2009-12-04 112464]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2011-12-05 114992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"LogMeIn Hamachi Ui"="j:\logiciel\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
.
c:\users\Jeffrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dyn Updater Tray Icon.lnk - j:\logiciel\DynDNS Updater\DynTray.exe [2011-11-15 78192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 DhaHelper;DhaHelper;c:\windows\system32\drivers\dhahelper.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-07-20 36328]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2012-02-17 545064]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [2012-07-18 79952]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-05-21 99384]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-02 16640]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-20 21712]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-06-26 1436424]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-05-19 13352]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
R3 lvsels64;Logitech Selective Suspend Filter;c:\windows\system32\DRIVERS\lvsels64.sys [2010-05-14 68064]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-07-09 421376]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2012-07-18 75384]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-07-20 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-07-20 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-07-20 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-07-20 146920]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-05-21 203320]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-14 466736]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-17 1255736]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2012-03-20 691896]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-11-14 90192]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [2010-01-19 103944]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
S2 Dyn Updater;Dyn Updater;j:\logiciel\DynDNS Updater\DynUpSvc.exe [2011-11-15 95608]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;j:\logiciel\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2010-07-15 2641920]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-15 2458944]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-07-18 67904]
S2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-05-08 185856]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2011-11-25 258736]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [2012-01-18 25632]
S3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);c:\windows\system32\DRIVERS\hcwD3bda64.sys [2010-07-15 116352]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-12-19 852256]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-11-09 187200]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
Contenu du dossier 'Tâches planifiées'
.
2012-07-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 12:43]
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 19:29]
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 19:29]
.
2012-06-24 c:\windows\Tasks\HPCeeScheduleForFABIOLA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-18 c:\windows\Tasks\HPCeeScheduleForFabiola.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-11 c:\windows\Tasks\HPCeeScheduleForJeffrey.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-06 c:\windows\Tasks\HPCeeScheduleForOrnella.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
2012-05-08 13:15 201728 ------w- c:\program files\Web Assistant\Extension64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2010-05-17 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe" [2010-05-17 148280]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2008-05-24 26448]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"CTCheck"="c:\program files\Creative\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2012-07-18 1067768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: Télécharger avec Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
TCP: DhcpNameServer = 192.168.0.254
TCP: Interfaces\{7A374A40-0B69-43C4-BE91-B7D3D057AD68}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?hl=fr&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-incredibar - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-Windows Searchqu Toolbar - c:\program files (x86)\Windows Searchqu Toolbar\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\SetId\Internal]
@Denied: (A 2) (LocalSystem)
"DATA2"="<settings accountStatus=\"1\" oldDevice=\"\" timeDiff=\"1342524685\" expireTime=\"31494514\" productStatus=\"1\" obSize=\"2\" InstallTS=\"1289332796\" isSubsc=\"0\" authStat_ts=\"0\" version=\"14.1\" keyType=\"194\" prodId=\"1\" moduleId1=\"7\" moduleId2=\"10\" relType=\"1\" />"
"DEVICE2"="vaaur8rPygA="
.
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:91,ad,28,fb,72,0a,75,03,6a,fe,b9,33,31,eb,9c,5e,d5,f1,7f,d3,d7,0f,07,
2c,53,a0,42,1a,91,67,b7,6a,4f,60,98,5e,6d,8f,83,cb,00,8b,b3,54,a3,3c,40,bd,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\License information*]
"datasecu"=hex:93,08,ab,39,3b,b4,61,16,ca,54,20,07,ed,3c,59,03,54,7c,98,38,07,
a8,28,a7,a2,a6,7a,4e,9e,d5,aa,9d,44,bf,f7,e9,cb,b8,b7,b3,0b,a9,91,ee,d2,57,\
"rkeysecu"=hex:c9,5b,ca,7b,1d,08,02,54,4e,82,b1,30,3a,7a,d2,f2
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\windows\System32\spool\drivers\x64\3\WrtProc.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
.
**************************************************************************
.
Heure de fin: 2012-07-22 18:14:02 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-07-22 16:14
.
Avant-CF: 92 157 243 392 octets libres
Après-CF: 124 870 631 424 octets libres
.
- - End Of File - - 3CD8891BB3AE4F374B57FFC5F7651CF3
Voila la suite.
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 795
22 juil. 2012 à 18:46
22 juil. 2012 à 18:46
OK.
Eh ben y'a pas mal de choses inutiles/publiciels/...
Attention quand tu installe des programmes à décocher les choses optionnelles ...
==============================
Désinstalle SweetIM
==============================
__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------
Toujours avec toutes les protections désactivées, fais ceci :
▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui est entre les lignes ci dessous (sans les lignes) :
----------------------------------------------------------
KillAll::
ClearJavaCache::
Folder::
c:\windows\SysWow64\%APPDATA%
c:\users\Jeffrey\AppData\Roaming\Seik
c:\users\Jeffrey\AppData\Roaming\xsecva
c:\program files (x86)\SweetIM
File::
c:\windows\system32\bdaB38A.tmp
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[-HKEY_CLASSES_ROOT\clsid\{3ea8d036-c9e7-4721-bcdf-c13d00c4cc39}]
[-HKEY_CLASSES_ROOT\IadahToolbar.IEHook.1]
[-HKEY_CLASSES_ROOT\TypeLib\{A26CCE4F-8765-482B-A9F5-7D0A1635C08C}]
[-HKEY_CLASSES_ROOT\IadahToolbar.IEHook]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
"SweetIM"=-
"iTunesHelper"=-
RegLock::
[HKEY_USERS\.Default\Software\SetId\Internal]
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
------------------------------------------------------------------
▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes
▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix comme ceci : Illustration
▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt
====================================================
Ensuite
▶ Télécharge sur cette page: AdwCleaner (de Xplode)
▶ Lance-le, clique sur Suppression et patiente le temps du nettoyage.
▶ Poste le contenu du rapport que tu trouveras dans ton disque dur c:\ADwcleaner[Sx].txt ou son contenu s'il s'ouvre.
Eh ben y'a pas mal de choses inutiles/publiciels/...
Attention quand tu installe des programmes à décocher les choses optionnelles ...
==============================
Désinstalle SweetIM
==============================
__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------
Toujours avec toutes les protections désactivées, fais ceci :
▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui est entre les lignes ci dessous (sans les lignes) :
----------------------------------------------------------
KillAll::
ClearJavaCache::
Folder::
c:\windows\SysWow64\%APPDATA%
c:\users\Jeffrey\AppData\Roaming\Seik
c:\users\Jeffrey\AppData\Roaming\xsecva
c:\program files (x86)\SweetIM
File::
c:\windows\system32\bdaB38A.tmp
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
"{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[-HKEY_CLASSES_ROOT\clsid\{3ea8d036-c9e7-4721-bcdf-c13d00c4cc39}]
[-HKEY_CLASSES_ROOT\IadahToolbar.IEHook.1]
[-HKEY_CLASSES_ROOT\TypeLib\{A26CCE4F-8765-482B-A9F5-7D0A1635C08C}]
[-HKEY_CLASSES_ROOT\IadahToolbar.IEHook]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
"SweetIM"=-
"iTunesHelper"=-
RegLock::
[HKEY_USERS\.Default\Software\SetId\Internal]
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
------------------------------------------------------------------
▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes
▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix comme ceci : Illustration
▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt
====================================================
Ensuite
▶ Télécharge sur cette page: AdwCleaner (de Xplode)
▶ Lance-le, clique sur Suppression et patiente le temps du nettoyage.
▶ Poste le contenu du rapport que tu trouveras dans ton disque dur c:\ADwcleaner[Sx].txt ou son contenu s'il s'ouvre.
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
22 juil. 2012 à 19:49
22 juil. 2012 à 19:49
Le nouvel écrit est présent ci-dessous, j'aimerais savoir par contre si je dois attendre une réponse par rapport aux informations ci-dessous ou si je dois tout de suite lancer le second logiciel.
ComboFix 12-07-21.01 - Jeffrey 22/07/2012 19:04:47.2.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.6071.3823 [GMT 2:00]
Lancé depuis: c:\users\Jeffrey\Desktop\Contre.exe
Commutateurs utilisés :: c:\users\Jeffrey\Desktop\CFScript.txt
AV: Bitdefender Antivirus *Disabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
FW: Bitdefender Pare-feu *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
SP: Bitdefender Antispyware *Disabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\bdaB38A.tmp"
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jeffrey\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
c:\users\Jeffrey\AppData\Roaming\Seik
c:\users\Jeffrey\AppData\Roaming\xsecva
c:\users\Jeffrey\AppData\Roaming\xsecva\xseacc.xse
c:\windows\system32\bdaB38A.tmp
c:\windows\SysWow64\%APPDATA%
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-06-22 au 2012-07-22 ))))))))))))))))))))))))))))))))))))
.
.
2012-07-22 17:17 . 2012-07-22 17:17 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-22 17:17 . 2012-07-22 17:17 -------- d-----w- c:\users\Fabiola\AppData\Local\temp
2012-07-22 17:17 . 2012-07-22 17:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-22 16:59 . 2012-07-22 16:59 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\Yahoo!
2012-07-18 11:49 . 2012-07-18 11:49 79952 ------w- c:\windows\system32\drivers\bdsandbox.sys
2012-07-18 06:04 . 2012-07-18 06:04 -------- d-----w- c:\users\Fabiola\AppData\Roaming\Bitdefender
2012-07-17 11:08 . 2012-07-17 11:08 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\liQeNSoft
2012-07-17 11:07 . 2012-07-17 11:11 -------- d-----w- c:\users\Jeffrey\AppData\Local\liQeNSoft
2012-07-17 11:02 . 2012-07-17 11:02 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\Bitdefender
2012-07-17 11:02 . 2012-07-17 11:03 -------- d-----w- c:\programdata\Bitdefender
2012-07-17 10:58 . 2011-10-27 13:07 329800 ------w- c:\windows\system32\drivers\trufos.sys
2012-07-17 10:58 . 2011-08-16 12:59 442088 ------w- c:\windows\system32\drivers\bdfsfltr.sys
2012-07-12 06:56 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-07 18:40 . 2012-07-07 18:40 -------- d-----w- c:\programdata\Wild Tangent
2012-07-07 18:38 . 2012-07-07 18:38 -------- d-----w- c:\users\Ornella\AppData\Roaming\FloodLightGames
2012-07-07 18:38 . 2012-07-07 18:38 -------- d-----w- c:\programdata\FloodLightGames
2012-07-07 18:31 . 2012-07-07 18:31 -------- d-----w- c:\users\Ornella\AppData\Roaming\WildTangent
2012-06-29 11:20 . 2012-03-15 00:00 2529540 ----a-w- c:\windows\system32\nvcoproc.bin
2012-06-29 11:04 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-06-29 11:04 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-16 12:43 . 2012-04-01 20:21 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-16 12:43 . 2011-05-16 20:39 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 06:48 . 2011-05-17 15:29 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-02 22:19 . 2012-06-21 06:55 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 06:55 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 06:56 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 06:55 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 06:55 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 06:55 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 06:55 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 06:55 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 06:55 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-28 22:38 . 2012-05-28 22:38 330240 ------w- c:\windows\MASetupCaller.dll
2012-05-23 16:50 . 2011-08-04 19:02 4659712 ------w- c:\windows\SysWow64\Redemption.dll
2012-05-23 16:49 . 2012-05-23 16:49 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-05-23 16:49 . 2011-08-04 19:02 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-05-21 02:09 . 2012-06-16 15:46 99384 ------w- c:\windows\system32\drivers\ssudbus.sys
2012-05-21 02:09 . 2012-06-16 15:46 203320 ------w- c:\windows\system32\drivers\ssudmdm.sys
2012-05-19 12:17 . 2012-05-19 12:17 27176 ------w- c:\windows\system32\drivers\ggsemc.sys
2012-05-19 12:17 . 2012-05-19 12:17 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-05-19 12:17 . 2012-05-19 12:17 13352 ------w- c:\windows\system32\drivers\ggflt.sys
2012-05-15 04:01 . 2012-06-13 06:20 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 03:59 . 2012-06-13 06:20 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-05-15 03:03 . 2012-06-13 06:20 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-05-04 11:06 . 2012-06-13 06:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 06:19 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 06:19 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 06:19 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 06:19 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 06:19 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 06:19 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 06:19 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 06:19 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 06:19 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 06:19 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 06:19 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 06:19 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 06:19 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-22_16.05.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-07-22 13:52 . 2012-07-22 16:05 65536 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-07-22 13:52 . 2012-07-22 15:40 65536 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 05:10 . 2012-07-22 17:20 43174 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-05-18 12:38 . 2012-07-22 17:20 14310 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3121145043-4052942828-115864558-1001_UserData.bin
- 2011-05-17 02:01 . 2012-07-22 16:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-17 02:01 . 2012-07-22 17:19 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-17 02:01 . 2012-07-22 16:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-05-17 02:01 . 2012-07-22 17:19 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-22 16:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-22 17:19 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-16 18:48 . 2012-07-22 16:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-16 18:48 . 2012-07-22 17:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-16 18:48 . 2012-07-22 17:20 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-05-16 18:48 . 2012-07-22 16:07 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-05-16 18:48 . 2012-07-22 16:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-16 18:48 . 2012-07-22 17:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-18 04:44 . 2012-07-22 17:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-18 04:44 . 2012-07-22 16:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-18 04:44 . 2012-07-22 17:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-18 04:44 . 2012-07-22 16:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-07-22 16:05 . 2012-07-22 16:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-22 17:18 . 2012-07-22 17:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-22 17:18 . 2012-07-22 17:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-22 16:05 . 2012-07-22 16:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 04:54 . 2012-07-22 15:40 475136 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-22 16:05 475136 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-16 18:48 . 2012-07-22 17:20 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-05-16 18:48 . 2012-07-22 16:07 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2012-07-22 17:17 544520 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-07-22 16:04 544520 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:54 . 2012-07-22 16:05 1785856 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-22 15:40 1785856 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-05-18 12:34 . 2012-07-22 17:17 58182120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3121145043-4052942828-115864558-1001-8192.dat
- 2011-05-18 12:34 . 2012-07-22 16:04 58182120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3121145043-4052942828-115864558-1001-8192.dat
+ 2011-05-16 18:54 . 2012-07-22 17:17 19969140 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3121145043-4052942828-115864558-1000-8192.dat
- 2011-05-16 18:54 . 2012-07-20 15:44 19969140 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3121145043-4052942828-115864558-1000-8192.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll" [2012-01-12 1517368]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2012-02-10 09:28 1307928 ------w- c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid\Vid.exe" [2010-05-11 6061400]
"Logitech Vid HD"="c:\program files (x86)\Logitech\Vid\vid.exe" [2010-05-11 6061400]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2012-06-08 958392]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-04-25 61112]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-02 847872]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"PMSpeed"="c:\program files (x86)\NewSoft\Presto! PageManager 9 for EP\PMSpeed.EXE" [2009-12-04 112464]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"LogMeIn Hamachi Ui"="j:\logiciel\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
.
c:\users\Jeffrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dyn Updater Tray Icon.lnk - j:\logiciel\DynDNS Updater\DynTray.exe [2011-11-15 78192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 DhaHelper;DhaHelper;c:\windows\system32\drivers\dhahelper.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-05-08 185856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-07-20 36328]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2012-02-17 545064]
R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [2012-07-18 79952]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-05-21 99384]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-02 16640]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-20 21712]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-06-26 1436424]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-05-19 13352]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
R3 lvsels64;Logitech Selective Suspend Filter;c:\windows\system32\DRIVERS\lvsels64.sys [2010-05-14 68064]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-07-09 421376]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2012-07-18 75384]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-07-20 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-07-20 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-07-20 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-07-20 146920]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-05-21 203320]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-14 466736]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-17 1255736]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2012-03-20 691896]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-11-14 90192]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [2010-01-19 103944]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Dyn Updater;Dyn Updater;j:\logiciel\DynDNS Updater\DynUpSvc.exe [2011-11-15 95608]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;j:\logiciel\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2010-07-15 2641920]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-15 2458944]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-07-18 67904]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2011-11-25 258736]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [2012-01-18 25632]
S3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);c:\windows\system32\DRIVERS\hcwD3bda64.sys [2010-07-15 116352]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-12-19 852256]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-11-09 187200]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-07-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 12:43]
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 19:29]
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 19:29]
.
2012-06-24 c:\windows\Tasks\HPCeeScheduleForFABIOLA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-18 c:\windows\Tasks\HPCeeScheduleForFabiola.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-11 c:\windows\Tasks\HPCeeScheduleForJeffrey.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-06 c:\windows\Tasks\HPCeeScheduleForOrnella.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2010-05-17 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe" [2010-05-17 148280]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2008-05-24 26448]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"CTCheck"="c:\program files\Creative\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2012-07-18 1067768]
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: Télécharger avec Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
TCP: Interfaces\{7A374A40-0B69-43C4-BE91-B7D3D057AD68}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?hl=fr&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\SetId\Internal]
@Denied: (A 2) (LocalSystem)
"DATA2"="<settings accountStatus=\"1\" oldDevice=\"\" timeDiff=\"1342524685\" expireTime=\"31494514\" productStatus=\"1\" obSize=\"2\" InstallTS=\"1289332796\" isSubsc=\"0\" authStat_ts=\"0\" version=\"14.1\" keyType=\"194\" prodId=\"1\" moduleId1=\"7\" moduleId2=\"10\" relType=\"1\" />"
"DEVICE2"="vaaur8rPygA="
.
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:91,ad,28,fb,72,0a,75,03,6a,fe,b9,33,31,eb,9c,5e,d5,f1,7f,d3,d7,0f,07,
2c,53,a0,42,1a,91,67,b7,6a,4f,60,98,5e,6d,8f,83,cb,00,8b,b3,54,a3,3c,40,bd,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\License information*]
"datasecu"=hex:93,08,ab,39,3b,b4,61,16,ca,54,20,07,ed,3c,59,03,54,7c,98,38,07,
a8,28,a7,a2,a6,7a,4e,9e,d5,aa,9d,44,bf,f7,e9,cb,b8,b7,b3,0b,a9,91,ee,d2,57,\
"rkeysecu"=hex:c9,5b,ca,7b,1d,08,02,54,4e,82,b1,30,3a,7a,d2,f2
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\System32\spool\drivers\x64\3\WrtProc.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
.
**************************************************************************
.
Heure de fin: 2012-07-22 19:47:24 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-07-22 17:47
ComboFix2.txt 2012-07-22 16:14
.
Avant-CF: 124 427 898 880 octets libres
Après-CF: 124 352 462 848 octets libres
.
- - End Of File - - 01DB087F36A8091E3E71671DAD6AF76A
ComboFix 12-07-21.01 - Jeffrey 22/07/2012 19:04:47.2.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.6071.3823 [GMT 2:00]
Lancé depuis: c:\users\Jeffrey\Desktop\Contre.exe
Commutateurs utilisés :: c:\users\Jeffrey\Desktop\CFScript.txt
AV: Bitdefender Antivirus *Disabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
FW: Bitdefender Pare-feu *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
SP: Bitdefender Antispyware *Disabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\bdaB38A.tmp"
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jeffrey\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
c:\users\Jeffrey\AppData\Roaming\Seik
c:\users\Jeffrey\AppData\Roaming\xsecva
c:\users\Jeffrey\AppData\Roaming\xsecva\xseacc.xse
c:\windows\system32\bdaB38A.tmp
c:\windows\SysWow64\%APPDATA%
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-06-22 au 2012-07-22 ))))))))))))))))))))))))))))))))))))
.
.
2012-07-22 17:17 . 2012-07-22 17:17 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-22 17:17 . 2012-07-22 17:17 -------- d-----w- c:\users\Fabiola\AppData\Local\temp
2012-07-22 17:17 . 2012-07-22 17:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-22 16:59 . 2012-07-22 16:59 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\Yahoo!
2012-07-18 11:49 . 2012-07-18 11:49 79952 ------w- c:\windows\system32\drivers\bdsandbox.sys
2012-07-18 06:04 . 2012-07-18 06:04 -------- d-----w- c:\users\Fabiola\AppData\Roaming\Bitdefender
2012-07-17 11:08 . 2012-07-17 11:08 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\liQeNSoft
2012-07-17 11:07 . 2012-07-17 11:11 -------- d-----w- c:\users\Jeffrey\AppData\Local\liQeNSoft
2012-07-17 11:02 . 2012-07-17 11:02 -------- d-----w- c:\users\Jeffrey\AppData\Roaming\Bitdefender
2012-07-17 11:02 . 2012-07-17 11:03 -------- d-----w- c:\programdata\Bitdefender
2012-07-17 10:58 . 2011-10-27 13:07 329800 ------w- c:\windows\system32\drivers\trufos.sys
2012-07-17 10:58 . 2011-08-16 12:59 442088 ------w- c:\windows\system32\drivers\bdfsfltr.sys
2012-07-12 06:56 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-07 18:40 . 2012-07-07 18:40 -------- d-----w- c:\programdata\Wild Tangent
2012-07-07 18:38 . 2012-07-07 18:38 -------- d-----w- c:\users\Ornella\AppData\Roaming\FloodLightGames
2012-07-07 18:38 . 2012-07-07 18:38 -------- d-----w- c:\programdata\FloodLightGames
2012-07-07 18:31 . 2012-07-07 18:31 -------- d-----w- c:\users\Ornella\AppData\Roaming\WildTangent
2012-06-29 11:20 . 2012-03-15 00:00 2529540 ----a-w- c:\windows\system32\nvcoproc.bin
2012-06-29 11:04 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-06-29 11:04 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-16 12:43 . 2012-04-01 20:21 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-16 12:43 . 2011-05-16 20:39 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 06:48 . 2011-05-17 15:29 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-02 22:19 . 2012-06-21 06:55 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 06:55 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 06:56 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 06:55 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 06:55 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 06:55 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 06:55 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 06:55 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 06:55 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-28 22:38 . 2012-05-28 22:38 330240 ------w- c:\windows\MASetupCaller.dll
2012-05-23 16:50 . 2011-08-04 19:02 4659712 ------w- c:\windows\SysWow64\Redemption.dll
2012-05-23 16:49 . 2012-05-23 16:49 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-05-23 16:49 . 2011-08-04 19:02 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-05-21 02:09 . 2012-06-16 15:46 99384 ------w- c:\windows\system32\drivers\ssudbus.sys
2012-05-21 02:09 . 2012-06-16 15:46 203320 ------w- c:\windows\system32\drivers\ssudmdm.sys
2012-05-19 12:17 . 2012-05-19 12:17 27176 ------w- c:\windows\system32\drivers\ggsemc.sys
2012-05-19 12:17 . 2012-05-19 12:17 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-05-19 12:17 . 2012-05-19 12:17 13352 ------w- c:\windows\system32\drivers\ggflt.sys
2012-05-15 04:01 . 2012-06-13 06:20 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 03:59 . 2012-06-13 06:20 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-05-15 03:03 . 2012-06-13 06:20 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-05-04 11:06 . 2012-06-13 06:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 06:19 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 06:19 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 06:19 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 06:19 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 06:19 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 06:19 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 06:19 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 06:19 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 06:19 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 06:19 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 06:19 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 06:19 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 06:19 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-22_16.05.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-07-22 13:52 . 2012-07-22 16:05 65536 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-07-22 13:52 . 2012-07-22 15:40 65536 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 05:10 . 2012-07-22 17:20 43174 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-05-18 12:38 . 2012-07-22 17:20 14310 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3121145043-4052942828-115864558-1001_UserData.bin
- 2011-05-17 02:01 . 2012-07-22 16:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-17 02:01 . 2012-07-22 17:19 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-17 02:01 . 2012-07-22 16:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-05-17 02:01 . 2012-07-22 17:19 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-22 16:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-22 17:19 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-16 18:48 . 2012-07-22 16:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-16 18:48 . 2012-07-22 17:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-16 18:48 . 2012-07-22 17:20 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-05-16 18:48 . 2012-07-22 16:07 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-05-16 18:48 . 2012-07-22 16:07 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-16 18:48 . 2012-07-22 17:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-18 04:44 . 2012-07-22 17:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-18 04:44 . 2012-07-22 16:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-18 04:44 . 2012-07-22 17:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-18 04:44 . 2012-07-22 16:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-07-22 16:05 . 2012-07-22 16:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-22 17:18 . 2012-07-22 17:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-22 17:18 . 2012-07-22 17:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-22 16:05 . 2012-07-22 16:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 04:54 . 2012-07-22 15:40 475136 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-22 16:05 475136 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-16 18:48 . 2012-07-22 17:20 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-05-16 18:48 . 2012-07-22 16:07 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2012-07-22 17:17 544520 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-07-22 16:04 544520 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:54 . 2012-07-22 16:05 1785856 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-22 15:40 1785856 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-05-18 12:34 . 2012-07-22 17:17 58182120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3121145043-4052942828-115864558-1001-8192.dat
- 2011-05-18 12:34 . 2012-07-22 16:04 58182120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3121145043-4052942828-115864558-1001-8192.dat
+ 2011-05-16 18:54 . 2012-07-22 17:17 19969140 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3121145043-4052942828-115864558-1000-8192.dat
- 2011-05-16 18:54 . 2012-07-20 15:44 19969140 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3121145043-4052942828-115864558-1000-8192.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll" [2012-01-12 1517368]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2012-02-10 09:28 1307928 ------w- c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid\Vid.exe" [2010-05-11 6061400]
"Logitech Vid HD"="c:\program files (x86)\Logitech\Vid\vid.exe" [2010-05-11 6061400]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2012-06-08 958392]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-04-25 61112]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-02 847872]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"PMSpeed"="c:\program files (x86)\NewSoft\Presto! PageManager 9 for EP\PMSpeed.EXE" [2009-12-04 112464]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"LogMeIn Hamachi Ui"="j:\logiciel\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
.
c:\users\Jeffrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dyn Updater Tray Icon.lnk - j:\logiciel\DynDNS Updater\DynTray.exe [2011-11-15 78192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 DhaHelper;DhaHelper;c:\windows\system32\drivers\dhahelper.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-05-08 185856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-07-20 36328]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2012-02-17 545064]
R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [2012-07-18 79952]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-05-21 99384]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-02 16640]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-20 21712]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-06-26 1436424]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-05-19 13352]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
R3 lvsels64;Logitech Selective Suspend Filter;c:\windows\system32\DRIVERS\lvsels64.sys [2010-05-14 68064]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-07-09 421376]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2012-07-18 75384]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-07-20 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-07-20 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-07-20 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-07-20 146920]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-05-21 203320]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-14 466736]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-17 1255736]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2012-03-20 691896]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-11-14 90192]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [2010-01-19 103944]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Dyn Updater;Dyn Updater;j:\logiciel\DynDNS Updater\DynUpSvc.exe [2011-11-15 95608]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;j:\logiciel\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2010-07-15 2641920]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-15 2458944]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-07-18 67904]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2011-11-25 258736]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [2012-01-18 25632]
S3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);c:\windows\system32\DRIVERS\hcwD3bda64.sys [2010-07-15 116352]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-12-19 852256]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-11-09 187200]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-07-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 12:43]
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 19:29]
.
2012-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 19:29]
.
2012-06-24 c:\windows\Tasks\HPCeeScheduleForFABIOLA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-18 c:\windows\Tasks\HPCeeScheduleForFabiola.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-11 c:\windows\Tasks\HPCeeScheduleForJeffrey.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2012-07-06 c:\windows\Tasks\HPCeeScheduleForOrnella.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2012-07-18 11:49 266952 ------w- c:\program files\BitDefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2010-05-17 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe" [2010-05-17 148280]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2008-05-24 26448]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"CTCheck"="c:\program files\Creative\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2012-07-18 1067768]
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: Télécharger avec Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
TCP: Interfaces\{7A374A40-0B69-43C4-BE91-B7D3D057AD68}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?hl=fr&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\SetId\Internal]
@Denied: (A 2) (LocalSystem)
"DATA2"="<settings accountStatus=\"1\" oldDevice=\"\" timeDiff=\"1342524685\" expireTime=\"31494514\" productStatus=\"1\" obSize=\"2\" InstallTS=\"1289332796\" isSubsc=\"0\" authStat_ts=\"0\" version=\"14.1\" keyType=\"194\" prodId=\"1\" moduleId1=\"7\" moduleId2=\"10\" relType=\"1\" />"
"DEVICE2"="vaaur8rPygA="
.
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:91,ad,28,fb,72,0a,75,03,6a,fe,b9,33,31,eb,9c,5e,d5,f1,7f,d3,d7,0f,07,
2c,53,a0,42,1a,91,67,b7,6a,4f,60,98,5e,6d,8f,83,cb,00,8b,b3,54,a3,3c,40,bd,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_USERS\S-1-5-21-3121145043-4052942828-115864558-1001\Software\SecuROM\License information*]
"datasecu"=hex:93,08,ab,39,3b,b4,61,16,ca,54,20,07,ed,3c,59,03,54,7c,98,38,07,
a8,28,a7,a2,a6,7a,4e,9e,d5,aa,9d,44,bf,f7,e9,cb,b8,b7,b3,0b,a9,91,ee,d2,57,\
"rkeysecu"=hex:c9,5b,ca,7b,1d,08,02,54,4e,82,b1,30,3a,7a,d2,f2
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\System32\spool\drivers\x64\3\WrtProc.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
.
**************************************************************************
.
Heure de fin: 2012-07-22 19:47:24 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-07-22 17:47
ComboFix2.txt 2012-07-22 16:14
.
Avant-CF: 124 427 898 880 octets libres
Après-CF: 124 352 462 848 octets libres
.
- - End Of File - - 01DB087F36A8091E3E71671DAD6AF76A
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 795
22 juil. 2012 à 19:54
22 juil. 2012 à 19:54
Vu.
-> AdwCleaner
:-)
-> AdwCleaner
:-)
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
22 juil. 2012 à 20:03
22 juil. 2012 à 20:03
Et voila pour AdwCLeaner.
# AdwCleaner v1.703 - Rapport créé le 22/07/2012 à 19:59:06
# Mis à jour le 20/07/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Jeffrey - FABIOLA-HP
# Exécuté depuis : C:\Users\Jeffrey\Desktop\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
Arrêté & Supprimé : Web Assistant Updater
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Users\Fabiola\AppData\Local\Babylon
Dossier Supprimé : C:\Users\Jeffrey\AppData\Local\APN
Dossier Supprimé : C:\Users\Jeffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Dossier Supprimé : C:\Users\Jeffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Dossier Supprimé : C:\Users\Ornella\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Dossier Supprimé : C:\Users\Ornella\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Dossier Supprimé : C:\Users\Fabiola\AppData\LocalLow\Incredibar.com
Dossier Supprimé : C:\Users\Fabiola\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Users\Fabiola\AppData\LocalLow\searchquband
Dossier Supprimé : C:\Users\Fabiola\AppData\LocalLow\Searchqutoolbar
Dossier Supprimé : C:\Users\Fabiola\AppData\LocalLow\SweetIM
Dossier Supprimé : C:\Users\Jeffrey\AppData\LocalLow\Incredibar.com
Dossier Supprimé : C:\Users\Jeffrey\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Users\Jeffrey\AppData\LocalLow\searchquband
Dossier Supprimé : C:\Users\Jeffrey\AppData\LocalLow\Searchqutoolbar
Dossier Supprimé : C:\Users\Ornella\AppData\LocalLow\Incredibar.com
Dossier Supprimé : C:\Users\Fabiola\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\Jeffrey\AppData\Roaming\QuickStoresToolbar
Dossier Supprimé : C:\Users\Fabiola\AppData\Roaming\Mozilla\Firefox\Profiles\p5voqpxg.default\Searchqutoolbar
Dossier Supprimé : C:\Users\Fabiola\AppData\Roaming\Mozilla\Firefox\Profiles\p5voqpxg.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Dossier Supprimé : C:\Users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\Searchqutoolbar
Dossier Supprimé : C:\Users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Dossier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\Searchqutoolbar
Dossier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
Dossier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Dossier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Dossier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\extensions\ffxtlbr@incredibar.com
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\boost_interprocess
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Dossier Supprimé : C:\Program Files\Web Assistant
Dossier Supprimé : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Dossier Supprimé : C:\Program Files (x86)\PriceGong
Dossier Supprimé : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Fichier Supprimé : C:\Users\Jeffrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Fichier Supprimé : C:\Users\Jeffrey\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Fichier Supprimé : C:\Users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\searchplugins\Search_Results.xml
Fichier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\searchplugins\MyStart Search.xml
Fichier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\searchplugins\SweetIm.xml
Fichier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Fichier Supprimé : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
***** [Registre] *****
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKCU\Software\AppDataLow\Software\searchqutoolbar
Clé Supprimée : HKCU\Software\DataMngr_Toolbar
Clé Supprimée : HKCU\Software\Incredibar.com
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\SweetIm
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Clé Supprimée : HKLM\SOFTWARE\Classes\I
Clé Supprimée : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Clé Supprimée : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\DT Soft
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Clé Supprimée : HKLM\SOFTWARE\Incredibar.com
Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
Clé Supprimée : HKLM\SOFTWARE\SweetIM
Clé Supprimée : HKLM\SOFTWARE\Web Assistant
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
[x64] Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
[x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
[x64] Clé Supprimée : HKLM\SOFTWARE\Web Assistant
***** [Registre - GUID] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
[x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v14.0.1 (fr)
Nom du profil : default
Fichier : C:\Users\Fabiola\AppData\Roaming\Mozilla\Firefox\Profiles\p5voqpxg.default\prefs.js
C:\Users\Fabiola\AppData\Roaming\Mozilla\Firefox\Profiles\p5voqpxg.default\user.js ... Supprimé !
Supprimée : user_pref("browser.search.defaultengine", "Ask.com");
Supprimée : user_pref("browser.search.defaultenginename", "Ask.com");
Supprimée : user_pref("browser.search.order.1", "Ask.com");
Supprimée : user_pref("extensions.asktb.ff-original-keyword-url", "");
Supprimée : user_pref("quickstores.toolbar.affid", "2006");
Supprimée : user_pref("quickstores.toolbar.guid", "{35F41068-F214-E41B-12E9-2E7E53077DB3}");
Nom du profil : default
Fichier : C:\Users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\prefs.js
Supprimée : user_pref("browser.search.order.1", "Search Results");
Supprimée : user_pref("extensions.enabledAddons", "{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6,cookiemgr@jayapa[...]
Supprimée : user_pref("quickstores.toolbar.affid", "2006");
Supprimée : user_pref("quickstores.toolbar.guid", "{12A86162-E7FC-C4B3-4218-2DDB6ED2C7D4}");
Nom du profil : default
Fichier : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\prefs.js
C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\user.js ... Supprimé !
Supprimée : user_pref("browser.search.defaultenginename", "MyStart Search");
Supprimée : user_pref("extensions.enabledAddons", "quickstores@quickstores.de:1.0.0,{972ce4c6-7e08-4474-a285-320[...]
Supprimée : user_pref("extensions.incredibar_i.aflt", "orgnl");
Supprimée : user_pref("extensions.incredibar_i.dfltLng", "");
Supprimée : user_pref("extensions.incredibar_i.did", "10665");
Supprimée : user_pref("extensions.incredibar_i.excTlbr", false);
Supprimée : user_pref("extensions.incredibar_i.id", "80bdbb570000000000001c659d8a742c");
Supprimée : user_pref("extensions.incredibar_i.installerproductid", "26");
Supprimée : user_pref("extensions.incredibar_i.instlDay", "15504");
Supprimée : user_pref("extensions.incredibar_i.instlRef", "");
Supprimée : user_pref("extensions.incredibar_i.ms_url_id", "");
Supprimée : user_pref("extensions.incredibar_i.newTab", false);
Supprimée : user_pref("extensions.incredibar_i.ppd", "");
Supprimée : user_pref("extensions.incredibar_i.prdct", "incredibar");
Supprimée : user_pref("extensions.incredibar_i.productid", "26");
Supprimée : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Supprimée : user_pref("extensions.incredibar_i.smplGrp", "none");
Supprimée : user_pref("extensions.incredibar_i.tlbrId", "base");
Supprimée : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8vSuyuxz&loc=IB[...]
Supprimée : user_pref("extensions.incredibar_i.upn2", "6R8vSuyuxz");
Supprimée : user_pref("extensions.incredibar_i.upn2n", "92824528520417129");
Supprimée : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Supprimée : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:35:23");
Supprimée : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Supprimée : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&a=6R8vSuyuxz&&i=26&search="[...]
Supprimée : user_pref("quickstores.toolbar.affid", "2006");
Supprimée : user_pref("quickstores.toolbar.guid", "{2AC63BBC-D3FB-7445-3651-C848C97F56D6}");
-\\ Google Chrome v20.0.1132.57
Fichier : C:\Users\Fabiola\AppData\Local\Google\Chrome\User Data\Default\Preferences
Supprimée : "update_url": "hxxp://inst.pricegong.com/update/sweetim/-/update.xml",
Fichier : C:\Users\Jeffrey\AppData\Local\Google\Chrome\User Data\Default\Preferences
Supprimée : "update_url": "hxxp://inst.pricegong.com/update/sweetim/-/update.xml",
Fichier : C:\Users\Ornella\AppData\Local\Google\Chrome\User Data\Default\Preferences
Supprimée : "icon_url": "hxxp://mystart.incredibar.com/mb165/favicon.ico",
Supprimée : "keyword": "mystart.incredibar.com/mb165",
Supprimée : "name": "MyStart Search",
Supprimée : "search_url": "hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&search={searchTerms}&a=6R8vSuyux[...]
Supprimée : "update_url": "hxxp://inst.pricegong.com/update/sweetim/-/update.xml",
*************************
AdwCleaner[S1].txt - [18462 octets] - [22/07/2012 19:59:06]
########## EOF - C:\AdwCleaner[S1].txt - [18591 octets] ##########
# AdwCleaner v1.703 - Rapport créé le 22/07/2012 à 19:59:06
# Mis à jour le 20/07/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Jeffrey - FABIOLA-HP
# Exécuté depuis : C:\Users\Jeffrey\Desktop\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
Arrêté & Supprimé : Web Assistant Updater
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Users\Fabiola\AppData\Local\Babylon
Dossier Supprimé : C:\Users\Jeffrey\AppData\Local\APN
Dossier Supprimé : C:\Users\Jeffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Dossier Supprimé : C:\Users\Jeffrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Dossier Supprimé : C:\Users\Ornella\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Dossier Supprimé : C:\Users\Ornella\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Dossier Supprimé : C:\Users\Fabiola\AppData\LocalLow\Incredibar.com
Dossier Supprimé : C:\Users\Fabiola\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Users\Fabiola\AppData\LocalLow\searchquband
Dossier Supprimé : C:\Users\Fabiola\AppData\LocalLow\Searchqutoolbar
Dossier Supprimé : C:\Users\Fabiola\AppData\LocalLow\SweetIM
Dossier Supprimé : C:\Users\Jeffrey\AppData\LocalLow\Incredibar.com
Dossier Supprimé : C:\Users\Jeffrey\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Users\Jeffrey\AppData\LocalLow\searchquband
Dossier Supprimé : C:\Users\Jeffrey\AppData\LocalLow\Searchqutoolbar
Dossier Supprimé : C:\Users\Ornella\AppData\LocalLow\Incredibar.com
Dossier Supprimé : C:\Users\Fabiola\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\Jeffrey\AppData\Roaming\QuickStoresToolbar
Dossier Supprimé : C:\Users\Fabiola\AppData\Roaming\Mozilla\Firefox\Profiles\p5voqpxg.default\Searchqutoolbar
Dossier Supprimé : C:\Users\Fabiola\AppData\Roaming\Mozilla\Firefox\Profiles\p5voqpxg.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Dossier Supprimé : C:\Users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\Searchqutoolbar
Dossier Supprimé : C:\Users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Dossier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\Searchqutoolbar
Dossier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
Dossier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Dossier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Dossier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\extensions\ffxtlbr@incredibar.com
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\boost_interprocess
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Dossier Supprimé : C:\Program Files\Web Assistant
Dossier Supprimé : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Dossier Supprimé : C:\Program Files (x86)\PriceGong
Dossier Supprimé : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Fichier Supprimé : C:\Users\Jeffrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Fichier Supprimé : C:\Users\Jeffrey\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Fichier Supprimé : C:\Users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\searchplugins\Search_Results.xml
Fichier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\searchplugins\MyStart Search.xml
Fichier Supprimé : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\searchplugins\SweetIm.xml
Fichier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Fichier Supprimé : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
***** [Registre] *****
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKCU\Software\AppDataLow\Software\searchqutoolbar
Clé Supprimée : HKCU\Software\DataMngr_Toolbar
Clé Supprimée : HKCU\Software\Incredibar.com
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\SweetIm
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Clé Supprimée : HKLM\SOFTWARE\Classes\I
Clé Supprimée : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Clé Supprimée : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\DT Soft
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Clé Supprimée : HKLM\SOFTWARE\Incredibar.com
Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
Clé Supprimée : HKLM\SOFTWARE\SweetIM
Clé Supprimée : HKLM\SOFTWARE\Web Assistant
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
[x64] Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
[x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
[x64] Clé Supprimée : HKLM\SOFTWARE\Web Assistant
***** [Registre - GUID] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
[x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
[x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v14.0.1 (fr)
Nom du profil : default
Fichier : C:\Users\Fabiola\AppData\Roaming\Mozilla\Firefox\Profiles\p5voqpxg.default\prefs.js
C:\Users\Fabiola\AppData\Roaming\Mozilla\Firefox\Profiles\p5voqpxg.default\user.js ... Supprimé !
Supprimée : user_pref("browser.search.defaultengine", "Ask.com");
Supprimée : user_pref("browser.search.defaultenginename", "Ask.com");
Supprimée : user_pref("browser.search.order.1", "Ask.com");
Supprimée : user_pref("extensions.asktb.ff-original-keyword-url", "");
Supprimée : user_pref("quickstores.toolbar.affid", "2006");
Supprimée : user_pref("quickstores.toolbar.guid", "{35F41068-F214-E41B-12E9-2E7E53077DB3}");
Nom du profil : default
Fichier : C:\Users\Jeffrey\AppData\Roaming\Mozilla\Firefox\Profiles\854l2f03.default\prefs.js
Supprimée : user_pref("browser.search.order.1", "Search Results");
Supprimée : user_pref("extensions.enabledAddons", "{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6,cookiemgr@jayapa[...]
Supprimée : user_pref("quickstores.toolbar.affid", "2006");
Supprimée : user_pref("quickstores.toolbar.guid", "{12A86162-E7FC-C4B3-4218-2DDB6ED2C7D4}");
Nom du profil : default
Fichier : C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\prefs.js
C:\Users\Ornella\AppData\Roaming\Mozilla\Firefox\Profiles\98llqt6g.default\user.js ... Supprimé !
Supprimée : user_pref("browser.search.defaultenginename", "MyStart Search");
Supprimée : user_pref("extensions.enabledAddons", "quickstores@quickstores.de:1.0.0,{972ce4c6-7e08-4474-a285-320[...]
Supprimée : user_pref("extensions.incredibar_i.aflt", "orgnl");
Supprimée : user_pref("extensions.incredibar_i.dfltLng", "");
Supprimée : user_pref("extensions.incredibar_i.did", "10665");
Supprimée : user_pref("extensions.incredibar_i.excTlbr", false);
Supprimée : user_pref("extensions.incredibar_i.id", "80bdbb570000000000001c659d8a742c");
Supprimée : user_pref("extensions.incredibar_i.installerproductid", "26");
Supprimée : user_pref("extensions.incredibar_i.instlDay", "15504");
Supprimée : user_pref("extensions.incredibar_i.instlRef", "");
Supprimée : user_pref("extensions.incredibar_i.ms_url_id", "");
Supprimée : user_pref("extensions.incredibar_i.newTab", false);
Supprimée : user_pref("extensions.incredibar_i.ppd", "");
Supprimée : user_pref("extensions.incredibar_i.prdct", "incredibar");
Supprimée : user_pref("extensions.incredibar_i.productid", "26");
Supprimée : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Supprimée : user_pref("extensions.incredibar_i.smplGrp", "none");
Supprimée : user_pref("extensions.incredibar_i.tlbrId", "base");
Supprimée : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8vSuyuxz&loc=IB[...]
Supprimée : user_pref("extensions.incredibar_i.upn2", "6R8vSuyuxz");
Supprimée : user_pref("extensions.incredibar_i.upn2n", "92824528520417129");
Supprimée : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Supprimée : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:35:23");
Supprimée : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Supprimée : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&a=6R8vSuyuxz&&i=26&search="[...]
Supprimée : user_pref("quickstores.toolbar.affid", "2006");
Supprimée : user_pref("quickstores.toolbar.guid", "{2AC63BBC-D3FB-7445-3651-C848C97F56D6}");
-\\ Google Chrome v20.0.1132.57
Fichier : C:\Users\Fabiola\AppData\Local\Google\Chrome\User Data\Default\Preferences
Supprimée : "update_url": "hxxp://inst.pricegong.com/update/sweetim/-/update.xml",
Fichier : C:\Users\Jeffrey\AppData\Local\Google\Chrome\User Data\Default\Preferences
Supprimée : "update_url": "hxxp://inst.pricegong.com/update/sweetim/-/update.xml",
Fichier : C:\Users\Ornella\AppData\Local\Google\Chrome\User Data\Default\Preferences
Supprimée : "icon_url": "hxxp://mystart.incredibar.com/mb165/favicon.ico",
Supprimée : "keyword": "mystart.incredibar.com/mb165",
Supprimée : "name": "MyStart Search",
Supprimée : "search_url": "hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&search={searchTerms}&a=6R8vSuyux[...]
Supprimée : "update_url": "hxxp://inst.pricegong.com/update/sweetim/-/update.xml",
*************************
AdwCleaner[S1].txt - [18462 octets] - [22/07/2012 19:59:06]
########## EOF - C:\AdwCleaner[S1].txt - [18591 octets] ##########
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 795
22 juil. 2012 à 20:09
22 juil. 2012 à 20:09
petit à petit, on vire tout :-)
relance adwcleaner, clique sur Désinstaller
===============================
▶ Télécharge et installe Malwarebytes' Anti-Malware (MBAM).
▶ Exécute-le. Accepte la mise à jour.
● Uniquement en cas de problème de mise à jour:
● Télécharger mises à jour manuelles MBAM
● Exécute le fichier après l'installation de MBAM
▶ Sélectionne "Exécuter un examen complet"
▶ Clique sur "Rechercher"
▶ L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :
Citation :
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
▶ Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
▶ Ferme tes navigateurs.
▶ Si des malwares ont été détectés, clique sur Afficher les résultats.
▶ Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse : ferme le.
Si MBAM demande à redémarrer le pc : ▶ fais-le.
Au redémarrage, relance MBAM, onglet "Rapport/Logs", copie/colle celui qui correspond à l'analyse effectuée.
relance adwcleaner, clique sur Désinstaller
===============================
▶ Télécharge et installe Malwarebytes' Anti-Malware (MBAM).
▶ Exécute-le. Accepte la mise à jour.
● Uniquement en cas de problème de mise à jour:
● Télécharger mises à jour manuelles MBAM
● Exécute le fichier après l'installation de MBAM
▶ Sélectionne "Exécuter un examen complet"
▶ Clique sur "Rechercher"
▶ L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :
Citation :
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
▶ Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
▶ Ferme tes navigateurs.
▶ Si des malwares ont été détectés, clique sur Afficher les résultats.
▶ Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse : ferme le.
Si MBAM demande à redémarrer le pc : ▶ fais-le.
Au redémarrage, relance MBAM, onglet "Rapport/Logs", copie/colle celui qui correspond à l'analyse effectuée.
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
Modifié par mandragores le 22/07/2012 à 22:45
Modifié par mandragores le 22/07/2012 à 22:45
Voila le rapport après 2h d'analyse, je sens que l'on arrive presque à la fin :)
Malwarebytes Anti-Malware (Essai) 1.62.0.1300
www.malwarebytes.org
Version de la base de données: v2012.07.22.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Jeffrey :: FABIOLA-HP [administrateur]
Protection: Activé
22/07/2012 20:15:27
mbam-log-2012-07-22 (20-15-27).txt
Type d'examen: Examen complet (C:\|D:\|J:\|O:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 965699
Temps écoulé: 2 heure(s), 18 minute(s), 23 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 5
C:\Qoobox\Quarantine\C\Users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\n.vir (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\C\Users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\00000008.@.vir (Trojan.Dropper.BCMiner) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\C\Users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000032.@.vir (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\C\Windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\n.vir (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Fabiola\Downloads\setup_eoweather_eo.exe (Adware.EoRezo) -> Mis en quarantaine et supprimé avec succès.
(fin)
Malwarebytes Anti-Malware (Essai) 1.62.0.1300
www.malwarebytes.org
Version de la base de données: v2012.07.22.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Jeffrey :: FABIOLA-HP [administrateur]
Protection: Activé
22/07/2012 20:15:27
mbam-log-2012-07-22 (20-15-27).txt
Type d'examen: Examen complet (C:\|D:\|J:\|O:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 965699
Temps écoulé: 2 heure(s), 18 minute(s), 23 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 5
C:\Qoobox\Quarantine\C\Users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\n.vir (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\C\Users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\00000008.@.vir (Trojan.Dropper.BCMiner) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\C\Users\Jeffrey\AppData\Local\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\U\80000032.@.vir (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès.
C:\Qoobox\Quarantine\C\Windows\Installer\{ab569ec5-795b-7278-c644-8b19b66b5d5e}\n.vir (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Fabiola\Downloads\setup_eoweather_eo.exe (Adware.EoRezo) -> Mis en quarantaine et supprimé avec succès.
(fin)
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 795
23 juil. 2012 à 00:28
23 juil. 2012 à 00:28
ouep :-)
on va quand même faire un diagnostic complet du PC :)
évite de télécharger les trucs eorezo et pctuto ... t'as vu, MBAM il a mis en 40aine l'installeur de eorezo ... c'pas moi qui l'invente :p
▶ Télécharge ZHPDiag (de Nicolas Coolman)
ou :ZHPDiag
▶ Enregistre le sur ton Bureau.
Une fois le téléchargement achevé,
▶ Installe et lance ZHPDiag.exe ( Si tu es sous Vista ou 7, une fois le logiciel ouvert clique sur le bouton "UAC")
▶ Clique sur le tournevis puis sur Tous pour cocher toutes les cases des options.
▶ Clique sur la loupe pour lancer l'analyse.
A la fin de l'analyse,
▶ Pour me transmettre ton rapport utilise le site http://pjjoint.malekal.com
▶ Clique sur Parcourir et cherche le fichier C:\ZHP\ZHPDiag.txt
▶ Clique sur Ouvrir.
▶ Clique sur "Envoyer le fichier".
Un lien de cette forme :
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120312_q15b11x7g11u5
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
on va quand même faire un diagnostic complet du PC :)
évite de télécharger les trucs eorezo et pctuto ... t'as vu, MBAM il a mis en 40aine l'installeur de eorezo ... c'pas moi qui l'invente :p
▶ Télécharge ZHPDiag (de Nicolas Coolman)
ou :ZHPDiag
▶ Enregistre le sur ton Bureau.
Une fois le téléchargement achevé,
▶ Installe et lance ZHPDiag.exe ( Si tu es sous Vista ou 7, une fois le logiciel ouvert clique sur le bouton "UAC")
▶ Clique sur le tournevis puis sur Tous pour cocher toutes les cases des options.
▶ Clique sur la loupe pour lancer l'analyse.
A la fin de l'analyse,
▶ Pour me transmettre ton rapport utilise le site http://pjjoint.malekal.com
▶ Clique sur Parcourir et cherche le fichier C:\ZHP\ZHPDiag.txt
▶ Clique sur Ouvrir.
▶ Clique sur "Envoyer le fichier".
Un lien de cette forme :
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120312_q15b11x7g11u5
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
23 juil. 2012 à 11:20
23 juil. 2012 à 11:20
A l'avenir j'y ferais plus attention.
Voila pour le fichier ZHP : https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120723_m12d14i12u11b15
Voila pour le fichier ZHP : https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120723_m12d14i12u11b15
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 795
23 juil. 2012 à 18:33
23 juil. 2012 à 18:33
Hello,
Mmmmh j'voudrais m'assurer d'un truc.
Passe un coup de tdsskiller comme expliqué là : https://forum.malekal.com/viewtopic.php?t=28637&start=
Mmmmh j'voudrais m'assurer d'un truc.
Passe un coup de tdsskiller comme expliqué là : https://forum.malekal.com/viewtopic.php?t=28637&start=
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
Modifié par mandragores le 23/07/2012 à 20:04
Modifié par mandragores le 23/07/2012 à 20:04
J'ai effectué le scan et en voici le résultat:
19:47:48.0486 7864 TDSS rootkit removing tool 2.7.47.0 Jul 20 2012 20:36:30
19:47:48.0573 7864 ============================================================
19:47:48.0573 7864 Current date / time: 2012/07/23 19:47:48.0573
19:47:48.0573 7864 SystemInfo:
19:47:48.0573 7864
19:47:48.0573 7864 OS Version: 6.1.7601 ServicePack: 1.0
19:47:48.0573 7864 Product type: Workstation
19:47:48.0573 7864 ComputerName: FABIOLA-HP
19:47:48.0573 7864 UserName: Jeffrey
19:47:48.0573 7864 Windows directory: C:\Windows
19:47:48.0573 7864 System windows directory: C:\Windows
19:47:48.0573 7864 Running under WOW64
19:47:48.0573 7864 Processor architecture: Intel x64
19:47:48.0573 7864 Number of processors: 4
19:47:48.0573 7864 Page size: 0x1000
19:47:48.0573 7864 Boot type: Normal boot
19:47:48.0573 7864 ============================================================
19:47:49.0609 7864 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:47:49.0631 7864 ============================================================
19:47:49.0631 7864 \Device\Harddisk0\DR0:
19:47:49.0631 7864 MBR partitions:
19:47:49.0631 7864 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:47:49.0631 7864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4E15F800
19:47:49.0653 7864 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4E193000, BlocksNum 0x124F8000
19:47:49.0664 7864 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6068B800, BlocksNum 0x124F7000
19:47:49.0664 7864 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x72B82800, BlocksNum 0x1B83800
19:47:49.0664 7864 ============================================================
19:47:49.0755 7864 C: <-> \Device\Harddisk0\DR0\Partition1
19:47:49.0973 7864 D: <-> \Device\Harddisk0\DR0\Partition4
19:47:50.0353 7864 O: <-> \Device\Harddisk0\DR0\Partition2
19:47:50.0542 7864 J: <-> \Device\Harddisk0\DR0\Partition3
19:47:50.0542 7864 ============================================================
19:47:50.0542 7864 Initialize success
19:47:50.0542 7864 ============================================================
19:48:30.0804 4372 ============================================================
19:48:30.0804 4372 Scan started
19:48:30.0804 4372 Mode: Manual;
19:48:30.0804 4372 ============================================================
19:48:32.0602 4372 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:48:32.0618 4372 1394ohci - ok
19:48:32.0673 4372 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:48:32.0678 4372 ACPI - ok
19:48:32.0715 4372 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:48:32.0716 4372 AcpiPmi - ok
19:48:32.0831 4372 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:48:32.0833 4372 AdobeARMservice - ok
19:48:32.0983 4372 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:48:32.0985 4372 AdobeFlashPlayerUpdateSvc - ok
19:48:33.0037 4372 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:48:33.0065 4372 adp94xx - ok
19:48:33.0115 4372 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:48:33.0123 4372 adpahci - ok
19:48:33.0170 4372 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:48:33.0174 4372 adpu320 - ok
19:48:33.0205 4372 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:48:33.0206 4372 AeLookupSvc - ok
19:48:33.0270 4372 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:48:33.0278 4372 AFD - ok
19:48:33.0322 4372 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:48:33.0324 4372 agp440 - ok
19:48:33.0353 4372 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:48:33.0355 4372 ALG - ok
19:48:33.0385 4372 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:48:33.0386 4372 aliide - ok
19:48:33.0404 4372 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:48:33.0406 4372 amdide - ok
19:48:33.0441 4372 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:48:33.0443 4372 AmdK8 - ok
19:48:33.0468 4372 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:48:33.0469 4372 AmdPPM - ok
19:48:33.0525 4372 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:48:33.0527 4372 amdsata - ok
19:48:33.0577 4372 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:48:33.0580 4372 amdsbs - ok
19:48:33.0622 4372 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:48:33.0624 4372 amdxata - ok
19:48:33.0658 4372 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
19:48:33.0660 4372 androidusb - ok
19:48:33.0689 4372 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:48:33.0691 4372 AppID - ok
19:48:33.0717 4372 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:48:33.0719 4372 AppIDSvc - ok
19:48:33.0755 4372 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:48:33.0756 4372 Appinfo - ok
19:48:33.0912 4372 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:48:33.0915 4372 Apple Mobile Device - ok
19:48:33.0972 4372 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:48:33.0974 4372 arc - ok
19:48:33.0988 4372 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:48:33.0990 4372 arcsas - ok
19:48:34.0093 4372 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:48:34.0106 4372 aspnet_state - ok
19:48:34.0142 4372 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:48:34.0144 4372 AsyncMac - ok
19:48:34.0178 4372 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:48:34.0180 4372 atapi - ok
19:48:34.0245 4372 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:48:34.0258 4372 AudioEndpointBuilder - ok
19:48:34.0267 4372 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:48:34.0274 4372 AudioSrv - ok
19:48:34.0341 4372 avc3 (f57de310bf3bd9df0f7d301c1d7f5432) C:\Windows\system32\DRIVERS\avc3.sys
19:48:34.0355 4372 avc3 - ok
19:48:34.0398 4372 avchv (4c6bcc638798abe1f70afca70d889c3f) C:\Windows\system32\DRIVERS\avchv.sys
19:48:34.0402 4372 avchv - ok
19:48:34.0442 4372 avckf (6dc4cca415bbf2fc629beb532aa0e6cd) C:\Windows\system32\DRIVERS\avckf.sys
19:48:34.0461 4372 avckf - ok
19:48:34.0504 4372 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:48:34.0507 4372 AxInstSV - ok
19:48:34.0558 4372 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:48:34.0565 4372 b06bdrv - ok
19:48:34.0614 4372 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:48:34.0643 4372 b57nd60a - ok
19:48:34.0821 4372 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
19:48:34.0824 4372 BBSvc - ok
19:48:34.0896 4372 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
19:48:34.0899 4372 BBUpdate - ok
19:48:34.0931 4372 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:48:34.0934 4372 BDESVC - ok
19:48:35.0040 4372 BdfNdisf (707ac68f86f97c17c30498aaf3c7e27e) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
19:48:35.0042 4372 BdfNdisf - ok
19:48:35.0101 4372 bdfsfltr (ea195950fa5dd4a8f7bc00822213a363) C:\Windows\system32\DRIVERS\bdfsfltr.sys
19:48:35.0114 4372 bdfsfltr - ok
19:48:35.0137 4372 bdfwfpf (4ce4b0098fc315c237fa8867f07886c4) C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
19:48:35.0139 4372 bdfwfpf - ok
19:48:35.0172 4372 bdsandbox (31571d77c6186ad228f52ee4ebdf8ee9) C:\Windows\system32\drivers\bdsandbox.sys
19:48:35.0174 4372 bdsandbox - ok
19:48:35.0183 4372 BDVEDISK (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Windows\system32\DRIVERS\bdvedisk.sys
19:48:35.0185 4372 BDVEDISK - ok
19:48:35.0228 4372 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:48:35.0229 4372 Beep - ok
19:48:35.0299 4372 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:48:35.0311 4372 BFE - ok
19:48:35.0372 4372 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
19:48:35.0385 4372 BITS - ok
19:48:35.0420 4372 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:48:35.0422 4372 blbdrive - ok
19:48:35.0520 4372 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:48:35.0529 4372 Bonjour Service - ok
19:48:35.0558 4372 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:48:35.0560 4372 bowser - ok
19:48:35.0580 4372 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:48:35.0582 4372 BrFiltLo - ok
19:48:35.0598 4372 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:48:35.0599 4372 BrFiltUp - ok
19:48:35.0632 4372 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:48:35.0634 4372 BridgeMP - ok
19:48:35.0676 4372 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:48:35.0679 4372 Browser - ok
19:48:35.0705 4372 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:48:35.0710 4372 Brserid - ok
19:48:35.0768 4372 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:48:35.0792 4372 BrSerWdm - ok
19:48:35.0945 4372 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:48:35.0987 4372 BrUsbMdm - ok
19:48:36.0036 4372 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:48:36.0038 4372 BrUsbSer - ok
19:48:36.0083 4372 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:48:36.0105 4372 BTHMODEM - ok
19:48:36.0570 4372 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:48:36.0594 4372 bthserv - ok
19:48:36.0769 4372 catchme - ok
19:48:37.0114 4372 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:48:37.0137 4372 cdfs - ok
19:48:37.0204 4372 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:48:37.0207 4372 cdrom - ok
19:48:37.0313 4372 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:48:37.0315 4372 CertPropSvc - ok
19:48:37.0649 4372 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:48:37.0674 4372 circlass - ok
19:48:38.0060 4372 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:48:38.0066 4372 CLFS - ok
19:48:38.0122 4372 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:48:38.0124 4372 clr_optimization_v2.0.50727_32 - ok
19:48:38.0782 4372 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:48:38.0808 4372 clr_optimization_v2.0.50727_64 - ok
19:48:39.0069 4372 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:48:39.0072 4372 clr_optimization_v4.0.30319_32 - ok
19:48:39.0118 4372 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:48:39.0121 4372 clr_optimization_v4.0.30319_64 - ok
19:48:39.0214 4372 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:48:39.0216 4372 CmBatt - ok
19:48:39.0329 4372 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:48:39.0331 4372 cmdide - ok
19:48:39.0405 4372 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
19:48:39.0413 4372 CNG - ok
19:48:39.0525 4372 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:48:39.0550 4372 Compbatt - ok
19:48:39.0808 4372 CompFilter64 (59d203c3f46f3ca536ecac0e084cd887) C:\Windows\system32\DRIVERS\lvbflt64.sys
19:48:39.0809 4372 CompFilter64 - ok
19:48:40.0098 4372 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:48:40.0123 4372 CompositeBus - ok
19:48:40.0147 4372 COMSysApp - ok
19:48:40.0320 4372 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:48:40.0345 4372 crcdisk - ok
19:48:41.0245 4372 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:48:41.0262 4372 CryptSvc - ok
19:48:41.0787 4372 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:48:41.0797 4372 DcomLaunch - ok
19:48:41.0848 4372 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:48:41.0878 4372 defragsvc - ok
19:48:42.0238 4372 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:48:42.0259 4372 DfsC - ok
19:48:42.0352 4372 dg_ssudbus (6060106ce00f32f63f1a73160e46e9d2) C:\Windows\system32\DRIVERS\ssudbus.sys
19:48:42.0354 4372 dg_ssudbus - ok
19:48:42.0398 4372 DhaHelper - ok
19:48:42.0639 4372 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:48:42.0664 4372 Dhcp - ok
19:48:42.0802 4372 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:48:42.0810 4372 discache - ok
19:48:42.0938 4372 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:48:42.0959 4372 Disk - ok
19:48:43.0255 4372 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:48:43.0280 4372 Dnscache - ok
19:48:43.0343 4372 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:48:43.0347 4372 dot3svc - ok
19:48:43.0867 4372 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:48:43.0897 4372 DPS - ok
19:48:44.0254 4372 driverhardwarev2x64 (b28c853770c995552b9f5760d8245f44) C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys
19:48:44.0256 4372 driverhardwarev2x64 - ok
19:48:44.0307 4372 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:48:44.0308 4372 drmkaud - ok
19:48:44.0503 4372 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
19:48:44.0505 4372 DrvAgent64 - ok
19:48:44.0571 4372 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:48:44.0575 4372 DXGKrnl - ok
19:48:44.0994 4372 Dyn Updater (c3cdc19b715514200f5cec8be5b9c9a8) J:\Logiciel\DynDNS Updater\DynUpSvc.exe
19:48:45.0025 4372 Dyn Updater - ok
19:48:45.0074 4372 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:48:45.0076 4372 EapHost - ok
19:48:45.0357 4372 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:48:45.0393 4372 ebdrv - ok
19:48:45.0500 4372 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:48:45.0503 4372 EFS - ok
19:48:45.0598 4372 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:48:45.0605 4372 ehRecvr - ok
19:48:45.0645 4372 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:48:45.0647 4372 ehSched - ok
19:48:45.0715 4372 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:48:45.0739 4372 elxstor - ok
19:48:45.0817 4372 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:48:45.0818 4372 EpsonBidirectionalService - ok
19:48:45.0884 4372 EPSON_EB_RPCV4_04 (7db097f4f6786307168c0dddec43a565) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
19:48:45.0886 4372 EPSON_EB_RPCV4_04 - ok
19:48:45.0918 4372 EPSON_PM_RPCV4_04 (258aa65a0862e19b7de6981fda3758ad) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
19:48:45.0919 4372 EPSON_PM_RPCV4_04 - ok
19:48:45.0939 4372 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:48:45.0940 4372 ErrDev - ok
19:48:45.0982 4372 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:48:45.0986 4372 EventSystem - ok
19:48:46.0021 4372 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:48:46.0024 4372 exfat - ok
19:48:46.0036 4372 ezSharedSvc - ok
19:48:46.0062 4372 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:48:46.0065 4372 fastfat - ok
19:48:46.0122 4372 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:48:46.0129 4372 Fax - ok
19:48:46.0145 4372 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:48:46.0147 4372 fdc - ok
19:48:46.0157 4372 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:48:46.0159 4372 fdPHost - ok
19:48:46.0169 4372 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:48:46.0171 4372 FDResPub - ok
19:48:46.0187 4372 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:48:46.0188 4372 FileInfo - ok
19:48:46.0197 4372 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:48:46.0199 4372 Filetrace - ok
19:48:46.0348 4372 FLEXnet Licensing Service 64 (a4297244d4f817278a6ae45b1899ca9c) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:48:46.0374 4372 FLEXnet Licensing Service 64 - ok
19:48:46.0441 4372 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:48:46.0443 4372 flpydisk - ok
19:48:46.0480 4372 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:48:46.0491 4372 FltMgr - ok
19:48:46.0572 4372 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:48:46.0594 4372 FontCache - ok
19:48:46.0653 4372 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:48:46.0654 4372 FontCache3.0.0.0 - ok
19:48:46.0674 4372 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:48:46.0676 4372 FsDepends - ok
19:48:46.0712 4372 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:48:46.0714 4372 Fs_Rec - ok
19:48:46.0751 4372 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:48:46.0755 4372 fvevol - ok
19:48:46.0781 4372 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:48:46.0783 4372 gagp30kx - ok
19:48:46.0850 4372 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
19:48:46.0855 4372 GameConsoleService - ok
19:48:46.0902 4372 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:48:46.0903 4372 GEARAspiWDM - ok
19:48:46.0945 4372 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
19:48:46.0947 4372 ggflt - ok
19:48:46.0981 4372 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
19:48:46.0983 4372 ggsemc - ok
19:48:47.0034 4372 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:48:47.0062 4372 gpsvc - ok
19:48:47.0111 4372 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:48:47.0114 4372 gupdate - ok
19:48:47.0119 4372 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:48:47.0121 4372 gupdatem - ok
19:48:47.0166 4372 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:48:47.0170 4372 gusvc - ok
19:48:47.0209 4372 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
19:48:47.0211 4372 hamachi - ok
19:48:47.0617 4372 Hamachi2Svc (21d24138b736983f6e23823e092e9428) J:\Logiciel\LogMeIn Hamachi\hamachi-2.exe
19:48:47.0682 4372 Hamachi2Svc - ok
19:48:47.0960 4372 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:48:48.0009 4372 hcw85cir - ok
19:48:48.0047 4372 hcwD3bda (36460952d903e9159660b3e7945fc274) C:\Windows\system32\DRIVERS\hcwD3bda64.sys
19:48:48.0050 4372 hcwD3bda - ok
19:48:48.0925 4372 hcwD3bda_dvbt (1a6de1f4e48a80c281ddccaa56339ae1) C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe
19:48:48.0956 4372 hcwD3bda_dvbt - ok
19:48:49.0105 4372 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:48:49.0110 4372 HdAudAddService - ok
19:48:49.0140 4372 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:48:49.0143 4372 HDAudBus - ok
19:48:49.0165 4372 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
19:48:49.0166 4372 HECIx64 - ok
19:48:49.0187 4372 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:48:49.0189 4372 HidBatt - ok
19:48:49.0211 4372 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:48:49.0213 4372 HidBth - ok
19:48:49.0242 4372 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:48:49.0244 4372 HidIr - ok
19:48:49.0260 4372 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
19:48:49.0263 4372 hidserv - ok
19:48:49.0281 4372 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:48:49.0283 4372 HidUsb - ok
19:48:49.0307 4372 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:48:49.0310 4372 hkmsvc - ok
19:48:49.0347 4372 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:48:49.0351 4372 HomeGroupListener - ok
19:48:49.0380 4372 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:48:49.0384 4372 HomeGroupProvider - ok
19:48:49.0505 4372 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:48:49.0507 4372 HP Support Assistant Service - ok
19:48:49.0563 4372 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:48:49.0565 4372 HPDrvMntSvc.exe - ok
19:48:49.0616 4372 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
19:48:49.0627 4372 hpqwmiex - ok
19:48:49.0685 4372 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:48:49.0687 4372 HpSAMD - ok
19:48:49.0754 4372 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:48:49.0764 4372 HTTP - ok
19:48:49.0845 4372 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:48:49.0846 4372 hwpolicy - ok
19:48:49.0917 4372 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:48:49.0937 4372 i8042prt - ok
19:48:49.0986 4372 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
19:48:49.0991 4372 iaStor - ok
19:48:50.0054 4372 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:48:50.0055 4372 IAStorDataMgrSvc - ok
19:48:50.0120 4372 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:48:50.0141 4372 iaStorV - ok
19:48:50.0585 4372 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:48:50.0629 4372 idsvc - ok
19:48:50.0699 4372 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:48:50.0722 4372 iirsp - ok
19:48:50.0814 4372 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:48:50.0838 4372 IKEEXT - ok
19:48:50.0959 4372 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
19:48:50.0971 4372 IntcAzAudAddService - ok
19:48:51.0149 4372 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:48:51.0150 4372 intelide - ok
19:48:51.0172 4372 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:48:51.0173 4372 intelppm - ok
19:48:51.0196 4372 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:48:51.0198 4372 IPBusEnum - ok
19:48:51.0217 4372 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:48:51.0218 4372 IpFilterDriver - ok
19:48:51.0274 4372 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:48:51.0286 4372 iphlpsvc - ok
19:48:51.0314 4372 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:48:51.0316 4372 IPMIDRV - ok
19:48:51.0333 4372 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:48:51.0335 4372 IPNAT - ok
19:48:51.0439 4372 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
19:48:51.0443 4372 iPod Service - ok
19:48:51.0463 4372 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:48:51.0464 4372 IRENUM - ok
19:48:51.0475 4372 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:48:51.0476 4372 isapnp - ok
19:48:51.0501 4372 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:48:51.0516 4372 iScsiPrt - ok
19:48:51.0546 4372 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:48:51.0547 4372 kbdclass - ok
19:48:51.0557 4372 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:48:51.0558 4372 kbdhid - ok
19:48:51.0584 4372 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:48:51.0585 4372 KeyIso - ok
19:48:51.0633 4372 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
19:48:51.0634 4372 KSecDD - ok
19:48:51.0674 4372 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
19:48:51.0676 4372 KSecPkg - ok
19:48:51.0693 4372 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:48:51.0694 4372 ksthunk - ok
19:48:51.0727 4372 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:48:51.0731 4372 KtmRm - ok
19:48:51.0754 4372 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
19:48:51.0757 4372 LanmanServer - ok
19:48:51.0781 4372 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:48:51.0784 4372 LanmanWorkstation - ok
19:48:51.0833 4372 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:48:51.0834 4372 LightScribeService - ok
19:48:51.0856 4372 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:48:51.0857 4372 lltdio - ok
19:48:51.0884 4372 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:48:51.0888 4372 lltdsvc - ok
19:48:51.0900 4372 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:48:51.0901 4372 lmhosts - ok
19:48:51.0951 4372 LMS (e38775922d4a4c05b5d96733ab4ce169) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:48:51.0953 4372 LMS - ok
19:48:51.0981 4372 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:48:51.0984 4372 LSI_FC - ok
19:48:52.0000 4372 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:48:52.0001 4372 LSI_SAS - ok
19:48:52.0018 4372 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:48:52.0019 4372 LSI_SAS2 - ok
19:48:52.0039 4372 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:48:52.0040 4372 LSI_SCSI - ok
19:48:52.0063 4372 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:48:52.0064 4372 luafv - ok
19:48:52.0089 4372 LVPr2M64 (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:48:52.0090 4372 LVPr2M64 - ok
19:48:52.0093 4372 LVPr2Mon (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:48:52.0093 4372 LVPr2Mon - ok
19:48:52.0125 4372 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
19:48:52.0128 4372 LVRS64 - ok
19:48:52.0510 4372 lvsels64 (b0c0292b0c70e203cba44333c0e3d106) C:\Windows\system32\DRIVERS\lvsels64.sys
19:48:52.0535 4372 lvsels64 - ok
19:48:53.0115 4372 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
19:48:53.0138 4372 LVUVC64 - ok
19:48:53.0274 4372 lxecCATSCustConnectService (1f02b554ddc4086d786537a3bf6488f1) C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe
19:48:53.0275 4372 lxecCATSCustConnectService - ok
19:48:53.0278 4372 lxec_device - ok
19:48:53.0469 4372 maconfservice (af2fa11e43f0f208d11ff3b2b67ce885) C:\Program Files\ma-config.com\x64\maconfservice.exe
19:48:53.0479 4372 maconfservice - ok
19:48:53.0551 4372 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
19:48:53.0552 4372 MBAMProtector - ok
19:48:53.0746 4372 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:48:53.0756 4372 MBAMService - ok
19:48:53.0787 4372 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:48:53.0791 4372 Mcx2Svc - ok
19:48:53.0824 4372 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:48:53.0826 4372 megasas - ok
19:48:53.0859 4372 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:48:53.0870 4372 MegaSR - ok
19:48:53.0906 4372 Microsoft SharePoint Workspace Audit Service - ok
19:48:53.0931 4372 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:48:53.0934 4372 MMCSS - ok
19:48:53.0950 4372 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:48:53.0952 4372 Modem - ok
19:48:53.0987 4372 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:48:53.0988 4372 monitor - ok
19:48:54.0021 4372 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:48:54.0023 4372 mouclass - ok
19:48:54.0047 4372 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:48:54.0049 4372 mouhid - ok
19:48:54.0080 4372 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:48:54.0081 4372 mountmgr - ok
19:48:54.0134 4372 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:48:54.0137 4372 MozillaMaintenance - ok
19:48:54.0171 4372 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:48:54.0174 4372 mpio - ok
19:48:54.0199 4372 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:48:54.0201 4372 mpsdrv - ok
19:48:54.0282 4372 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:48:54.0303 4372 MpsSvc - ok
19:48:54.0337 4372 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:48:54.0341 4372 MRxDAV - ok
19:48:54.0378 4372 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:48:54.0381 4372 mrxsmb - ok
19:48:54.0422 4372 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:48:54.0432 4372 mrxsmb10 - ok
19:48:54.0473 4372 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:48:54.0475 4372 mrxsmb20 - ok
19:48:54.0485 4372 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:48:54.0487 4372 msahci - ok
19:48:54.0514 4372 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:48:54.0517 4372 msdsm - ok
19:48:54.0543 4372 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:48:54.0547 4372 MSDTC - ok
19:48:54.0582 4372 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:48:54.0583 4372 Msfs - ok
19:48:54.0593 4372 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:48:54.0595 4372 mshidkmdf - ok
19:48:54.0601 4372 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:48:54.0602 4372 msisadrv - ok
19:48:54.0639 4372 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:48:54.0643 4372 MSiSCSI - ok
19:48:54.0647 4372 msiserver - ok
19:48:54.0665 4372 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:48:54.0666 4372 MSKSSRV - ok
19:48:54.0685 4372 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:48:54.0687 4372 MSPCLOCK - ok
19:48:54.0692 4372 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:48:54.0694 4372 MSPQM - ok
19:48:54.0728 4372 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:48:54.0752 4372 MsRPC - ok
19:48:54.0771 4372 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:48:54.0772 4372 mssmbios - ok
19:48:54.0785 4372 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:48:54.0787 4372 MSTEE - ok
19:48:54.0801 4372 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:48:54.0803 4372 MTConfig - ok
19:48:54.0822 4372 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:48:54.0824 4372 Mup - ok
19:48:54.0864 4372 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:48:54.0876 4372 napagent - ok
19:48:54.0927 4372 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:48:54.0936 4372 NativeWifiP - ok
19:48:54.0999 4372 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:48:55.0013 4372 NDIS - ok
19:48:55.0027 4372 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:48:55.0029 4372 NdisCap - ok
19:48:55.0050 4372 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:48:55.0052 4372 NdisTapi - ok
19:48:55.0083 4372 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:48:55.0084 4372 Ndisuio - ok
19:48:55.0122 4372 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:48:55.0125 4372 NdisWan - ok
19:48:55.0149 4372 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:48:55.0151 4372 NDProxy - ok
19:48:55.0164 4372 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:48:55.0166 4372 NetBIOS - ok
19:48:55.0195 4372 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:47:48.0486 7864 TDSS rootkit removing tool 2.7.47.0 Jul 20 2012 20:36:30
19:47:48.0573 7864 ============================================================
19:47:48.0573 7864 Current date / time: 2012/07/23 19:47:48.0573
19:47:48.0573 7864 SystemInfo:
19:47:48.0573 7864
19:47:48.0573 7864 OS Version: 6.1.7601 ServicePack: 1.0
19:47:48.0573 7864 Product type: Workstation
19:47:48.0573 7864 ComputerName: FABIOLA-HP
19:47:48.0573 7864 UserName: Jeffrey
19:47:48.0573 7864 Windows directory: C:\Windows
19:47:48.0573 7864 System windows directory: C:\Windows
19:47:48.0573 7864 Running under WOW64
19:47:48.0573 7864 Processor architecture: Intel x64
19:47:48.0573 7864 Number of processors: 4
19:47:48.0573 7864 Page size: 0x1000
19:47:48.0573 7864 Boot type: Normal boot
19:47:48.0573 7864 ============================================================
19:47:49.0609 7864 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:47:49.0631 7864 ============================================================
19:47:49.0631 7864 \Device\Harddisk0\DR0:
19:47:49.0631 7864 MBR partitions:
19:47:49.0631 7864 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:47:49.0631 7864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4E15F800
19:47:49.0653 7864 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4E193000, BlocksNum 0x124F8000
19:47:49.0664 7864 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6068B800, BlocksNum 0x124F7000
19:47:49.0664 7864 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x72B82800, BlocksNum 0x1B83800
19:47:49.0664 7864 ============================================================
19:47:49.0755 7864 C: <-> \Device\Harddisk0\DR0\Partition1
19:47:49.0973 7864 D: <-> \Device\Harddisk0\DR0\Partition4
19:47:50.0353 7864 O: <-> \Device\Harddisk0\DR0\Partition2
19:47:50.0542 7864 J: <-> \Device\Harddisk0\DR0\Partition3
19:47:50.0542 7864 ============================================================
19:47:50.0542 7864 Initialize success
19:47:50.0542 7864 ============================================================
19:48:30.0804 4372 ============================================================
19:48:30.0804 4372 Scan started
19:48:30.0804 4372 Mode: Manual;
19:48:30.0804 4372 ============================================================
19:48:32.0602 4372 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:48:32.0618 4372 1394ohci - ok
19:48:32.0673 4372 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:48:32.0678 4372 ACPI - ok
19:48:32.0715 4372 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:48:32.0716 4372 AcpiPmi - ok
19:48:32.0831 4372 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:48:32.0833 4372 AdobeARMservice - ok
19:48:32.0983 4372 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:48:32.0985 4372 AdobeFlashPlayerUpdateSvc - ok
19:48:33.0037 4372 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:48:33.0065 4372 adp94xx - ok
19:48:33.0115 4372 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:48:33.0123 4372 adpahci - ok
19:48:33.0170 4372 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:48:33.0174 4372 adpu320 - ok
19:48:33.0205 4372 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:48:33.0206 4372 AeLookupSvc - ok
19:48:33.0270 4372 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:48:33.0278 4372 AFD - ok
19:48:33.0322 4372 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:48:33.0324 4372 agp440 - ok
19:48:33.0353 4372 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:48:33.0355 4372 ALG - ok
19:48:33.0385 4372 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:48:33.0386 4372 aliide - ok
19:48:33.0404 4372 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:48:33.0406 4372 amdide - ok
19:48:33.0441 4372 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:48:33.0443 4372 AmdK8 - ok
19:48:33.0468 4372 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:48:33.0469 4372 AmdPPM - ok
19:48:33.0525 4372 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:48:33.0527 4372 amdsata - ok
19:48:33.0577 4372 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:48:33.0580 4372 amdsbs - ok
19:48:33.0622 4372 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:48:33.0624 4372 amdxata - ok
19:48:33.0658 4372 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
19:48:33.0660 4372 androidusb - ok
19:48:33.0689 4372 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:48:33.0691 4372 AppID - ok
19:48:33.0717 4372 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:48:33.0719 4372 AppIDSvc - ok
19:48:33.0755 4372 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:48:33.0756 4372 Appinfo - ok
19:48:33.0912 4372 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:48:33.0915 4372 Apple Mobile Device - ok
19:48:33.0972 4372 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:48:33.0974 4372 arc - ok
19:48:33.0988 4372 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:48:33.0990 4372 arcsas - ok
19:48:34.0093 4372 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:48:34.0106 4372 aspnet_state - ok
19:48:34.0142 4372 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:48:34.0144 4372 AsyncMac - ok
19:48:34.0178 4372 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:48:34.0180 4372 atapi - ok
19:48:34.0245 4372 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:48:34.0258 4372 AudioEndpointBuilder - ok
19:48:34.0267 4372 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:48:34.0274 4372 AudioSrv - ok
19:48:34.0341 4372 avc3 (f57de310bf3bd9df0f7d301c1d7f5432) C:\Windows\system32\DRIVERS\avc3.sys
19:48:34.0355 4372 avc3 - ok
19:48:34.0398 4372 avchv (4c6bcc638798abe1f70afca70d889c3f) C:\Windows\system32\DRIVERS\avchv.sys
19:48:34.0402 4372 avchv - ok
19:48:34.0442 4372 avckf (6dc4cca415bbf2fc629beb532aa0e6cd) C:\Windows\system32\DRIVERS\avckf.sys
19:48:34.0461 4372 avckf - ok
19:48:34.0504 4372 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:48:34.0507 4372 AxInstSV - ok
19:48:34.0558 4372 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:48:34.0565 4372 b06bdrv - ok
19:48:34.0614 4372 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:48:34.0643 4372 b57nd60a - ok
19:48:34.0821 4372 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
19:48:34.0824 4372 BBSvc - ok
19:48:34.0896 4372 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
19:48:34.0899 4372 BBUpdate - ok
19:48:34.0931 4372 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:48:34.0934 4372 BDESVC - ok
19:48:35.0040 4372 BdfNdisf (707ac68f86f97c17c30498aaf3c7e27e) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
19:48:35.0042 4372 BdfNdisf - ok
19:48:35.0101 4372 bdfsfltr (ea195950fa5dd4a8f7bc00822213a363) C:\Windows\system32\DRIVERS\bdfsfltr.sys
19:48:35.0114 4372 bdfsfltr - ok
19:48:35.0137 4372 bdfwfpf (4ce4b0098fc315c237fa8867f07886c4) C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
19:48:35.0139 4372 bdfwfpf - ok
19:48:35.0172 4372 bdsandbox (31571d77c6186ad228f52ee4ebdf8ee9) C:\Windows\system32\drivers\bdsandbox.sys
19:48:35.0174 4372 bdsandbox - ok
19:48:35.0183 4372 BDVEDISK (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Windows\system32\DRIVERS\bdvedisk.sys
19:48:35.0185 4372 BDVEDISK - ok
19:48:35.0228 4372 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:48:35.0229 4372 Beep - ok
19:48:35.0299 4372 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:48:35.0311 4372 BFE - ok
19:48:35.0372 4372 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
19:48:35.0385 4372 BITS - ok
19:48:35.0420 4372 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:48:35.0422 4372 blbdrive - ok
19:48:35.0520 4372 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:48:35.0529 4372 Bonjour Service - ok
19:48:35.0558 4372 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:48:35.0560 4372 bowser - ok
19:48:35.0580 4372 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:48:35.0582 4372 BrFiltLo - ok
19:48:35.0598 4372 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:48:35.0599 4372 BrFiltUp - ok
19:48:35.0632 4372 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:48:35.0634 4372 BridgeMP - ok
19:48:35.0676 4372 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:48:35.0679 4372 Browser - ok
19:48:35.0705 4372 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:48:35.0710 4372 Brserid - ok
19:48:35.0768 4372 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:48:35.0792 4372 BrSerWdm - ok
19:48:35.0945 4372 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:48:35.0987 4372 BrUsbMdm - ok
19:48:36.0036 4372 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:48:36.0038 4372 BrUsbSer - ok
19:48:36.0083 4372 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:48:36.0105 4372 BTHMODEM - ok
19:48:36.0570 4372 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:48:36.0594 4372 bthserv - ok
19:48:36.0769 4372 catchme - ok
19:48:37.0114 4372 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:48:37.0137 4372 cdfs - ok
19:48:37.0204 4372 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:48:37.0207 4372 cdrom - ok
19:48:37.0313 4372 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:48:37.0315 4372 CertPropSvc - ok
19:48:37.0649 4372 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:48:37.0674 4372 circlass - ok
19:48:38.0060 4372 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:48:38.0066 4372 CLFS - ok
19:48:38.0122 4372 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:48:38.0124 4372 clr_optimization_v2.0.50727_32 - ok
19:48:38.0782 4372 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:48:38.0808 4372 clr_optimization_v2.0.50727_64 - ok
19:48:39.0069 4372 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:48:39.0072 4372 clr_optimization_v4.0.30319_32 - ok
19:48:39.0118 4372 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:48:39.0121 4372 clr_optimization_v4.0.30319_64 - ok
19:48:39.0214 4372 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:48:39.0216 4372 CmBatt - ok
19:48:39.0329 4372 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:48:39.0331 4372 cmdide - ok
19:48:39.0405 4372 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
19:48:39.0413 4372 CNG - ok
19:48:39.0525 4372 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:48:39.0550 4372 Compbatt - ok
19:48:39.0808 4372 CompFilter64 (59d203c3f46f3ca536ecac0e084cd887) C:\Windows\system32\DRIVERS\lvbflt64.sys
19:48:39.0809 4372 CompFilter64 - ok
19:48:40.0098 4372 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:48:40.0123 4372 CompositeBus - ok
19:48:40.0147 4372 COMSysApp - ok
19:48:40.0320 4372 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:48:40.0345 4372 crcdisk - ok
19:48:41.0245 4372 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:48:41.0262 4372 CryptSvc - ok
19:48:41.0787 4372 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:48:41.0797 4372 DcomLaunch - ok
19:48:41.0848 4372 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:48:41.0878 4372 defragsvc - ok
19:48:42.0238 4372 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:48:42.0259 4372 DfsC - ok
19:48:42.0352 4372 dg_ssudbus (6060106ce00f32f63f1a73160e46e9d2) C:\Windows\system32\DRIVERS\ssudbus.sys
19:48:42.0354 4372 dg_ssudbus - ok
19:48:42.0398 4372 DhaHelper - ok
19:48:42.0639 4372 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:48:42.0664 4372 Dhcp - ok
19:48:42.0802 4372 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:48:42.0810 4372 discache - ok
19:48:42.0938 4372 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:48:42.0959 4372 Disk - ok
19:48:43.0255 4372 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:48:43.0280 4372 Dnscache - ok
19:48:43.0343 4372 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:48:43.0347 4372 dot3svc - ok
19:48:43.0867 4372 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:48:43.0897 4372 DPS - ok
19:48:44.0254 4372 driverhardwarev2x64 (b28c853770c995552b9f5760d8245f44) C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys
19:48:44.0256 4372 driverhardwarev2x64 - ok
19:48:44.0307 4372 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:48:44.0308 4372 drmkaud - ok
19:48:44.0503 4372 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
19:48:44.0505 4372 DrvAgent64 - ok
19:48:44.0571 4372 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:48:44.0575 4372 DXGKrnl - ok
19:48:44.0994 4372 Dyn Updater (c3cdc19b715514200f5cec8be5b9c9a8) J:\Logiciel\DynDNS Updater\DynUpSvc.exe
19:48:45.0025 4372 Dyn Updater - ok
19:48:45.0074 4372 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:48:45.0076 4372 EapHost - ok
19:48:45.0357 4372 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:48:45.0393 4372 ebdrv - ok
19:48:45.0500 4372 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:48:45.0503 4372 EFS - ok
19:48:45.0598 4372 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:48:45.0605 4372 ehRecvr - ok
19:48:45.0645 4372 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:48:45.0647 4372 ehSched - ok
19:48:45.0715 4372 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:48:45.0739 4372 elxstor - ok
19:48:45.0817 4372 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:48:45.0818 4372 EpsonBidirectionalService - ok
19:48:45.0884 4372 EPSON_EB_RPCV4_04 (7db097f4f6786307168c0dddec43a565) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
19:48:45.0886 4372 EPSON_EB_RPCV4_04 - ok
19:48:45.0918 4372 EPSON_PM_RPCV4_04 (258aa65a0862e19b7de6981fda3758ad) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
19:48:45.0919 4372 EPSON_PM_RPCV4_04 - ok
19:48:45.0939 4372 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:48:45.0940 4372 ErrDev - ok
19:48:45.0982 4372 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:48:45.0986 4372 EventSystem - ok
19:48:46.0021 4372 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:48:46.0024 4372 exfat - ok
19:48:46.0036 4372 ezSharedSvc - ok
19:48:46.0062 4372 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:48:46.0065 4372 fastfat - ok
19:48:46.0122 4372 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:48:46.0129 4372 Fax - ok
19:48:46.0145 4372 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:48:46.0147 4372 fdc - ok
19:48:46.0157 4372 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:48:46.0159 4372 fdPHost - ok
19:48:46.0169 4372 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:48:46.0171 4372 FDResPub - ok
19:48:46.0187 4372 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:48:46.0188 4372 FileInfo - ok
19:48:46.0197 4372 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:48:46.0199 4372 Filetrace - ok
19:48:46.0348 4372 FLEXnet Licensing Service 64 (a4297244d4f817278a6ae45b1899ca9c) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:48:46.0374 4372 FLEXnet Licensing Service 64 - ok
19:48:46.0441 4372 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:48:46.0443 4372 flpydisk - ok
19:48:46.0480 4372 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:48:46.0491 4372 FltMgr - ok
19:48:46.0572 4372 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:48:46.0594 4372 FontCache - ok
19:48:46.0653 4372 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:48:46.0654 4372 FontCache3.0.0.0 - ok
19:48:46.0674 4372 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:48:46.0676 4372 FsDepends - ok
19:48:46.0712 4372 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:48:46.0714 4372 Fs_Rec - ok
19:48:46.0751 4372 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:48:46.0755 4372 fvevol - ok
19:48:46.0781 4372 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:48:46.0783 4372 gagp30kx - ok
19:48:46.0850 4372 GameConsoleService (ce16683cfd11fe70bde435dda5ea1fca) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
19:48:46.0855 4372 GameConsoleService - ok
19:48:46.0902 4372 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:48:46.0903 4372 GEARAspiWDM - ok
19:48:46.0945 4372 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
19:48:46.0947 4372 ggflt - ok
19:48:46.0981 4372 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
19:48:46.0983 4372 ggsemc - ok
19:48:47.0034 4372 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:48:47.0062 4372 gpsvc - ok
19:48:47.0111 4372 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:48:47.0114 4372 gupdate - ok
19:48:47.0119 4372 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:48:47.0121 4372 gupdatem - ok
19:48:47.0166 4372 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:48:47.0170 4372 gusvc - ok
19:48:47.0209 4372 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
19:48:47.0211 4372 hamachi - ok
19:48:47.0617 4372 Hamachi2Svc (21d24138b736983f6e23823e092e9428) J:\Logiciel\LogMeIn Hamachi\hamachi-2.exe
19:48:47.0682 4372 Hamachi2Svc - ok
19:48:47.0960 4372 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:48:48.0009 4372 hcw85cir - ok
19:48:48.0047 4372 hcwD3bda (36460952d903e9159660b3e7945fc274) C:\Windows\system32\DRIVERS\hcwD3bda64.sys
19:48:48.0050 4372 hcwD3bda - ok
19:48:48.0925 4372 hcwD3bda_dvbt (1a6de1f4e48a80c281ddccaa56339ae1) C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe
19:48:48.0956 4372 hcwD3bda_dvbt - ok
19:48:49.0105 4372 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:48:49.0110 4372 HdAudAddService - ok
19:48:49.0140 4372 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:48:49.0143 4372 HDAudBus - ok
19:48:49.0165 4372 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
19:48:49.0166 4372 HECIx64 - ok
19:48:49.0187 4372 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:48:49.0189 4372 HidBatt - ok
19:48:49.0211 4372 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:48:49.0213 4372 HidBth - ok
19:48:49.0242 4372 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:48:49.0244 4372 HidIr - ok
19:48:49.0260 4372 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
19:48:49.0263 4372 hidserv - ok
19:48:49.0281 4372 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:48:49.0283 4372 HidUsb - ok
19:48:49.0307 4372 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:48:49.0310 4372 hkmsvc - ok
19:48:49.0347 4372 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:48:49.0351 4372 HomeGroupListener - ok
19:48:49.0380 4372 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:48:49.0384 4372 HomeGroupProvider - ok
19:48:49.0505 4372 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:48:49.0507 4372 HP Support Assistant Service - ok
19:48:49.0563 4372 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:48:49.0565 4372 HPDrvMntSvc.exe - ok
19:48:49.0616 4372 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
19:48:49.0627 4372 hpqwmiex - ok
19:48:49.0685 4372 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:48:49.0687 4372 HpSAMD - ok
19:48:49.0754 4372 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:48:49.0764 4372 HTTP - ok
19:48:49.0845 4372 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:48:49.0846 4372 hwpolicy - ok
19:48:49.0917 4372 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:48:49.0937 4372 i8042prt - ok
19:48:49.0986 4372 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
19:48:49.0991 4372 iaStor - ok
19:48:50.0054 4372 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:48:50.0055 4372 IAStorDataMgrSvc - ok
19:48:50.0120 4372 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:48:50.0141 4372 iaStorV - ok
19:48:50.0585 4372 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:48:50.0629 4372 idsvc - ok
19:48:50.0699 4372 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:48:50.0722 4372 iirsp - ok
19:48:50.0814 4372 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:48:50.0838 4372 IKEEXT - ok
19:48:50.0959 4372 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
19:48:50.0971 4372 IntcAzAudAddService - ok
19:48:51.0149 4372 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:48:51.0150 4372 intelide - ok
19:48:51.0172 4372 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:48:51.0173 4372 intelppm - ok
19:48:51.0196 4372 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:48:51.0198 4372 IPBusEnum - ok
19:48:51.0217 4372 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:48:51.0218 4372 IpFilterDriver - ok
19:48:51.0274 4372 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:48:51.0286 4372 iphlpsvc - ok
19:48:51.0314 4372 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:48:51.0316 4372 IPMIDRV - ok
19:48:51.0333 4372 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:48:51.0335 4372 IPNAT - ok
19:48:51.0439 4372 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
19:48:51.0443 4372 iPod Service - ok
19:48:51.0463 4372 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:48:51.0464 4372 IRENUM - ok
19:48:51.0475 4372 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:48:51.0476 4372 isapnp - ok
19:48:51.0501 4372 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:48:51.0516 4372 iScsiPrt - ok
19:48:51.0546 4372 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:48:51.0547 4372 kbdclass - ok
19:48:51.0557 4372 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:48:51.0558 4372 kbdhid - ok
19:48:51.0584 4372 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:48:51.0585 4372 KeyIso - ok
19:48:51.0633 4372 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
19:48:51.0634 4372 KSecDD - ok
19:48:51.0674 4372 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
19:48:51.0676 4372 KSecPkg - ok
19:48:51.0693 4372 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:48:51.0694 4372 ksthunk - ok
19:48:51.0727 4372 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:48:51.0731 4372 KtmRm - ok
19:48:51.0754 4372 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
19:48:51.0757 4372 LanmanServer - ok
19:48:51.0781 4372 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:48:51.0784 4372 LanmanWorkstation - ok
19:48:51.0833 4372 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:48:51.0834 4372 LightScribeService - ok
19:48:51.0856 4372 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:48:51.0857 4372 lltdio - ok
19:48:51.0884 4372 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:48:51.0888 4372 lltdsvc - ok
19:48:51.0900 4372 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:48:51.0901 4372 lmhosts - ok
19:48:51.0951 4372 LMS (e38775922d4a4c05b5d96733ab4ce169) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:48:51.0953 4372 LMS - ok
19:48:51.0981 4372 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:48:51.0984 4372 LSI_FC - ok
19:48:52.0000 4372 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:48:52.0001 4372 LSI_SAS - ok
19:48:52.0018 4372 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:48:52.0019 4372 LSI_SAS2 - ok
19:48:52.0039 4372 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:48:52.0040 4372 LSI_SCSI - ok
19:48:52.0063 4372 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:48:52.0064 4372 luafv - ok
19:48:52.0089 4372 LVPr2M64 (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:48:52.0090 4372 LVPr2M64 - ok
19:48:52.0093 4372 LVPr2Mon (b3944d06eb4b64d57bd7e5fe89415f58) C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:48:52.0093 4372 LVPr2Mon - ok
19:48:52.0125 4372 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys
19:48:52.0128 4372 LVRS64 - ok
19:48:52.0510 4372 lvsels64 (b0c0292b0c70e203cba44333c0e3d106) C:\Windows\system32\DRIVERS\lvsels64.sys
19:48:52.0535 4372 lvsels64 - ok
19:48:53.0115 4372 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys
19:48:53.0138 4372 LVUVC64 - ok
19:48:53.0274 4372 lxecCATSCustConnectService (1f02b554ddc4086d786537a3bf6488f1) C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe
19:48:53.0275 4372 lxecCATSCustConnectService - ok
19:48:53.0278 4372 lxec_device - ok
19:48:53.0469 4372 maconfservice (af2fa11e43f0f208d11ff3b2b67ce885) C:\Program Files\ma-config.com\x64\maconfservice.exe
19:48:53.0479 4372 maconfservice - ok
19:48:53.0551 4372 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
19:48:53.0552 4372 MBAMProtector - ok
19:48:53.0746 4372 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:48:53.0756 4372 MBAMService - ok
19:48:53.0787 4372 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:48:53.0791 4372 Mcx2Svc - ok
19:48:53.0824 4372 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:48:53.0826 4372 megasas - ok
19:48:53.0859 4372 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:48:53.0870 4372 MegaSR - ok
19:48:53.0906 4372 Microsoft SharePoint Workspace Audit Service - ok
19:48:53.0931 4372 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:48:53.0934 4372 MMCSS - ok
19:48:53.0950 4372 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:48:53.0952 4372 Modem - ok
19:48:53.0987 4372 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:48:53.0988 4372 monitor - ok
19:48:54.0021 4372 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:48:54.0023 4372 mouclass - ok
19:48:54.0047 4372 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:48:54.0049 4372 mouhid - ok
19:48:54.0080 4372 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:48:54.0081 4372 mountmgr - ok
19:48:54.0134 4372 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:48:54.0137 4372 MozillaMaintenance - ok
19:48:54.0171 4372 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:48:54.0174 4372 mpio - ok
19:48:54.0199 4372 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:48:54.0201 4372 mpsdrv - ok
19:48:54.0282 4372 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:48:54.0303 4372 MpsSvc - ok
19:48:54.0337 4372 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:48:54.0341 4372 MRxDAV - ok
19:48:54.0378 4372 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:48:54.0381 4372 mrxsmb - ok
19:48:54.0422 4372 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:48:54.0432 4372 mrxsmb10 - ok
19:48:54.0473 4372 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:48:54.0475 4372 mrxsmb20 - ok
19:48:54.0485 4372 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:48:54.0487 4372 msahci - ok
19:48:54.0514 4372 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:48:54.0517 4372 msdsm - ok
19:48:54.0543 4372 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:48:54.0547 4372 MSDTC - ok
19:48:54.0582 4372 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:48:54.0583 4372 Msfs - ok
19:48:54.0593 4372 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:48:54.0595 4372 mshidkmdf - ok
19:48:54.0601 4372 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:48:54.0602 4372 msisadrv - ok
19:48:54.0639 4372 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:48:54.0643 4372 MSiSCSI - ok
19:48:54.0647 4372 msiserver - ok
19:48:54.0665 4372 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:48:54.0666 4372 MSKSSRV - ok
19:48:54.0685 4372 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:48:54.0687 4372 MSPCLOCK - ok
19:48:54.0692 4372 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:48:54.0694 4372 MSPQM - ok
19:48:54.0728 4372 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:48:54.0752 4372 MsRPC - ok
19:48:54.0771 4372 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:48:54.0772 4372 mssmbios - ok
19:48:54.0785 4372 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:48:54.0787 4372 MSTEE - ok
19:48:54.0801 4372 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:48:54.0803 4372 MTConfig - ok
19:48:54.0822 4372 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:48:54.0824 4372 Mup - ok
19:48:54.0864 4372 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:48:54.0876 4372 napagent - ok
19:48:54.0927 4372 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:48:54.0936 4372 NativeWifiP - ok
19:48:54.0999 4372 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:48:55.0013 4372 NDIS - ok
19:48:55.0027 4372 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:48:55.0029 4372 NdisCap - ok
19:48:55.0050 4372 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:48:55.0052 4372 NdisTapi - ok
19:48:55.0083 4372 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:48:55.0084 4372 Ndisuio - ok
19:48:55.0122 4372 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:48:55.0125 4372 NdisWan - ok
19:48:55.0149 4372 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:48:55.0151 4372 NDProxy - ok
19:48:55.0164 4372 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:48:55.0166 4372 NetBIOS - ok
19:48:55.0195 4372 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
23 juil. 2012 à 20:05
23 juil. 2012 à 20:05
19:48:55.0198 4372 NetBT - ok
19:48:55.0235 4372 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:48:55.0237 4372 Netlogon - ok
19:48:55.0287 4372 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:48:55.0303 4372 Netman - ok
19:48:55.0411 4372 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:55.0415 4372 NetMsmqActivator - ok
19:48:55.0420 4372 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:55.0421 4372 NetPipeActivator - ok
19:48:55.0462 4372 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:48:55.0483 4372 netprofm - ok
19:48:55.0559 4372 netr28x (064ab63c9a588d2611306ae16d017e7e) C:\Windows\system32\DRIVERS\netr28x.sys
19:48:55.0567 4372 netr28x - ok
19:48:55.0580 4372 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:55.0582 4372 NetTcpActivator - ok
19:48:55.0586 4372 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:55.0588 4372 NetTcpPortSharing - ok
19:48:55.0620 4372 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:48:55.0622 4372 nfrd960 - ok
19:48:55.0656 4372 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:48:55.0675 4372 NlaSvc - ok
19:48:55.0709 4372 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys
19:48:55.0710 4372 nmwcd - ok
19:48:55.0736 4372 nmwcdc (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys
19:48:55.0737 4372 nmwcdc - ok
19:48:55.0891 4372 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
19:48:55.0935 4372 NOBU - ok
19:48:56.0035 4372 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:48:56.0038 4372 Npfs - ok
19:48:56.0058 4372 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:48:56.0061 4372 nsi - ok
19:48:56.0075 4372 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:48:56.0076 4372 nsiproxy - ok
19:48:56.0195 4372 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:48:56.0221 4372 Ntfs - ok
19:48:56.0258 4372 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:48:56.0259 4372 Null - ok
19:48:56.0302 4372 NVHDA (dd743dc997f26eddfdcebe7146b458b8) C:\Windows\system32\drivers\nvhda64v.sys
19:48:56.0305 4372 NVHDA - ok
19:48:57.0233 4372 nvlddmkm (c013e857695d231e9e02088e4cd0982b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:48:57.0291 4372 nvlddmkm - ok
19:48:57.0425 4372 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:48:57.0429 4372 nvraid - ok
19:48:57.0467 4372 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:48:57.0471 4372 nvstor - ok
19:48:57.0539 4372 nvsvc (39f24315f99cdb2c9997140f31d44d08) C:\Windows\system32\nvvsvc.exe
19:48:57.0552 4372 nvsvc - ok
19:48:57.0784 4372 nvUpdatusService (f3537a1dbffdb81b169c482b7030c6ca) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:48:57.0817 4372 nvUpdatusService - ok
19:48:57.0888 4372 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:48:57.0891 4372 nv_agp - ok
19:48:57.0921 4372 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:48:57.0924 4372 ohci1394 - ok
19:48:58.0052 4372 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:48:58.0070 4372 ose64 - ok
19:48:58.0459 4372 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:48:58.0518 4372 osppsvc - ok
19:48:58.0573 4372 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:48:58.0577 4372 p2pimsvc - ok
19:48:58.0662 4372 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:48:58.0685 4372 p2psvc - ok
19:48:58.0739 4372 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:48:58.0797 4372 Parport - ok
19:48:58.0831 4372 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:48:58.0833 4372 partmgr - ok
19:48:58.0865 4372 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:48:58.0870 4372 PcaSvc - ok
19:48:58.0901 4372 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
19:48:58.0903 4372 pccsmcfd - ok
19:48:58.0936 4372 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:48:58.0940 4372 pci - ok
19:48:58.0962 4372 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:48:58.0964 4372 pciide - ok
19:48:58.0991 4372 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:48:58.0995 4372 pcmcia - ok
19:48:59.0026 4372 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:48:59.0028 4372 pcw - ok
19:48:59.0057 4372 pdfcDispatcher - ok
19:48:59.0105 4372 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:48:59.0121 4372 PEAUTH - ok
19:48:59.0209 4372 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:48:59.0212 4372 PerfHost - ok
19:48:59.0386 4372 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:48:59.0449 4372 pla - ok
19:48:59.0519 4372 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:48:59.0533 4372 PlugPlay - ok
19:48:59.0552 4372 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:48:59.0555 4372 PNRPAutoReg - ok
19:48:59.0603 4372 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:48:59.0608 4372 PNRPsvc - ok
19:48:59.0687 4372 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:48:59.0696 4372 PolicyAgent - ok
19:48:59.0722 4372 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:48:59.0725 4372 Power - ok
19:48:59.0767 4372 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:48:59.0768 4372 PptpMiniport - ok
19:48:59.0788 4372 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:48:59.0790 4372 Processor - ok
19:48:59.0851 4372 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:48:59.0866 4372 ProfSvc - ok
19:48:59.0910 4372 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:48:59.0912 4372 ProtectedStorage - ok
19:48:59.0939 4372 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:48:59.0942 4372 Psched - ok
19:49:00.0044 4372 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:49:00.0097 4372 ql2300 - ok
19:49:00.0202 4372 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:49:00.0204 4372 ql40xx - ok
19:49:00.0238 4372 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:49:00.0242 4372 QWAVE - ok
19:49:00.0253 4372 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:49:00.0255 4372 QWAVEdrv - ok
19:49:00.0274 4372 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:49:00.0276 4372 RasAcd - ok
19:49:00.0296 4372 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:49:00.0298 4372 RasAgileVpn - ok
19:49:00.0313 4372 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:49:00.0317 4372 RasAuto - ok
19:49:00.0335 4372 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:49:00.0337 4372 Rasl2tp - ok
19:49:00.0367 4372 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:49:00.0373 4372 RasMan - ok
19:49:00.0407 4372 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:49:00.0409 4372 RasPppoe - ok
19:49:00.0424 4372 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:49:00.0426 4372 RasSstp - ok
19:49:00.0459 4372 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:49:00.0477 4372 rdbss - ok
19:49:00.0490 4372 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:49:00.0491 4372 rdpbus - ok
19:49:00.0503 4372 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:49:00.0504 4372 RDPCDD - ok
19:49:00.0526 4372 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:49:00.0527 4372 RDPENCDD - ok
19:49:00.0539 4372 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:49:00.0540 4372 RDPREFMP - ok
19:49:00.0570 4372 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:49:00.0574 4372 RDPWD - ok
19:49:00.0609 4372 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:49:00.0612 4372 rdyboost - ok
19:49:00.0645 4372 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:49:00.0649 4372 RemoteAccess - ok
19:49:00.0667 4372 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:49:00.0672 4372 RemoteRegistry - ok
19:49:00.0682 4372 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:49:00.0685 4372 RpcEptMapper - ok
19:49:00.0705 4372 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:49:00.0707 4372 RpcLocator - ok
19:49:00.0751 4372 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:49:00.0757 4372 RpcSs - ok
19:49:00.0784 4372 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:49:00.0785 4372 rspndr - ok
19:49:00.0831 4372 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:49:00.0848 4372 RTL8167 - ok
19:49:00.0977 4372 SafeBox (2dca3c6faad8cd097c2261b3bd06a5ea) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
19:49:00.0980 4372 SafeBox - ok
19:49:01.0017 4372 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:49:01.0019 4372 SamSs - ok
19:49:01.0055 4372 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:49:01.0075 4372 sbp2port - ok
19:49:01.0104 4372 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:49:01.0108 4372 SCardSvr - ok
19:49:01.0127 4372 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:49:01.0128 4372 scfilter - ok
19:49:01.0207 4372 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:49:01.0227 4372 Schedule - ok
19:49:01.0255 4372 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:49:01.0256 4372 SCPolicySvc - ok
19:49:01.0288 4372 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:49:01.0292 4372 SDRSVC - ok
19:49:01.0328 4372 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:49:01.0329 4372 secdrv - ok
19:49:01.0360 4372 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:49:01.0363 4372 seclogon - ok
19:49:01.0376 4372 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
19:49:01.0379 4372 SENS - ok
19:49:01.0384 4372 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:49:01.0387 4372 SensrSvc - ok
19:49:01.0403 4372 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:49:01.0405 4372 Serenum - ok
19:49:01.0423 4372 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:49:01.0425 4372 Serial - ok
19:49:01.0468 4372 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:49:01.0470 4372 sermouse - ok
19:49:01.0573 4372 ServiceLayer (668043f192ab9659761a349a4703600d) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
19:49:01.0582 4372 ServiceLayer - ok
19:49:01.0617 4372 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:49:01.0621 4372 SessionEnv - ok
19:49:01.0634 4372 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:49:01.0636 4372 sffdisk - ok
19:49:01.0640 4372 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:49:01.0641 4372 sffp_mmc - ok
19:49:01.0652 4372 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:49:01.0654 4372 sffp_sd - ok
19:49:01.0678 4372 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:49:01.0680 4372 sfloppy - ok
19:49:01.0728 4372 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:49:01.0736 4372 SharedAccess - ok
19:49:01.0758 4372 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:49:01.0765 4372 ShellHWDetection - ok
19:49:01.0784 4372 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:49:01.0785 4372 SiSRaid2 - ok
19:49:01.0809 4372 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:49:01.0811 4372 SiSRaid4 - ok
19:49:01.0874 4372 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:49:01.0876 4372 SkypeUpdate - ok
19:49:01.0893 4372 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:49:01.0895 4372 Smb - ok
19:49:01.0907 4372 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:49:01.0910 4372 SNMPTRAP - ok
19:49:02.0028 4372 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
19:49:02.0032 4372 Sony PC Companion - ok
19:49:02.0058 4372 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:49:02.0060 4372 spldr - ok
19:49:02.0104 4372 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:49:02.0110 4372 Spooler - ok
19:49:02.0333 4372 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:49:02.0392 4372 sppsvc - ok
19:49:02.0453 4372 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:49:02.0457 4372 sppuinotify - ok
19:49:02.0533 4372 sptd (a6cff1af7664627a296b6a0a96cf876e) C:\Windows\System32\Drivers\sptd.sys
19:49:02.0533 4372 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: a6cff1af7664627a296b6a0a96cf876e
19:49:02.0534 4372 sptd ( LockedFile.Multi.Generic ) - warning
19:49:02.0534 4372 sptd - detected LockedFile.Multi.Generic (1)
19:49:02.0594 4372 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:49:02.0599 4372 srv - ok
19:49:02.0665 4372 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:49:02.0678 4372 srv2 - ok
19:49:02.0693 4372 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:49:02.0695 4372 srvnet - ok
19:49:02.0727 4372 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
19:49:02.0729 4372 ssadbus - ok
19:49:02.0757 4372 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
19:49:02.0758 4372 ssadmdfl - ok
19:49:02.0795 4372 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
19:49:02.0799 4372 ssadmdm - ok
19:49:02.0830 4372 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys
19:49:02.0833 4372 ssadserd - ok
19:49:02.0876 4372 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:49:02.0881 4372 SSDPSRV - ok
19:49:02.0898 4372 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:49:02.0902 4372 SstpSvc - ok
19:49:02.0946 4372 ssudmdm (855335bf5792e56164f98c012e3d92dd) C:\Windows\system32\DRIVERS\ssudmdm.sys
19:49:02.0949 4372 ssudmdm - ok
19:49:02.0966 4372 StarOpen - ok
19:49:03.0087 4372 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
19:49:03.0093 4372 StarWindServiceAE - ok
19:49:03.0124 4372 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:49:03.0125 4372 stexstor - ok
19:49:03.0179 4372 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:49:03.0196 4372 stisvc - ok
19:49:03.0216 4372 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:49:03.0217 4372 swenum - ok
19:49:03.0361 4372 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:49:03.0369 4372 SwitchBoard - ok
19:49:03.0406 4372 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:49:03.0418 4372 swprv - ok
19:49:03.0521 4372 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:49:03.0557 4372 SysMain - ok
19:49:03.0638 4372 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:49:03.0643 4372 TabletInputService - ok
19:49:03.0671 4372 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:49:03.0680 4372 TapiSrv - ok
19:49:03.0692 4372 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:49:03.0695 4372 TBS - ok
19:49:03.0822 4372 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:49:03.0859 4372 Tcpip - ok
19:49:04.0007 4372 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:49:04.0023 4372 TCPIP6 - ok
19:49:04.0069 4372 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:49:04.0071 4372 tcpipreg - ok
19:49:04.0099 4372 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:49:04.0100 4372 TDPIPE - ok
19:49:04.0132 4372 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:49:04.0133 4372 TDTCP - ok
19:49:04.0156 4372 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:49:04.0158 4372 tdx - ok
19:49:04.0169 4372 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:49:04.0170 4372 TermDD - ok
19:49:04.0222 4372 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:49:04.0231 4372 TermService - ok
19:49:04.0249 4372 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:49:04.0252 4372 Themes - ok
19:49:04.0271 4372 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:49:04.0272 4372 THREADORDER - ok
19:49:04.0328 4372 TIEHDUSB (199c2e87d9a5ec58d0bcd94e893bf629) C:\Windows\system32\DRIVERS\tiehdusb.sys
19:49:04.0331 4372 TIEHDUSB - ok
19:49:04.0354 4372 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:49:04.0358 4372 TrkWks - ok
19:49:04.0408 4372 trufos (df219721ddffcbe03aa894b6b6742ba1) C:\Windows\system32\DRIVERS\trufos.sys
19:49:04.0417 4372 trufos - ok
19:49:04.0474 4372 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:49:04.0477 4372 TrustedInstaller - ok
19:49:04.0502 4372 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:49:04.0504 4372 tssecsrv - ok
19:49:04.0542 4372 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:49:04.0544 4372 TsUsbFlt - ok
19:49:04.0587 4372 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:49:04.0590 4372 tunnel - ok
19:49:04.0607 4372 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:49:04.0608 4372 uagp35 - ok
19:49:04.0640 4372 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:49:04.0649 4372 udfs - ok
19:49:04.0667 4372 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:49:04.0670 4372 UI0Detect - ok
19:49:04.0687 4372 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:49:04.0689 4372 uliagpkx - ok
19:49:04.0713 4372 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:49:04.0715 4372 umbus - ok
19:49:04.0735 4372 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:49:04.0737 4372 UmPass - ok
19:49:04.0807 4372 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:49:04.0820 4372 UMVPFSrv - ok
19:49:04.0990 4372 UNS (02c298382359653bec4c737c2ab7f9c5) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:49:05.0009 4372 UNS - ok
19:49:05.0162 4372 Update Server (7de3f30967cf77bd1fc440c2b847629a) C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
19:49:05.0174 4372 Update Server - ok
19:49:05.0244 4372 UPDATESRV (ddc49896dc045aadc1988d0d0330811a) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
19:49:05.0246 4372 UPDATESRV - ok
19:49:05.0352 4372 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:49:05.0360 4372 upnphost - ok
19:49:05.0409 4372 upperdev (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
19:49:05.0411 4372 upperdev - ok
19:49:05.0477 4372 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:49:05.0479 4372 USBAAPL64 - ok
19:49:05.0508 4372 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:49:05.0511 4372 usbaudio - ok
19:49:05.0550 4372 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:49:05.0553 4372 usbccgp - ok
19:49:05.0572 4372 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:49:05.0574 4372 usbcir - ok
19:49:05.0603 4372 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:49:05.0604 4372 usbehci - ok
19:49:05.0659 4372 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:49:05.0676 4372 usbhub - ok
19:49:05.0712 4372 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:49:05.0714 4372 usbohci - ok
19:49:05.0739 4372 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:49:05.0741 4372 usbprint - ok
19:49:05.0771 4372 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:49:05.0773 4372 usbscan - ok
19:49:05.0804 4372 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
19:49:05.0806 4372 usbser - ok
19:49:05.0822 4372 UsbserFilt (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
19:49:05.0824 4372 UsbserFilt - ok
19:49:05.0864 4372 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:49:05.0867 4372 USBSTOR - ok
19:49:05.0879 4372 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:49:05.0881 4372 usbuhci - ok
19:49:05.0922 4372 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:49:05.0925 4372 usbvideo - ok
19:49:05.0936 4372 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:49:05.0940 4372 UxSms - ok
19:49:05.0968 4372 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:49:05.0970 4372 VaultSvc - ok
19:49:05.0993 4372 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:49:05.0995 4372 vdrvroot - ok
19:49:06.0048 4372 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:49:06.0073 4372 vds - ok
19:49:06.0092 4372 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:49:06.0094 4372 vga - ok
19:49:06.0114 4372 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:49:06.0116 4372 VgaSave - ok
19:49:06.0148 4372 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:49:06.0152 4372 vhdmp - ok
19:49:06.0173 4372 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:49:06.0175 4372 viaide - ok
19:49:06.0196 4372 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:49:06.0198 4372 volmgr - ok
19:49:06.0240 4372 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:49:06.0245 4372 volmgrx - ok
19:49:06.0273 4372 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:49:06.0283 4372 volsnap - ok
19:49:06.0318 4372 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:49:06.0322 4372 vsmraid - ok
19:49:06.0461 4372 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:49:06.0489 4372 VSS - ok
19:49:06.0628 4372 VSSERV - ok
19:49:06.0711 4372 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:49:06.0712 4372 vwifibus - ok
19:49:06.0747 4372 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:49:06.0749 4372 vwififlt - ok
19:49:06.0777 4372 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:49:06.0779 4372 vwifimp - ok
19:49:06.0827 4372 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:49:06.0842 4372 W32Time - ok
19:49:06.0859 4372 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:49:06.0861 4372 WacomPen - ok
19:49:06.0890 4372 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:49:06.0892 4372 WANARP - ok
19:49:06.0896 4372 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:49:06.0898 4372 Wanarpv6 - ok
19:49:06.0980 4372 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:49:06.0996 4372 WatAdminSvc - ok
19:49:07.0164 4372 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:49:07.0195 4372 wbengine - ok
19:49:07.0255 4372 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:49:07.0259 4372 WbioSrvc - ok
19:49:07.0293 4372 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:49:07.0300 4372 wcncsvc - ok
19:49:07.0314 4372 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:49:07.0317 4372 WcsPlugInService - ok
19:49:07.0331 4372 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:49:07.0333 4372 Wd - ok
19:49:07.0379 4372 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:49:07.0387 4372 Wdf01000 - ok
19:49:07.0407 4372 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:49:07.0410 4372 WdiServiceHost - ok
19:49:07.0412 4372 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:49:07.0415 4372 WdiSystemHost - ok
19:49:07.0451 4372 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:49:07.0456 4372 WebClient - ok
19:49:07.0475 4372 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:49:07.0480 4372 Wecsvc - ok
19:49:07.0492 4372 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:49:07.0496 4372 wercplsupport - ok
19:49:07.0528 4372 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:49:07.0531 4372 WerSvc - ok
19:49:07.0544 4372 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:49:07.0545 4372 WfpLwf - ok
19:49:07.0556 4372 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:49:07.0558 4372 WIMMount - ok
19:49:07.0598 4372 WinDefend - ok
19:49:07.0604 4372 WinHttpAutoProxySvc - ok
19:49:07.0658 4372 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:49:07.0662 4372 Winmgmt - ok
19:49:07.0766 4372 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:49:07.0807 4372 WinRM - ok
19:49:07.0913 4372 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:49:07.0915 4372 WinUsb - ok
19:49:07.0990 4372 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:49:08.0003 4372 Wlansvc - ok
19:49:08.0198 4372 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:49:08.0221 4372 wlidsvc - ok
19:49:08.0271 4372 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:49:08.0272 4372 WmiAcpi - ok
19:49:08.0305 4372 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:49:08.0308 4372 wmiApSrv - ok
19:49:08.0331 4372 WMPNetworkSvc - ok
19:49:08.0355 4372 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:49:08.0359 4372 WPCSvc - ok
19:49:08.0382 4372 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:49:08.0386 4372 WPDBusEnum - ok
19:49:08.0403 4372 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:49:08.0404 4372 ws2ifsl - ok
19:49:08.0431 4372 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
19:49:08.0434 4372 wscsvc - ok
19:49:08.0438 4372 WSearch - ok
19:49:08.0586 4372 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:49:08.0626 4372 wuauserv - ok
19:49:08.0699 4372 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:49:08.0702 4372 WudfPf - ok
19:49:08.0720 4372 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:49:08.0724 4372 WUDFRd - ok
19:49:08.0754 4372 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:49:08.0758 4372 wudfsvc - ok
19:49:08.0785 4372 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:49:08.0790 4372 WwanSvc - ok
19:49:08.0844 4372 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
19:49:08.0846 4372 xusb21 - ok
19:49:08.0935 4372 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:49:08.0943 4372 YahooAUService - ok
19:49:08.0967 4372 MBR (0x1B8) (9730d1a050b7c5b9fb8a6b28c910470e) \Device\Harddisk0\DR0
19:49:09.0148 4372 \Device\Harddisk0\DR0 - ok
19:49:09.0152 4372 Boot (0x1200) (e9c9e8bbcb2dc1aee42c89d8833f011e) \Device\Harddisk0\DR0\Partition0
19:49:09.0154 4372 \Device\Harddisk0\DR0\Partition0 - ok
19:49:09.0162 4372 Boot (0x1200) (7bfac6aa00329521e746e77aafe25913) \Device\Harddisk0\DR0\Partition1
19:49:09.0164 4372 \Device\Harddisk0\DR0\Partition1 - ok
19:49:09.0189 4372 Boot (0x1200) (7b2cc86b981edcf4243cd6e378fc65e6) \Device\Harddisk0\DR0\Partition2
19:49:09.0191 4372 \Device\Harddisk0\DR0\Partition2 - ok
19:49:09.0209 4372 Boot (0x1200) (f9a73ebafb48a04b858cf996417c2390) \Device\Harddisk0\DR0\Partition3
19:49:09.0211 4372 \Device\Harddisk0\DR0\Partition3 - ok
19:49:09.0228 4372 Boot (0x1200) (ff5b1f1de1a05dd664dc9c150a7c7acb) \Device\Harddisk0\DR0\Partition4
19:49:09.0230 4372 \Device\Harddisk0\DR0\Partition4 - ok
19:49:09.0231 4372 ============================================================
19:49:09.0231 4372 Scan finished
19:49:09.0231 4372 ============================================================
19:49:09.0241 4832 Detected object count: 1
19:49:09.0241 4832 Actual detected object count: 1
19:51:16.0363 4832 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:51:16.0363 4832 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:52:49.0825 5348 Deinitialize success
19:48:55.0235 4372 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:48:55.0237 4372 Netlogon - ok
19:48:55.0287 4372 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:48:55.0303 4372 Netman - ok
19:48:55.0411 4372 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:55.0415 4372 NetMsmqActivator - ok
19:48:55.0420 4372 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:55.0421 4372 NetPipeActivator - ok
19:48:55.0462 4372 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:48:55.0483 4372 netprofm - ok
19:48:55.0559 4372 netr28x (064ab63c9a588d2611306ae16d017e7e) C:\Windows\system32\DRIVERS\netr28x.sys
19:48:55.0567 4372 netr28x - ok
19:48:55.0580 4372 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:55.0582 4372 NetTcpActivator - ok
19:48:55.0586 4372 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:48:55.0588 4372 NetTcpPortSharing - ok
19:48:55.0620 4372 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:48:55.0622 4372 nfrd960 - ok
19:48:55.0656 4372 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:48:55.0675 4372 NlaSvc - ok
19:48:55.0709 4372 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys
19:48:55.0710 4372 nmwcd - ok
19:48:55.0736 4372 nmwcdc (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys
19:48:55.0737 4372 nmwcdc - ok
19:48:55.0891 4372 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
19:48:55.0935 4372 NOBU - ok
19:48:56.0035 4372 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:48:56.0038 4372 Npfs - ok
19:48:56.0058 4372 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:48:56.0061 4372 nsi - ok
19:48:56.0075 4372 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:48:56.0076 4372 nsiproxy - ok
19:48:56.0195 4372 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:48:56.0221 4372 Ntfs - ok
19:48:56.0258 4372 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:48:56.0259 4372 Null - ok
19:48:56.0302 4372 NVHDA (dd743dc997f26eddfdcebe7146b458b8) C:\Windows\system32\drivers\nvhda64v.sys
19:48:56.0305 4372 NVHDA - ok
19:48:57.0233 4372 nvlddmkm (c013e857695d231e9e02088e4cd0982b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:48:57.0291 4372 nvlddmkm - ok
19:48:57.0425 4372 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:48:57.0429 4372 nvraid - ok
19:48:57.0467 4372 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:48:57.0471 4372 nvstor - ok
19:48:57.0539 4372 nvsvc (39f24315f99cdb2c9997140f31d44d08) C:\Windows\system32\nvvsvc.exe
19:48:57.0552 4372 nvsvc - ok
19:48:57.0784 4372 nvUpdatusService (f3537a1dbffdb81b169c482b7030c6ca) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:48:57.0817 4372 nvUpdatusService - ok
19:48:57.0888 4372 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:48:57.0891 4372 nv_agp - ok
19:48:57.0921 4372 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:48:57.0924 4372 ohci1394 - ok
19:48:58.0052 4372 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:48:58.0070 4372 ose64 - ok
19:48:58.0459 4372 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:48:58.0518 4372 osppsvc - ok
19:48:58.0573 4372 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:48:58.0577 4372 p2pimsvc - ok
19:48:58.0662 4372 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:48:58.0685 4372 p2psvc - ok
19:48:58.0739 4372 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:48:58.0797 4372 Parport - ok
19:48:58.0831 4372 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:48:58.0833 4372 partmgr - ok
19:48:58.0865 4372 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:48:58.0870 4372 PcaSvc - ok
19:48:58.0901 4372 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
19:48:58.0903 4372 pccsmcfd - ok
19:48:58.0936 4372 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:48:58.0940 4372 pci - ok
19:48:58.0962 4372 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:48:58.0964 4372 pciide - ok
19:48:58.0991 4372 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:48:58.0995 4372 pcmcia - ok
19:48:59.0026 4372 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:48:59.0028 4372 pcw - ok
19:48:59.0057 4372 pdfcDispatcher - ok
19:48:59.0105 4372 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:48:59.0121 4372 PEAUTH - ok
19:48:59.0209 4372 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:48:59.0212 4372 PerfHost - ok
19:48:59.0386 4372 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:48:59.0449 4372 pla - ok
19:48:59.0519 4372 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:48:59.0533 4372 PlugPlay - ok
19:48:59.0552 4372 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:48:59.0555 4372 PNRPAutoReg - ok
19:48:59.0603 4372 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:48:59.0608 4372 PNRPsvc - ok
19:48:59.0687 4372 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:48:59.0696 4372 PolicyAgent - ok
19:48:59.0722 4372 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:48:59.0725 4372 Power - ok
19:48:59.0767 4372 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:48:59.0768 4372 PptpMiniport - ok
19:48:59.0788 4372 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:48:59.0790 4372 Processor - ok
19:48:59.0851 4372 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:48:59.0866 4372 ProfSvc - ok
19:48:59.0910 4372 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:48:59.0912 4372 ProtectedStorage - ok
19:48:59.0939 4372 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:48:59.0942 4372 Psched - ok
19:49:00.0044 4372 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:49:00.0097 4372 ql2300 - ok
19:49:00.0202 4372 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:49:00.0204 4372 ql40xx - ok
19:49:00.0238 4372 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:49:00.0242 4372 QWAVE - ok
19:49:00.0253 4372 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:49:00.0255 4372 QWAVEdrv - ok
19:49:00.0274 4372 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:49:00.0276 4372 RasAcd - ok
19:49:00.0296 4372 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:49:00.0298 4372 RasAgileVpn - ok
19:49:00.0313 4372 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:49:00.0317 4372 RasAuto - ok
19:49:00.0335 4372 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:49:00.0337 4372 Rasl2tp - ok
19:49:00.0367 4372 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:49:00.0373 4372 RasMan - ok
19:49:00.0407 4372 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:49:00.0409 4372 RasPppoe - ok
19:49:00.0424 4372 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:49:00.0426 4372 RasSstp - ok
19:49:00.0459 4372 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:49:00.0477 4372 rdbss - ok
19:49:00.0490 4372 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:49:00.0491 4372 rdpbus - ok
19:49:00.0503 4372 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:49:00.0504 4372 RDPCDD - ok
19:49:00.0526 4372 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:49:00.0527 4372 RDPENCDD - ok
19:49:00.0539 4372 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:49:00.0540 4372 RDPREFMP - ok
19:49:00.0570 4372 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:49:00.0574 4372 RDPWD - ok
19:49:00.0609 4372 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:49:00.0612 4372 rdyboost - ok
19:49:00.0645 4372 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:49:00.0649 4372 RemoteAccess - ok
19:49:00.0667 4372 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:49:00.0672 4372 RemoteRegistry - ok
19:49:00.0682 4372 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:49:00.0685 4372 RpcEptMapper - ok
19:49:00.0705 4372 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:49:00.0707 4372 RpcLocator - ok
19:49:00.0751 4372 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:49:00.0757 4372 RpcSs - ok
19:49:00.0784 4372 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:49:00.0785 4372 rspndr - ok
19:49:00.0831 4372 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:49:00.0848 4372 RTL8167 - ok
19:49:00.0977 4372 SafeBox (2dca3c6faad8cd097c2261b3bd06a5ea) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
19:49:00.0980 4372 SafeBox - ok
19:49:01.0017 4372 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:49:01.0019 4372 SamSs - ok
19:49:01.0055 4372 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:49:01.0075 4372 sbp2port - ok
19:49:01.0104 4372 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:49:01.0108 4372 SCardSvr - ok
19:49:01.0127 4372 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:49:01.0128 4372 scfilter - ok
19:49:01.0207 4372 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:49:01.0227 4372 Schedule - ok
19:49:01.0255 4372 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:49:01.0256 4372 SCPolicySvc - ok
19:49:01.0288 4372 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:49:01.0292 4372 SDRSVC - ok
19:49:01.0328 4372 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:49:01.0329 4372 secdrv - ok
19:49:01.0360 4372 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:49:01.0363 4372 seclogon - ok
19:49:01.0376 4372 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
19:49:01.0379 4372 SENS - ok
19:49:01.0384 4372 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:49:01.0387 4372 SensrSvc - ok
19:49:01.0403 4372 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:49:01.0405 4372 Serenum - ok
19:49:01.0423 4372 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:49:01.0425 4372 Serial - ok
19:49:01.0468 4372 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:49:01.0470 4372 sermouse - ok
19:49:01.0573 4372 ServiceLayer (668043f192ab9659761a349a4703600d) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
19:49:01.0582 4372 ServiceLayer - ok
19:49:01.0617 4372 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:49:01.0621 4372 SessionEnv - ok
19:49:01.0634 4372 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:49:01.0636 4372 sffdisk - ok
19:49:01.0640 4372 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:49:01.0641 4372 sffp_mmc - ok
19:49:01.0652 4372 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:49:01.0654 4372 sffp_sd - ok
19:49:01.0678 4372 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:49:01.0680 4372 sfloppy - ok
19:49:01.0728 4372 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:49:01.0736 4372 SharedAccess - ok
19:49:01.0758 4372 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:49:01.0765 4372 ShellHWDetection - ok
19:49:01.0784 4372 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:49:01.0785 4372 SiSRaid2 - ok
19:49:01.0809 4372 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:49:01.0811 4372 SiSRaid4 - ok
19:49:01.0874 4372 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:49:01.0876 4372 SkypeUpdate - ok
19:49:01.0893 4372 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:49:01.0895 4372 Smb - ok
19:49:01.0907 4372 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:49:01.0910 4372 SNMPTRAP - ok
19:49:02.0028 4372 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
19:49:02.0032 4372 Sony PC Companion - ok
19:49:02.0058 4372 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:49:02.0060 4372 spldr - ok
19:49:02.0104 4372 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:49:02.0110 4372 Spooler - ok
19:49:02.0333 4372 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:49:02.0392 4372 sppsvc - ok
19:49:02.0453 4372 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:49:02.0457 4372 sppuinotify - ok
19:49:02.0533 4372 sptd (a6cff1af7664627a296b6a0a96cf876e) C:\Windows\System32\Drivers\sptd.sys
19:49:02.0533 4372 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: a6cff1af7664627a296b6a0a96cf876e
19:49:02.0534 4372 sptd ( LockedFile.Multi.Generic ) - warning
19:49:02.0534 4372 sptd - detected LockedFile.Multi.Generic (1)
19:49:02.0594 4372 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:49:02.0599 4372 srv - ok
19:49:02.0665 4372 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:49:02.0678 4372 srv2 - ok
19:49:02.0693 4372 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:49:02.0695 4372 srvnet - ok
19:49:02.0727 4372 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
19:49:02.0729 4372 ssadbus - ok
19:49:02.0757 4372 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
19:49:02.0758 4372 ssadmdfl - ok
19:49:02.0795 4372 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
19:49:02.0799 4372 ssadmdm - ok
19:49:02.0830 4372 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys
19:49:02.0833 4372 ssadserd - ok
19:49:02.0876 4372 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:49:02.0881 4372 SSDPSRV - ok
19:49:02.0898 4372 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:49:02.0902 4372 SstpSvc - ok
19:49:02.0946 4372 ssudmdm (855335bf5792e56164f98c012e3d92dd) C:\Windows\system32\DRIVERS\ssudmdm.sys
19:49:02.0949 4372 ssudmdm - ok
19:49:02.0966 4372 StarOpen - ok
19:49:03.0087 4372 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
19:49:03.0093 4372 StarWindServiceAE - ok
19:49:03.0124 4372 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:49:03.0125 4372 stexstor - ok
19:49:03.0179 4372 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:49:03.0196 4372 stisvc - ok
19:49:03.0216 4372 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:49:03.0217 4372 swenum - ok
19:49:03.0361 4372 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:49:03.0369 4372 SwitchBoard - ok
19:49:03.0406 4372 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:49:03.0418 4372 swprv - ok
19:49:03.0521 4372 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:49:03.0557 4372 SysMain - ok
19:49:03.0638 4372 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:49:03.0643 4372 TabletInputService - ok
19:49:03.0671 4372 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:49:03.0680 4372 TapiSrv - ok
19:49:03.0692 4372 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:49:03.0695 4372 TBS - ok
19:49:03.0822 4372 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:49:03.0859 4372 Tcpip - ok
19:49:04.0007 4372 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:49:04.0023 4372 TCPIP6 - ok
19:49:04.0069 4372 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:49:04.0071 4372 tcpipreg - ok
19:49:04.0099 4372 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:49:04.0100 4372 TDPIPE - ok
19:49:04.0132 4372 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:49:04.0133 4372 TDTCP - ok
19:49:04.0156 4372 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:49:04.0158 4372 tdx - ok
19:49:04.0169 4372 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:49:04.0170 4372 TermDD - ok
19:49:04.0222 4372 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:49:04.0231 4372 TermService - ok
19:49:04.0249 4372 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:49:04.0252 4372 Themes - ok
19:49:04.0271 4372 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:49:04.0272 4372 THREADORDER - ok
19:49:04.0328 4372 TIEHDUSB (199c2e87d9a5ec58d0bcd94e893bf629) C:\Windows\system32\DRIVERS\tiehdusb.sys
19:49:04.0331 4372 TIEHDUSB - ok
19:49:04.0354 4372 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:49:04.0358 4372 TrkWks - ok
19:49:04.0408 4372 trufos (df219721ddffcbe03aa894b6b6742ba1) C:\Windows\system32\DRIVERS\trufos.sys
19:49:04.0417 4372 trufos - ok
19:49:04.0474 4372 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:49:04.0477 4372 TrustedInstaller - ok
19:49:04.0502 4372 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:49:04.0504 4372 tssecsrv - ok
19:49:04.0542 4372 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:49:04.0544 4372 TsUsbFlt - ok
19:49:04.0587 4372 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:49:04.0590 4372 tunnel - ok
19:49:04.0607 4372 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:49:04.0608 4372 uagp35 - ok
19:49:04.0640 4372 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:49:04.0649 4372 udfs - ok
19:49:04.0667 4372 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:49:04.0670 4372 UI0Detect - ok
19:49:04.0687 4372 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:49:04.0689 4372 uliagpkx - ok
19:49:04.0713 4372 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:49:04.0715 4372 umbus - ok
19:49:04.0735 4372 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:49:04.0737 4372 UmPass - ok
19:49:04.0807 4372 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:49:04.0820 4372 UMVPFSrv - ok
19:49:04.0990 4372 UNS (02c298382359653bec4c737c2ab7f9c5) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:49:05.0009 4372 UNS - ok
19:49:05.0162 4372 Update Server (7de3f30967cf77bd1fc440c2b847629a) C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
19:49:05.0174 4372 Update Server - ok
19:49:05.0244 4372 UPDATESRV (ddc49896dc045aadc1988d0d0330811a) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
19:49:05.0246 4372 UPDATESRV - ok
19:49:05.0352 4372 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:49:05.0360 4372 upnphost - ok
19:49:05.0409 4372 upperdev (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
19:49:05.0411 4372 upperdev - ok
19:49:05.0477 4372 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:49:05.0479 4372 USBAAPL64 - ok
19:49:05.0508 4372 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:49:05.0511 4372 usbaudio - ok
19:49:05.0550 4372 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:49:05.0553 4372 usbccgp - ok
19:49:05.0572 4372 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:49:05.0574 4372 usbcir - ok
19:49:05.0603 4372 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:49:05.0604 4372 usbehci - ok
19:49:05.0659 4372 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:49:05.0676 4372 usbhub - ok
19:49:05.0712 4372 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:49:05.0714 4372 usbohci - ok
19:49:05.0739 4372 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:49:05.0741 4372 usbprint - ok
19:49:05.0771 4372 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:49:05.0773 4372 usbscan - ok
19:49:05.0804 4372 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
19:49:05.0806 4372 usbser - ok
19:49:05.0822 4372 UsbserFilt (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
19:49:05.0824 4372 UsbserFilt - ok
19:49:05.0864 4372 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:49:05.0867 4372 USBSTOR - ok
19:49:05.0879 4372 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:49:05.0881 4372 usbuhci - ok
19:49:05.0922 4372 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:49:05.0925 4372 usbvideo - ok
19:49:05.0936 4372 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:49:05.0940 4372 UxSms - ok
19:49:05.0968 4372 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:49:05.0970 4372 VaultSvc - ok
19:49:05.0993 4372 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:49:05.0995 4372 vdrvroot - ok
19:49:06.0048 4372 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:49:06.0073 4372 vds - ok
19:49:06.0092 4372 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:49:06.0094 4372 vga - ok
19:49:06.0114 4372 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:49:06.0116 4372 VgaSave - ok
19:49:06.0148 4372 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:49:06.0152 4372 vhdmp - ok
19:49:06.0173 4372 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:49:06.0175 4372 viaide - ok
19:49:06.0196 4372 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:49:06.0198 4372 volmgr - ok
19:49:06.0240 4372 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:49:06.0245 4372 volmgrx - ok
19:49:06.0273 4372 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:49:06.0283 4372 volsnap - ok
19:49:06.0318 4372 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:49:06.0322 4372 vsmraid - ok
19:49:06.0461 4372 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:49:06.0489 4372 VSS - ok
19:49:06.0628 4372 VSSERV - ok
19:49:06.0711 4372 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:49:06.0712 4372 vwifibus - ok
19:49:06.0747 4372 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:49:06.0749 4372 vwififlt - ok
19:49:06.0777 4372 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:49:06.0779 4372 vwifimp - ok
19:49:06.0827 4372 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:49:06.0842 4372 W32Time - ok
19:49:06.0859 4372 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:49:06.0861 4372 WacomPen - ok
19:49:06.0890 4372 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:49:06.0892 4372 WANARP - ok
19:49:06.0896 4372 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:49:06.0898 4372 Wanarpv6 - ok
19:49:06.0980 4372 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:49:06.0996 4372 WatAdminSvc - ok
19:49:07.0164 4372 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:49:07.0195 4372 wbengine - ok
19:49:07.0255 4372 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:49:07.0259 4372 WbioSrvc - ok
19:49:07.0293 4372 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:49:07.0300 4372 wcncsvc - ok
19:49:07.0314 4372 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:49:07.0317 4372 WcsPlugInService - ok
19:49:07.0331 4372 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:49:07.0333 4372 Wd - ok
19:49:07.0379 4372 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:49:07.0387 4372 Wdf01000 - ok
19:49:07.0407 4372 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:49:07.0410 4372 WdiServiceHost - ok
19:49:07.0412 4372 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:49:07.0415 4372 WdiSystemHost - ok
19:49:07.0451 4372 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:49:07.0456 4372 WebClient - ok
19:49:07.0475 4372 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:49:07.0480 4372 Wecsvc - ok
19:49:07.0492 4372 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:49:07.0496 4372 wercplsupport - ok
19:49:07.0528 4372 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:49:07.0531 4372 WerSvc - ok
19:49:07.0544 4372 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:49:07.0545 4372 WfpLwf - ok
19:49:07.0556 4372 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:49:07.0558 4372 WIMMount - ok
19:49:07.0598 4372 WinDefend - ok
19:49:07.0604 4372 WinHttpAutoProxySvc - ok
19:49:07.0658 4372 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:49:07.0662 4372 Winmgmt - ok
19:49:07.0766 4372 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:49:07.0807 4372 WinRM - ok
19:49:07.0913 4372 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:49:07.0915 4372 WinUsb - ok
19:49:07.0990 4372 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:49:08.0003 4372 Wlansvc - ok
19:49:08.0198 4372 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:49:08.0221 4372 wlidsvc - ok
19:49:08.0271 4372 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:49:08.0272 4372 WmiAcpi - ok
19:49:08.0305 4372 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:49:08.0308 4372 wmiApSrv - ok
19:49:08.0331 4372 WMPNetworkSvc - ok
19:49:08.0355 4372 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:49:08.0359 4372 WPCSvc - ok
19:49:08.0382 4372 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:49:08.0386 4372 WPDBusEnum - ok
19:49:08.0403 4372 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:49:08.0404 4372 ws2ifsl - ok
19:49:08.0431 4372 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
19:49:08.0434 4372 wscsvc - ok
19:49:08.0438 4372 WSearch - ok
19:49:08.0586 4372 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:49:08.0626 4372 wuauserv - ok
19:49:08.0699 4372 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:49:08.0702 4372 WudfPf - ok
19:49:08.0720 4372 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:49:08.0724 4372 WUDFRd - ok
19:49:08.0754 4372 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:49:08.0758 4372 wudfsvc - ok
19:49:08.0785 4372 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:49:08.0790 4372 WwanSvc - ok
19:49:08.0844 4372 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
19:49:08.0846 4372 xusb21 - ok
19:49:08.0935 4372 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:49:08.0943 4372 YahooAUService - ok
19:49:08.0967 4372 MBR (0x1B8) (9730d1a050b7c5b9fb8a6b28c910470e) \Device\Harddisk0\DR0
19:49:09.0148 4372 \Device\Harddisk0\DR0 - ok
19:49:09.0152 4372 Boot (0x1200) (e9c9e8bbcb2dc1aee42c89d8833f011e) \Device\Harddisk0\DR0\Partition0
19:49:09.0154 4372 \Device\Harddisk0\DR0\Partition0 - ok
19:49:09.0162 4372 Boot (0x1200) (7bfac6aa00329521e746e77aafe25913) \Device\Harddisk0\DR0\Partition1
19:49:09.0164 4372 \Device\Harddisk0\DR0\Partition1 - ok
19:49:09.0189 4372 Boot (0x1200) (7b2cc86b981edcf4243cd6e378fc65e6) \Device\Harddisk0\DR0\Partition2
19:49:09.0191 4372 \Device\Harddisk0\DR0\Partition2 - ok
19:49:09.0209 4372 Boot (0x1200) (f9a73ebafb48a04b858cf996417c2390) \Device\Harddisk0\DR0\Partition3
19:49:09.0211 4372 \Device\Harddisk0\DR0\Partition3 - ok
19:49:09.0228 4372 Boot (0x1200) (ff5b1f1de1a05dd664dc9c150a7c7acb) \Device\Harddisk0\DR0\Partition4
19:49:09.0230 4372 \Device\Harddisk0\DR0\Partition4 - ok
19:49:09.0231 4372 ============================================================
19:49:09.0231 4372 Scan finished
19:49:09.0231 4372 ============================================================
19:49:09.0241 4832 Detected object count: 1
19:49:09.0241 4832 Actual detected object count: 1
19:51:16.0363 4832 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:51:16.0363 4832 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:52:49.0825 5348 Deinitialize success
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 795
23 juil. 2012 à 21:07
23 juil. 2012 à 21:07
Re
Copie ces lignes :
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
O43 - CFD: 04/10/2011 - 10:42:06 - [0,001] ----D C:\ProgramData\Media Get LLC
O81 - IFC: Internet Feature Controls [HKCU] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O8 - Extra context menu item: Search the Web - (.not file.) - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
EMPTYTEMP
EMPTYCLSID
Ouvre ZHPFIX avec le clic droit => exécuter en tant qu'administrateur
Clique sur H puis sur GO
Poste le rapport.
Copie ces lignes :
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
O43 - CFD: 04/10/2011 - 10:42:06 - [0,001] ----D C:\ProgramData\Media Get LLC
O81 - IFC: Internet Feature Controls [HKCU] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O8 - Extra context menu item: Search the Web - (.not file.) - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
EMPTYTEMP
EMPTYCLSID
Ouvre ZHPFIX avec le clic droit => exécuter en tant qu'administrateur
Clique sur H puis sur GO
Poste le rapport.
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
23 juil. 2012 à 22:04
23 juil. 2012 à 22:04
Ah... je n'y avais pas pensé. Le voila :
https://pjjoint.malekal.com/files.php?id=20120723_v12k13c5n15u14
https://pjjoint.malekal.com/files.php?id=20120723_v12k13c5n15u14
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 795
24 juil. 2012 à 14:22
24 juil. 2012 à 14:22
Bien :)
Plus de soucis, on finalise ?
Plus de soucis, on finalise ?
mandragores
Messages postés
14
Date d'inscription
dimanche 22 juillet 2012
Statut
Membre
Dernière intervention
24 juillet 2012
24 juil. 2012 à 14:57
24 juil. 2012 à 14:57
Y a t-il une dernière analyse a faire ou le sujet est résolu?
