Help SVP rapport ZHPDiag
Résolu/Fermé
MissCata23
Messages postés
214
Date d'inscription
mercredi 15 janvier 2014
Statut
Membre
Dernière intervention
3 avril 2015
-
6 avril 2014 à 17:21
MissCata23 Messages postés 214 Date d'inscription mercredi 15 janvier 2014 Statut Membre Dernière intervention 3 avril 2015 - 8 avril 2014 à 20:14
MissCata23 Messages postés 214 Date d'inscription mercredi 15 janvier 2014 Statut Membre Dernière intervention 3 avril 2015 - 8 avril 2014 à 20:14
A voir également:
- Help SVP rapport ZHPDiag
- Zhpdiag - Télécharger - Informations & Diagnostic
- Plan rapport de stage - Guide
- On vous a donné accès à un fichier rapport. il est partagé avec plusieurs personnes sur cet espace pix cloud. répondez aux questions - Forum Cloud
- Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport existant ✓ - Forum Excel
- Problém affichage du tableau croisé dynamique - Forum Excel
8 réponses
¡El Desaparecido!
Messages postés
1519
Date d'inscription
mardi 4 octobre 2011
Statut
Membre
Dernière intervention
23 octobre 2015
195
Modifié par ¡El Desaparecido! le 6/04/2014 à 18:00
Modifié par ¡El Desaparecido! le 6/04/2014 à 18:00
Hello ,
Bienvenue sur CCM : )
Il reste des Adwares sur ta machine :(
# Télécharge Shortcut_Module (de g3n-h@ckm@n) sur ton bureau.
# Note : Enregistres ton travail avant de continuer !
# Lance Shortcut_Module et clique sur Nettoyer.
# Note : Patiente le temps du scan
# Après le redémarrage relance l'outil et clique sur le petit "R" pour ouvrir le rapport , puis poste son contenu stp
Développeur : UsbFix ## Webmaster : SosVirus
Comme dis Birdy -> People help the people
Bienvenue sur CCM : )
Il reste des Adwares sur ta machine :(
# Télécharge Shortcut_Module (de g3n-h@ckm@n) sur ton bureau.
# Note : Enregistres ton travail avant de continuer !
# Lance Shortcut_Module et clique sur Nettoyer.
# Note : Patiente le temps du scan
# Après le redémarrage relance l'outil et clique sur le petit "R" pour ouvrir le rapport , puis poste son contenu stp
Développeur : UsbFix ## Webmaster : SosVirus
Comme dis Birdy -> People help the people
MissCata23
Messages postés
214
Date d'inscription
mercredi 15 janvier 2014
Statut
Membre
Dernière intervention
3 avril 2015
4
6 avril 2014 à 18:54
6 avril 2014 à 18:54
Merci! Oops, je viens seulement de réactiver le pare-feu...
Voici le rapport:
¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 06.04.2014.2
¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 18:02:43 - 06/04/2014
Mis à jour le : 06/04/2014 | 15.25 par g3n-h@ckm@n
Contact : https://www.sosvirus.net/
Boot : Normal
Système : Microsoft Windows XP (32 bits) Service Pack 3
Mémoire RAM = Total (MB) : 458 | Libre (MB) : 179
Pagefile = Total (MB) : 1083 | Libre (MB) : 757
Virtuelle = Total (MB) : 2097 | Libre (MB) : 2026
Registre sauvegardé , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe
¤¤¤¤¤¤¤¤¤¤ | Mises à jour Windows
Dernière(s) détection(s) : 2014-04-06 13:23:42
Dernières Téléchargées : 2014-03-20 13:40:16
Dernières installées : 2014-03-20 16:18:40
Prochaine recherche : 2014-04-07 07:30:54
¤¤¤¤¤¤¤¤¤¤ | Navigateurs
IE : 8.0.6001.18702 (© Microsoft Corporation. All rights reserved.)
GC : 33.0.1750.154 (Copyright 2012 Google Inc. All rights reserved.)
¤¤¤¤¤¤¤¤¤¤ | Security
AV : avast! Antivirus Enabled
AS :
FW : WINDOWS Firewall
WMI : /!\
SC: Security Center Service [Auto(2)] = démarré
WU: Windows Update Service [Auto(2)] = démarré
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
FlashPlayer ActiveX : 12.0.0.77
¤¤¤¤¤¤¤¤¤¤ | Processus tués
1436 | [Owner : Michèle |Parent : 1376] - (.Microsoft Corporation - Explorateur Windows.) - (6.0.2900.5512) = C:\WINDOWS\explorer.exe
1532 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Spooler SubSystem App.) - (5.1.2600.6024) = C:\WINDOWS\system32\spoolsv.exe
1900 | [Owner : Michèle |Parent : 1836] - (.France Telecom SA - Orange Connection Kit.) - (3.7.0.0) = C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe
1960 | [Owner : Michèle |Parent : 808] - (.France Telecom SA - Orange Connection Kit.) - (5.6.0.0) = C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
392 | [Owner : Michèle |Parent : 1900] - (.France Telecom SA - Orange Connection Kit.) - (3.7.0.0) = C:\Program Files\Orange\Connexion Internet Orange\Systray\SystrayApp.exe
400 | [Owner : Michèle |Parent : 1900] - (.France Telecom SA - Orange Connection Kit.) - (17.5.0.0) = C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe
792 | [Owner : Michèle |Parent : 400] - (.France Telecom SA - Orange Connection Kit.) - (17.5.0.0) = C:\Program Files\Orange\Connexion Internet Orange\Connectivity\Corecom\CoreCom.exe
1344 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Media Center Receiver Service.) - (5.1.2715.3011) = C:\WINDOWS\ehome\ehrecvr.exe
1788 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Service de planification Media Center.) - (5.1.2710.2732) = C:\WINDOWS\ehome\ehSched.exe
2220 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - MCRD Device Service.) - (4.1.2710.2732) = C:\WINDOWS\ehome\mcrdsvc.exe
3344 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Application Layer Gateway Service.) - (5.1.2600.5512) = C:\WINDOWS\system32\alg.exe
348 | [Owner : Michèle |Parent : 792] - (.France Telecom SA - Orange Connection Kit.) - (17.5.0.0) = C:\Program Files\Orange\Connexion Internet Orange\Connectivity\Corecom\OraConfigRecover.exe
320 | [Owner : Michèle |Parent : 1124] - (.Microsoft Corporation - CTF Loader.) - (5.1.2600.5512) = C:\WINDOWS\system32\ctfmon.exe
1344 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Media Center Receiver Service.) - (5.1.2715.3011) = C:\WINDOWS\ehome\ehrecvr.exe
1788 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Service de planification Media Center.) - (5.1.2710.2732) = C:\WINDOWS\ehome\ehSched.exe
2220 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - MCRD Device Service.) - (4.1.2710.2732) = C:\WINDOWS\ehome\mcrdsvc.exe
3344 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Application Layer Gateway Service.) - (5.1.2600.5512) = C:\WINDOWS\system32\alg.exe
320 | [Owner : Michèle |Parent : 1124] - (.Microsoft Corporation - CTF Loader.) - (5.1.2600.5512) = C:\WINDOWS\system32\ctfmon.exe
¤¤¤¤¤¤¤¤¤¤ | Processus démarrés
496 | [Owner : SYSTEM |Parent : 4] - (.Microsoft Corporation - Gestionnaire de session Windows NT.) - (5.1.2600.5512) = C:\WINDOWS\system32\smss.exe
544 | [Owner : SYSTEM |Parent : 496] - (.Microsoft Corporation - Client Server Runtime Process.) - (5.1.2600.5512) = C:\WINDOWS\system32\csrss.exe
576 | [Owner : SYSTEM |Parent : 496] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) - (5.1.2600.5512) = C:\WINDOWS\system32\winlogon.exe
620 | [Owner : SYSTEM |Parent : 576] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (5.1.2600.5755) = C:\WINDOWS\system32\services.exe
632 | [Owner : SYSTEM |Parent : 576] - (.Microsoft Corporation - LSA Shell (Export Version).) - (5.1.2600.5512) = C:\WINDOWS\system32\lsass.exe
808 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
856 | [Owner : SERVICE RÉSEAU |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
924 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
984 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
1132 | [Owner : SERVICE RÉSEAU |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
1188 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
1316 | [Owner : SYSTEM |Parent : 620] - (.AVAST Software - avast! Service.) - (8.0.1497.376) = C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1876 | [Owner : Michèle |Parent : 1436] - (.AVAST Software - avast! Antivirus.) - (8.0.1497.376) = C:\Program Files\Alwil Software\Avast5\AvastUI.exe
1672 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
1344 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Media Center Receiver Service.) - (5.1.2715.3011) = C:\WINDOWS\ehome\ehrecvr.exe
1788 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Service de planification Media Center.) - (5.1.2710.2732) = C:\WINDOWS\ehome\ehSched.exe
2104 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
2152 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
2220 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - MCRD Device Service.) - (4.1.2710.2732) = C:\WINDOWS\ehome\mcrdsvc.exe
3088 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - COM Surrogate.) - (5.1.2600.5512) = C:\WINDOWS\system32\dllhost.exe
3344 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Application Layer Gateway Service.) - (5.1.2600.5512) = C:\WINDOWS\system32\alg.exe
2092 | [Owner : SYSTEM |Parent : 808] - (.Microsoft Corporation - WMI.) - (5.1.2600.5755) = C:\WINDOWS\system32\wbem\wmiprvse.exe
320 | [Owner : Michèle |Parent : 1124] - (.Microsoft Corporation - CTF Loader.) - (5.1.2600.5512) = C:\WINDOWS\system32\ctfmon.exe
1804 | [Owner : Michèle |Parent : 2656] - (. - Shortcut_Module.) - (6.4.2014.2) = C:\Documents and Settings\Michèle\Mes documents\Downloads\Shortcut_Module.exe
¤¤¤¤¤¤¤¤¤¤ | RUN
04 - HKLM\..\Run : [ORAHSSSessionManager] "C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe"
04 - HKLM\..\Run : [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
04 - HKLM\..\Run : [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\Run : []
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-19\..\Run : [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray
04 - HKU\S-1-5-20\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-20\..\Run : [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray
04 - HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-18\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-18\..\RunOnce : [^SetupICWDesktop]
¤¤¤¤¤¤¤¤¤¤ | Services
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\WINDOWS\System32\Drivers\etc\hosts : Remis a zéro avec succès
¤¤¤¤¤¤¤¤¤¤ | Registre
Supprimé avec succès : HKLM\Software\Classes\pdfforge.DllInfo
Supprimé avec succès : HKLM\Software\Classes\pdfforge.Tools
Supprimé avec succès : HKLM\Software\Classes\Applications\CTCMSu.exe : "C:\Program Files\Creative\MediaSource5\CTCMSu.exe" /PlayNow "%L"
Supprimé avec succès : HKLM\Software\Classes\CLSID\{1E31C3D5-7372-45E0-B061-CDC14AD97404} : MC Web Search Scope
Supprimé avec succès : HKLM\Software\Classes\CLSID\{67214485-0B7A-3965-A63E-830C6A9AE397} : pdfforge.Tools
Supprimé avec succès : HKLM\Software\Classes\CLSID\{E0783191-F452-35FB-A118-6CD8BDEE9A0F} : SearchBar.Client
Supprimé avec succès : HKLM\Software\Classes\CLSID\{FFE05B8E-BDAE-32EC-A615-751C7F719FEE} : pdfforge.DllInfo
Supprimé avec succès : HKLM\Software\Classes\CLSID\{01200461-FFF8-3319-A2AE-51A28939A032} : pdfforge, Version=1.5.0.0, Culture=neutral, PublicKeyToken=null
Supprimé avec succès : HKLM\Software\Classes\CLSID\{357274F5-C533-3E17-87D4-535DC9BD307A} : pdfforge, Version=1.5.0.0, Culture=neutral, PublicKeyToken=null
Supprimé avec succès : HKLM\Software\Classes\CLSID\{8F5D1CB6-C02A-3173-BF74-7064DB62EF11} : pdfforge, Version=1.5.0.0, Culture=neutral, PublicKeyToken=null
Supprimé avec succès : HKLM\Software\Classes\CLSID\{973396E4-049F-33C1-9E77-33D41876ADC1} : pdfforge, Version=1.5.0.0, Culture=neutral, PublicKeyToken=null
Supprimé avec succès : HKLM\Software\Classes\AppID\SoftwareUpdate.exe
Supprimé avec succès : HKLM\Software\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp
Supprimé avec succès : HKLM\Software\Classes\TypeLib\{7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4} : SoftwareUpdate
Supprimé avec succès : HKLM\Software\Classes\Interface\{422CA428-AACB-496A-8FDD-86758BCFB756} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Supprimé avec succès : HKLM\Software\Classes\Interface\{995E123A-2A19-4E52-872F-774C5589459C} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Supprimé avec succès : HKLM\Software\Classes\Interface\{A52621AD-E10F-477B-9ACB-B6181610788B} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Supprimé avec succès : HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]|[Plus-HD-2.6-bg.exe] : 8000
Supprimé avec succès : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Iminent
Supprimé avec succès : HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Trolltech
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} : alotBHO.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD} : eBayTB.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7} : advancedsearchbar.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} : alot.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{92085AD4-F48A-450D-BD93-B28CC7DF67CE} : eBayTB.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0} : advancedsearchbar.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0b4e0867-209e-4e73-ae4b-c0a7af742ad9} : C:\Program Files\Plus-HD-2.6
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d630149-9c5c-4795-ae0b-76c85492def2} : C:\Program Files\Plus-HD-2.6
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94d069e1-40a3-4492-b6aa-a6900566318d} : C:\Program Files\Plus-HD-2.6
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44b8db0a-a863-4cb5-8a0d-21f9fe84e41c} : C:\Program Files\Plus-HD-2.6
Supprimé avec succès : HKLM\Software\Classes\Installer\Features\46B5A9879DD95AB419A50FCFA0B1B7EF :
Supprimé avec succès : HKLM\Software\Classes\Installer\Features\C040311900063D11C8EF00054038389C : PubWizards
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3312061B01 : C:\Program Files\Java\jre6\zipper.exe
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3312061B05 : C:\Program Files\Java\jre6\zipper.exe
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 : C:\Program Files\SweetIM\Messenger\msvcr71.dll
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8 : C:\Program Files\SweetIM\Messenger\mgIEPlayer.dll
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 : C:\Program Files\SweetIM\Messenger\msvcp71.dll
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E : C:\Program Files\SweetIM\Messenger\mgAIMAuto.dll
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D : 02:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP\UserSettings
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839 : C:\Program Files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3312061B03 : C:\Program Files\Java\jre6\zipper.exe
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\059103D1F2AE2884A90A9464776548A2 : SweetIM Technical Support Department
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Program Files\SweetIM\Messenger\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\logs\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Program Files\Iminent\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Program Files\SweetIM\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users\]
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D301950-EA2F-4882-9AA0-49467756842A} : SweetIM Technical Support Department
¤¤¤¤¤¤¤¤¤¤ | IFEO
¤¤¤¤¤¤¤¤¤¤ | Dossiers
Supprimé avec succès : C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Iminent.InstallLog ()
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Add your own PDF features.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Batch convert PDFs .bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Business Ready PDF Tool .bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Create your own PDF viewer.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Customize User Interface.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Extract PDF contents.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Fast mobile PDF reader on iPad.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Fastest PDF Index and Search.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Integrate with Security Solutions.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\OCR Text Recognition.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Powerful Word Processor.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Profile.xml (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ProfileRibbon.xml (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Protect PDFs with AD RMS.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Protect Sensitive PDF Documents.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Read and modify PDFs on iPads.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Read PDFs on iPads.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Redact your PDFs.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon create pdf form scanner documents.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Design form fields easily.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Edit and reflow paragraphs in PDF files.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Enterprise PDF Reader.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Fastest PDF Search and Index.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Integrate PDF into your application.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Integrate PDF into your mobile apps.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Powerful Word Processor.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Protect Sensitive PDF Documents.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Protect your PDF files with AD RMS.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon View and annotate PDFs.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon view PDFs on iPads.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Sign and Send PDF Docs with DocuSign .bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Unique editing capabilities.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\View PDFs on mobile devices.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Media Player\Data\task.xml (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Microsoft\Windows Digital Media Enhancements\Party Mode\PartyMode.txt (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Favoris\http--www.ebay.fr-.url (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.amazon.fr_0.localstorage (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.amazon.fr_0.localstorage-journal (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Mes documents\Michele BAUDRY\pdfcreator-0_9_9_setup.exe (© pdfforge.org.-.PDFCreator) [OFN : PDFCreator-0_9_9_GPLGhostscript.exe]
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Microsoft\Windows Digital Media Enhancements
¤¤¤¤¤¤¤¤¤¤ | Détournements de raccourcis
¤¤¤¤¤¤¤¤¤¤ | Proxy
Réparé : [HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\PhishingFilter]|[EnabledV8] : 0 -> 1
Réparé : [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[MigrateProxy] : 0 -> 1
Réparé : [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[MigrateProxy] : 0 -> 1
Réparé : [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[MigrateProxy] : 0 -> 1
Réparé : [HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1
¤¤¤¤¤¤¤¤¤¤ | Détournement internet Explorer
Réparé : [HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8 -> https://www.google.com/?gws_rd=ssl
Réparé : [HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Main]|[Start Page] : https://www.google.com/?gws_rd=ssl -> https://www.google.com/?gws_rd=ssl
Réparé : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main]|[Start Page] : https://www.orange.fr/portail -> https://www.google.com/?gws_rd=ssl
Réparé : [HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Main]|[Search Page] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[SearchAssistant] : -> http://www.google.com/toolbar/ie8/sidebar.html
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : -> https://www.google.com/
Réparé : [HKLM\Software\Microsoft\Internet Explorer\AboutURLs]|[NewTab] : -> https://www.google.com/
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Bar] : -> https://www.google.com/
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Start Page] : -> https://www.msn.com/fr-fr/?ocid=iehp
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Local Page] : -> C:\WINDOWS\system32\blank.htm
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Search_URL] : -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Page_URL] : -> https://www.msn.com/fr-fr/?ocid=iehp
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Page] : -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
¤¤¤¤¤¤¤¤¤¤ | Détournement Google Chrome
[LocalService] Remis a zéro avec succès : SearchURL
[LocalService] Remis a zéro avec succès : Preferences
[Michèle] Remis a zéro avec succès : SearchURL
[Michèle] Remis a zéro avec succès : Preferences
[LocalService] : aohghmighlieiainnegkcijnfilokake = : Create share and access your Google Docs from anywhere. - Docs
[LocalService] : apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://accounts.google.com/ServiceLogin?service=wise&passive=1209600&continue=https://drive.google.com/&followup=https://drive.google.com/&emr=1 - Google & co
[Michèle] : blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - https://www.youtube.com/ - https://www.youtube.com/?feature=ytca - Google & co
[Michèle] : coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - https://www.google.com/webhp?source=search_app&gws_rd=ssl - Google & co
[Michèle] : fplhdcjmbpfkejbhngmlngaecbjmoimd = : __MSG_description__ - __MSG_name__
[Michèle] : gomekmidlodglbbmalcneegieacbdmki = : Avast Browser Security and Web Reputation Plugin. - avast! Online Security
[Michèle] : nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co
[Michèle] : pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/ca/&ss=1&scc=1<mpl=default<mplcache=2&emr=1&osid=1 - Google & co
¤¤¤¤¤¤¤¤¤¤ | Détournement Firefox
[Michèle] Remplacé : user_pref("browser.startup.homepage", "https://www.orange.fr/portail?utm_source=oi&utm_medium=na&utm_campaign=sp"); -> user_pref("browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl");
[Michèle] : menu_contextuel_orange@orange.fr : - -
¤¤¤¤¤¤¤¤¤¤ | Opera
¤¤¤¤¤¤¤¤¤¤ | Détournement des clés StartMenuInternet
Réparé : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe"
¤¤¤¤¤¤¤¤¤¤ | AppInit_DLLs
¤¤¤¤¤¤¤¤¤¤ | Détournement Javascript
¤¤¤¤¤¤¤¤¤¤ | Firewall
Réparé : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]|[EnableFirewall] : 1 -> 0
¤¤¤¤¤¤¤¤¤¤ | Fichiers temporaires
[All Users] Fichiers temporaires Supprimés : 0 Ko
[Administrateur] Fichiers temporaires Supprimés : 0 Ko
[NetworkService] Fichiers temporaires Supprimés : 0 Ko
[LocalService] Fichiers temporaires Supprimés : 0 Ko
[Default User] Fichiers temporaires Supprimés : 0 Ko
[Michèle] Fichiers temporaires Supprimés : 0 Ko
Autre rapport
Eléments analysés : 182883 | Infectés : 119
¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤ | 18:38:11 | [29 Ko]
Voici le rapport:
¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 06.04.2014.2
¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 18:02:43 - 06/04/2014
Mis à jour le : 06/04/2014 | 15.25 par g3n-h@ckm@n
Contact : https://www.sosvirus.net/
Boot : Normal
Système : Microsoft Windows XP (32 bits) Service Pack 3
Mémoire RAM = Total (MB) : 458 | Libre (MB) : 179
Pagefile = Total (MB) : 1083 | Libre (MB) : 757
Virtuelle = Total (MB) : 2097 | Libre (MB) : 2026
Registre sauvegardé , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe
¤¤¤¤¤¤¤¤¤¤ | Mises à jour Windows
Dernière(s) détection(s) : 2014-04-06 13:23:42
Dernières Téléchargées : 2014-03-20 13:40:16
Dernières installées : 2014-03-20 16:18:40
Prochaine recherche : 2014-04-07 07:30:54
¤¤¤¤¤¤¤¤¤¤ | Navigateurs
IE : 8.0.6001.18702 (© Microsoft Corporation. All rights reserved.)
GC : 33.0.1750.154 (Copyright 2012 Google Inc. All rights reserved.)
¤¤¤¤¤¤¤¤¤¤ | Security
AV : avast! Antivirus Enabled
AS :
FW : WINDOWS Firewall
WMI : /!\
SC: Security Center Service [Auto(2)] = démarré
WU: Windows Update Service [Auto(2)] = démarré
¤¤¤¤¤¤¤¤¤¤ | FlashPlayer
FlashPlayer ActiveX : 12.0.0.77
¤¤¤¤¤¤¤¤¤¤ | Processus tués
1436 | [Owner : Michèle |Parent : 1376] - (.Microsoft Corporation - Explorateur Windows.) - (6.0.2900.5512) = C:\WINDOWS\explorer.exe
1532 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Spooler SubSystem App.) - (5.1.2600.6024) = C:\WINDOWS\system32\spoolsv.exe
1900 | [Owner : Michèle |Parent : 1836] - (.France Telecom SA - Orange Connection Kit.) - (3.7.0.0) = C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe
1960 | [Owner : Michèle |Parent : 808] - (.France Telecom SA - Orange Connection Kit.) - (5.6.0.0) = C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
392 | [Owner : Michèle |Parent : 1900] - (.France Telecom SA - Orange Connection Kit.) - (3.7.0.0) = C:\Program Files\Orange\Connexion Internet Orange\Systray\SystrayApp.exe
400 | [Owner : Michèle |Parent : 1900] - (.France Telecom SA - Orange Connection Kit.) - (17.5.0.0) = C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe
792 | [Owner : Michèle |Parent : 400] - (.France Telecom SA - Orange Connection Kit.) - (17.5.0.0) = C:\Program Files\Orange\Connexion Internet Orange\Connectivity\Corecom\CoreCom.exe
1344 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Media Center Receiver Service.) - (5.1.2715.3011) = C:\WINDOWS\ehome\ehrecvr.exe
1788 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Service de planification Media Center.) - (5.1.2710.2732) = C:\WINDOWS\ehome\ehSched.exe
2220 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - MCRD Device Service.) - (4.1.2710.2732) = C:\WINDOWS\ehome\mcrdsvc.exe
3344 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Application Layer Gateway Service.) - (5.1.2600.5512) = C:\WINDOWS\system32\alg.exe
348 | [Owner : Michèle |Parent : 792] - (.France Telecom SA - Orange Connection Kit.) - (17.5.0.0) = C:\Program Files\Orange\Connexion Internet Orange\Connectivity\Corecom\OraConfigRecover.exe
320 | [Owner : Michèle |Parent : 1124] - (.Microsoft Corporation - CTF Loader.) - (5.1.2600.5512) = C:\WINDOWS\system32\ctfmon.exe
1344 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Media Center Receiver Service.) - (5.1.2715.3011) = C:\WINDOWS\ehome\ehrecvr.exe
1788 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Service de planification Media Center.) - (5.1.2710.2732) = C:\WINDOWS\ehome\ehSched.exe
2220 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - MCRD Device Service.) - (4.1.2710.2732) = C:\WINDOWS\ehome\mcrdsvc.exe
3344 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Application Layer Gateway Service.) - (5.1.2600.5512) = C:\WINDOWS\system32\alg.exe
320 | [Owner : Michèle |Parent : 1124] - (.Microsoft Corporation - CTF Loader.) - (5.1.2600.5512) = C:\WINDOWS\system32\ctfmon.exe
¤¤¤¤¤¤¤¤¤¤ | Processus démarrés
496 | [Owner : SYSTEM |Parent : 4] - (.Microsoft Corporation - Gestionnaire de session Windows NT.) - (5.1.2600.5512) = C:\WINDOWS\system32\smss.exe
544 | [Owner : SYSTEM |Parent : 496] - (.Microsoft Corporation - Client Server Runtime Process.) - (5.1.2600.5512) = C:\WINDOWS\system32\csrss.exe
576 | [Owner : SYSTEM |Parent : 496] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) - (5.1.2600.5512) = C:\WINDOWS\system32\winlogon.exe
620 | [Owner : SYSTEM |Parent : 576] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (5.1.2600.5755) = C:\WINDOWS\system32\services.exe
632 | [Owner : SYSTEM |Parent : 576] - (.Microsoft Corporation - LSA Shell (Export Version).) - (5.1.2600.5512) = C:\WINDOWS\system32\lsass.exe
808 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
856 | [Owner : SERVICE RÉSEAU |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
924 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
984 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
1132 | [Owner : SERVICE RÉSEAU |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
1188 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
1316 | [Owner : SYSTEM |Parent : 620] - (.AVAST Software - avast! Service.) - (8.0.1497.376) = C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1876 | [Owner : Michèle |Parent : 1436] - (.AVAST Software - avast! Antivirus.) - (8.0.1497.376) = C:\Program Files\Alwil Software\Avast5\AvastUI.exe
1672 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
1344 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Media Center Receiver Service.) - (5.1.2715.3011) = C:\WINDOWS\ehome\ehrecvr.exe
1788 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Service de planification Media Center.) - (5.1.2710.2732) = C:\WINDOWS\ehome\ehSched.exe
2104 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
2152 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
2220 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - MCRD Device Service.) - (4.1.2710.2732) = C:\WINDOWS\ehome\mcrdsvc.exe
3088 | [Owner : SYSTEM |Parent : 620] - (.Microsoft Corporation - COM Surrogate.) - (5.1.2600.5512) = C:\WINDOWS\system32\dllhost.exe
3344 | [Owner : SERVICE LOCAL |Parent : 620] - (.Microsoft Corporation - Application Layer Gateway Service.) - (5.1.2600.5512) = C:\WINDOWS\system32\alg.exe
2092 | [Owner : SYSTEM |Parent : 808] - (.Microsoft Corporation - WMI.) - (5.1.2600.5755) = C:\WINDOWS\system32\wbem\wmiprvse.exe
320 | [Owner : Michèle |Parent : 1124] - (.Microsoft Corporation - CTF Loader.) - (5.1.2600.5512) = C:\WINDOWS\system32\ctfmon.exe
1804 | [Owner : Michèle |Parent : 2656] - (. - Shortcut_Module.) - (6.4.2014.2) = C:\Documents and Settings\Michèle\Mes documents\Downloads\Shortcut_Module.exe
¤¤¤¤¤¤¤¤¤¤ | RUN
04 - HKLM\..\Run : [ORAHSSSessionManager] "C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe"
04 - HKLM\..\Run : [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
04 - HKLM\..\Run : [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\Run : []
04 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-19\..\Run : [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray
04 - HKU\S-1-5-20\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-20\..\Run : [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray
04 - HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-18\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-18\..\RunOnce : [^SetupICWDesktop]
¤¤¤¤¤¤¤¤¤¤ | Services
¤¤¤¤¤¤¤¤¤¤ | Hosts
C:\WINDOWS\System32\Drivers\etc\hosts : Remis a zéro avec succès
¤¤¤¤¤¤¤¤¤¤ | Registre
Supprimé avec succès : HKLM\Software\Classes\pdfforge.DllInfo
Supprimé avec succès : HKLM\Software\Classes\pdfforge.Tools
Supprimé avec succès : HKLM\Software\Classes\Applications\CTCMSu.exe : "C:\Program Files\Creative\MediaSource5\CTCMSu.exe" /PlayNow "%L"
Supprimé avec succès : HKLM\Software\Classes\CLSID\{1E31C3D5-7372-45E0-B061-CDC14AD97404} : MC Web Search Scope
Supprimé avec succès : HKLM\Software\Classes\CLSID\{67214485-0B7A-3965-A63E-830C6A9AE397} : pdfforge.Tools
Supprimé avec succès : HKLM\Software\Classes\CLSID\{E0783191-F452-35FB-A118-6CD8BDEE9A0F} : SearchBar.Client
Supprimé avec succès : HKLM\Software\Classes\CLSID\{FFE05B8E-BDAE-32EC-A615-751C7F719FEE} : pdfforge.DllInfo
Supprimé avec succès : HKLM\Software\Classes\CLSID\{01200461-FFF8-3319-A2AE-51A28939A032} : pdfforge, Version=1.5.0.0, Culture=neutral, PublicKeyToken=null
Supprimé avec succès : HKLM\Software\Classes\CLSID\{357274F5-C533-3E17-87D4-535DC9BD307A} : pdfforge, Version=1.5.0.0, Culture=neutral, PublicKeyToken=null
Supprimé avec succès : HKLM\Software\Classes\CLSID\{8F5D1CB6-C02A-3173-BF74-7064DB62EF11} : pdfforge, Version=1.5.0.0, Culture=neutral, PublicKeyToken=null
Supprimé avec succès : HKLM\Software\Classes\CLSID\{973396E4-049F-33C1-9E77-33D41876ADC1} : pdfforge, Version=1.5.0.0, Culture=neutral, PublicKeyToken=null
Supprimé avec succès : HKLM\Software\Classes\AppID\SoftwareUpdate.exe
Supprimé avec succès : HKLM\Software\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp
Supprimé avec succès : HKLM\Software\Classes\TypeLib\{7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4} : SoftwareUpdate
Supprimé avec succès : HKLM\Software\Classes\Interface\{422CA428-AACB-496A-8FDD-86758BCFB756} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Supprimé avec succès : HKLM\Software\Classes\Interface\{995E123A-2A19-4E52-872F-774C5589459C} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Supprimé avec succès : HKLM\Software\Classes\Interface\{A52621AD-E10F-477B-9ACB-B6181610788B} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Supprimé avec succès : HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]|[Plus-HD-2.6-bg.exe] : 8000
Supprimé avec succès : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Iminent
Supprimé avec succès : HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Trolltech
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} : alotBHO.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD} : eBayTB.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7} : advancedsearchbar.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} : alot.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{92085AD4-F48A-450D-BD93-B28CC7DF67CE} : eBayTB.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0} : advancedsearchbar.dll
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0b4e0867-209e-4e73-ae4b-c0a7af742ad9} : C:\Program Files\Plus-HD-2.6
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d630149-9c5c-4795-ae0b-76c85492def2} : C:\Program Files\Plus-HD-2.6
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94d069e1-40a3-4492-b6aa-a6900566318d} : C:\Program Files\Plus-HD-2.6
Supprimé avec succès : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44b8db0a-a863-4cb5-8a0d-21f9fe84e41c} : C:\Program Files\Plus-HD-2.6
Supprimé avec succès : HKLM\Software\Classes\Installer\Features\46B5A9879DD95AB419A50FCFA0B1B7EF :
Supprimé avec succès : HKLM\Software\Classes\Installer\Features\C040311900063D11C8EF00054038389C : PubWizards
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3312061B01 : C:\Program Files\Java\jre6\zipper.exe
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3312061B05 : C:\Program Files\Java\jre6\zipper.exe
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 : C:\Program Files\SweetIM\Messenger\msvcr71.dll
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8 : C:\Program Files\SweetIM\Messenger\mgIEPlayer.dll
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 : C:\Program Files\SweetIM\Messenger\msvcp71.dll
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E : C:\Program Files\SweetIM\Messenger\mgAIMAuto.dll
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D : 02:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP\UserSettings
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839 : C:\Program Files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3312061B03 : C:\Program Files\Java\jre6\zipper.exe
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\059103D1F2AE2884A90A9464776548A2 : SweetIM Technical Support Department
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Program Files\SweetIM\Messenger\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\logs\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Program Files\Iminent\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Program Files\SweetIM\]
Supprimé avec succès : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]|[C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users\]
Supprimé avec succès : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D301950-EA2F-4882-9AA0-49467756842A} : SweetIM Technical Support Department
¤¤¤¤¤¤¤¤¤¤ | IFEO
¤¤¤¤¤¤¤¤¤¤ | Dossiers
Supprimé avec succès : C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Iminent.InstallLog ()
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Add your own PDF features.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Batch convert PDFs .bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Business Ready PDF Tool .bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Create your own PDF viewer.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Customize User Interface.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Extract PDF contents.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Fast mobile PDF reader on iPad.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Fastest PDF Index and Search.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Integrate with Security Solutions.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\OCR Text Recognition.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Powerful Word Processor.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Profile.xml (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ProfileRibbon.xml (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Protect PDFs with AD RMS.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Protect Sensitive PDF Documents.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Read and modify PDFs on iPads.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Read PDFs on iPads.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Redact your PDFs.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon create pdf form scanner documents.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Design form fields easily.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Edit and reflow paragraphs in PDF files.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Enterprise PDF Reader.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Fastest PDF Search and Index.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Integrate PDF into your application.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Integrate PDF into your mobile apps.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Powerful Word Processor.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Protect Sensitive PDF Documents.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon Protect your PDF files with AD RMS.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon View and annotate PDFs.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\ribbon view PDFs on iPads.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Sign and Send PDF Docs with DocuSign .bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\Unique editing capabilities.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement\View PDFs on mobile devices.bmp (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Media Player\Data\task.xml (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Microsoft\Windows Digital Media Enhancements\Party Mode\PartyMode.txt (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Favoris\http--www.ebay.fr-.url (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.amazon.fr_0.localstorage (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.amazon.fr_0.localstorage-journal (.-.)
Supprimé avec succès : C:\Documents and Settings\Michèle\Mes documents\Michele BAUDRY\pdfcreator-0_9_9_setup.exe (© pdfforge.org.-.PDFCreator) [OFN : PDFCreator-0_9_9_GPLGhostscript.exe]
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Foxit Software\Foxit Reader\StartPage\Advertisement
Supprimé avec succès : C:\Documents and Settings\Michèle\Application Data\Microsoft\Windows Digital Media Enhancements
¤¤¤¤¤¤¤¤¤¤ | Détournements de raccourcis
¤¤¤¤¤¤¤¤¤¤ | Proxy
Réparé : [HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\PhishingFilter]|[EnabledV8] : 0 -> 1
Réparé : [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[MigrateProxy] : 0 -> 1
Réparé : [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[MigrateProxy] : 0 -> 1
Réparé : [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[MigrateProxy] : 0 -> 1
Réparé : [HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1
¤¤¤¤¤¤¤¤¤¤ | Détournement internet Explorer
Réparé : [HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8 -> https://www.google.com/?gws_rd=ssl
Réparé : [HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Main]|[Start Page] : https://www.google.com/?gws_rd=ssl -> https://www.google.com/?gws_rd=ssl
Réparé : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main]|[Start Page] : https://www.orange.fr/portail -> https://www.google.com/?gws_rd=ssl
Réparé : [HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Main]|[Search Page] : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[SearchAssistant] : -> http://www.google.com/toolbar/ie8/sidebar.html
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Bar] : -> https://www.google.com/
Réparé : [HKLM\Software\Microsoft\Internet Explorer\AboutURLs]|[NewTab] : -> https://www.google.com/
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Bar] : -> https://www.google.com/
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Start Page] : -> https://www.msn.com/fr-fr/?ocid=iehp
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Local Page] : -> C:\WINDOWS\system32\blank.htm
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Search_URL] : -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Page_URL] : -> https://www.msn.com/fr-fr/?ocid=iehp
Réparé : [HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Page] : -> https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
¤¤¤¤¤¤¤¤¤¤ | Détournement Google Chrome
[LocalService] Remis a zéro avec succès : SearchURL
[LocalService] Remis a zéro avec succès : Preferences
[Michèle] Remis a zéro avec succès : SearchURL
[Michèle] Remis a zéro avec succès : Preferences
[LocalService] : aohghmighlieiainnegkcijnfilokake = : Create share and access your Google Docs from anywhere. - Docs
[LocalService] : apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://accounts.google.com/ServiceLogin?service=wise&passive=1209600&continue=https://drive.google.com/&followup=https://drive.google.com/&emr=1 - Google & co
[Michèle] : blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - https://www.youtube.com/ - https://www.youtube.com/?feature=ytca - Google & co
[Michèle] : coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - https://www.google.com/webhp?source=search_app&gws_rd=ssl - Google & co
[Michèle] : fplhdcjmbpfkejbhngmlngaecbjmoimd = : __MSG_description__ - __MSG_name__
[Michèle] : gomekmidlodglbbmalcneegieacbdmki = : Avast Browser Security and Web Reputation Plugin. - avast! Online Security
[Michèle] : nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co
[Michèle] : pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/ca/&ss=1&scc=1<mpl=default<mplcache=2&emr=1&osid=1 - Google & co
¤¤¤¤¤¤¤¤¤¤ | Détournement Firefox
[Michèle] Remplacé : user_pref("browser.startup.homepage", "https://www.orange.fr/portail?utm_source=oi&utm_medium=na&utm_campaign=sp"); -> user_pref("browser.startup.homepage", "https://www.google.fr/?gws_rd=ssl");
[Michèle] : menu_contextuel_orange@orange.fr : - -
¤¤¤¤¤¤¤¤¤¤ | Opera
¤¤¤¤¤¤¤¤¤¤ | Détournement des clés StartMenuInternet
Réparé : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe"
¤¤¤¤¤¤¤¤¤¤ | AppInit_DLLs
¤¤¤¤¤¤¤¤¤¤ | Détournement Javascript
¤¤¤¤¤¤¤¤¤¤ | Firewall
Réparé : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]|[EnableFirewall] : 1 -> 0
¤¤¤¤¤¤¤¤¤¤ | Fichiers temporaires
[All Users] Fichiers temporaires Supprimés : 0 Ko
[Administrateur] Fichiers temporaires Supprimés : 0 Ko
[NetworkService] Fichiers temporaires Supprimés : 0 Ko
[LocalService] Fichiers temporaires Supprimés : 0 Ko
[Default User] Fichiers temporaires Supprimés : 0 Ko
[Michèle] Fichiers temporaires Supprimés : 0 Ko
Autre rapport
Eléments analysés : 182883 | Infectés : 119
¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤ | 18:38:11 | [29 Ko]
MissCata23
Messages postés
214
Date d'inscription
mercredi 15 janvier 2014
Statut
Membre
Dernière intervention
3 avril 2015
4
6 avril 2014 à 19:05
6 avril 2014 à 19:05
Je n'en reviens pas du nombre de fichiers infectés! Comment se fait-il que ADWCleaner n'ait pas tout supprimé?
¡El Desaparecido!
Messages postés
1519
Date d'inscription
mardi 4 octobre 2011
Statut
Membre
Dernière intervention
23 octobre 2015
195
7 avril 2014 à 07:38
7 avril 2014 à 07:38
Hello ,
Comment se fait-il que ADWCleaner n'ait pas tout supprimé?
Tu devrais plutôt te demander , pourquoi avast à laisser entre tout ça sur ton PC ...
Télécharge OTL de Old_Timer et enregistre le sur le Bureau
Ferme toutes les autres fenêtres et double-clique sur OTL.exe
Sous Vista et Windows 7, il faut lancer le fichier par clic-droit-> Exécuter en tant qu'adminsitrateur.
Vérifie que les cases Tous les utilisateurs, Recherche Lop et Recherche Purity] soient cochées.
Dans le cadre Personnalisation, copie-colle l'intégralité de ce qui suit :
Clique ensuite sur Analyse et patiente le temps du scan.
A la fin de l'analyse, les rapports OTL.txtet Extras.txt s'affichent.
Les rapports étant trop longs pour le forum, héberge-les sur SosUpload et indique les liens fournis dans ta réponse.
Les rapports sont sauvegardés sur le Bureau.
Comment se fait-il que ADWCleaner n'ait pas tout supprimé?
Tu devrais plutôt te demander , pourquoi avast à laisser entre tout ça sur ton PC ...
Télécharge OTL de Old_Timer et enregistre le sur le Bureau
Ferme toutes les autres fenêtres et double-clique sur OTL.exe
Sous Vista et Windows 7, il faut lancer le fichier par clic-droit-> Exécuter en tant qu'adminsitrateur.
Vérifie que les cases Tous les utilisateurs, Recherche Lop et Recherche Purity] soient cochées.
Dans le cadre Personnalisation, copie-colle l'intégralité de ce qui suit :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%windir%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
services.exe
wininit.exe
/md5stop
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s
CREATERESTOREPOINT
nslookup https://www.google.fr/?gws_rd=ssl /c
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT
SAVEMBR:0
Clique ensuite sur Analyse et patiente le temps du scan.
A la fin de l'analyse, les rapports OTL.txtet Extras.txt s'affichent.
Les rapports étant trop longs pour le forum, héberge-les sur SosUpload et indique les liens fournis dans ta réponse.
Les rapports sont sauvegardés sur le Bureau.
MissCata23
Messages postés
214
Date d'inscription
mercredi 15 janvier 2014
Statut
Membre
Dernière intervention
3 avril 2015
4
7 avril 2014 à 15:01
7 avril 2014 à 15:01
Bonjour,
Je tiens à préciser que j'ai dû (sur conseil des utilisateurs d'Avast et du forum d'aide d'Avast) rester à la version 8 d'Avast, car les utilisateurs d'XP ont constaté d'énormes problèmes type BSOD et autres graves plantages avec la version 9... La base virale est mise à jour automatiquement tous les jours et en temps réel, même en restant sur la version 8. J'ai trop besoin de mon vieil ordi pour risquer une catastrophe.
Mes problèmes de PUP et Adwares viennent surtout de moi et ma méconnaissance de... tout ce que j'ai appris ici par la suite sur CCM!
A une époque j'ai téléchargé où il ne fallait pas (Softonic, 01Net) sans faire gaffe aux merdouilles éventuelles ramassées avec. J'ai donc ensuite fait le grand ménage avec MBAM et ADWCleaner... A présent je fais gaffe.
Voilà les rapports OTL:
http://upload.sosvirus.net/log/SosUpload.0dfa666960f977e8cb5fcfc954b467f7.Txt
http://upload.sosvirus.net/log/SosUpload.5215e88090738414c7b6fcec714a78c4.Txt
Encore merci de ton aide!
Je tiens à préciser que j'ai dû (sur conseil des utilisateurs d'Avast et du forum d'aide d'Avast) rester à la version 8 d'Avast, car les utilisateurs d'XP ont constaté d'énormes problèmes type BSOD et autres graves plantages avec la version 9... La base virale est mise à jour automatiquement tous les jours et en temps réel, même en restant sur la version 8. J'ai trop besoin de mon vieil ordi pour risquer une catastrophe.
Mes problèmes de PUP et Adwares viennent surtout de moi et ma méconnaissance de... tout ce que j'ai appris ici par la suite sur CCM!
A une époque j'ai téléchargé où il ne fallait pas (Softonic, 01Net) sans faire gaffe aux merdouilles éventuelles ramassées avec. J'ai donc ensuite fait le grand ménage avec MBAM et ADWCleaner... A présent je fais gaffe.
Voilà les rapports OTL:
http://upload.sosvirus.net/log/SosUpload.0dfa666960f977e8cb5fcfc954b467f7.Txt
http://upload.sosvirus.net/log/SosUpload.5215e88090738414c7b6fcec714a78c4.Txt
Encore merci de ton aide!
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
¡El Desaparecido!
Messages postés
1519
Date d'inscription
mardi 4 octobre 2011
Statut
Membre
Dernière intervention
23 octobre 2015
195
7 avril 2014 à 20:49
7 avril 2014 à 20:49
Hello ,
OK Pour avast ;)
Au niveau des pubs, ça doit aller mieux non ?
Relance OTL.
Sous Persfonnalisation (Custom Scan), copie-colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
Redemarre le pc sous windows et poste le rapport dans ta prochaine réponse.
Le rapport est sauvegardé sous C:\_OTL\MovedFiles\date_heure.log
~##############
Pour supprimer les outils de désinfections utilisés :
Télécharges DelFix par Xplode sur ton Bureau.
Lance DelFix, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
Coche les cases suivantes :
Supprimer les outils de désinfection
Purger la restauration système
OK Pour avast ;)
Au niveau des pubs, ça doit aller mieux non ?
Relance OTL.
Sous Persfonnalisation (Custom Scan), copie-colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-3258514755-1105423664-3249727002-1005\..\Toolbar\WebBrowser: (no name) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No CLSID value found.
O4 - HKU\.DEFAULT..\RunOnce: [^SetupICWDesktop] File not found
O4 - HKU\S-1-5-18..\RunOnce: [^SetupICWDesktop] File not found
:files
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\*.*
:Commands
[emptytemp]
[emptyflash]
[reboot]
Redemarre le pc sous windows et poste le rapport dans ta prochaine réponse.
Le rapport est sauvegardé sous C:\_OTL\MovedFiles\date_heure.log
~##############
Pour supprimer les outils de désinfections utilisés :
Télécharges DelFix par Xplode sur ton Bureau.
Lance DelFix, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
Coche les cases suivantes :
Supprimer les outils de désinfection
Purger la restauration système
MissCata23
Messages postés
214
Date d'inscription
mercredi 15 janvier 2014
Statut
Membre
Dernière intervention
3 avril 2015
4
7 avril 2014 à 22:23
7 avril 2014 à 22:23
Mince, je viens de rallumer l'ordi et j'ai eu un problème de connexion (erreur 678 puis 676 de mon modem ethernet), ça faisait longtemps que ce n'était pas arrivé! Je ne sais pas du tout d'où ça vient. J'ai dû insister après avoir éteint et rallumé le modem pour que ça connecte...
Autrement j'avais pas trop de problème, pas de pubs, mais visiblement il restait plein de choses pas cool avant que je suive tes conseils.
Je vais faire la suite de ce que tu me demandes.
Autrement j'avais pas trop de problème, pas de pubs, mais visiblement il restait plein de choses pas cool avant que je suive tes conseils.
Je vais faire la suite de ce que tu me demandes.
MissCata23
Messages postés
214
Date d'inscription
mercredi 15 janvier 2014
Statut
Membre
Dernière intervention
3 avril 2015
4
7 avril 2014 à 22:45
7 avril 2014 à 22:45
Pas eu de problème de connexion après le reboot (c'est quand même vraiment bizarre ce truc)
Voilà le rapport OTL:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D3028143-6145-4318-99D3-3EDCE54A95A9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3028143-6145-4318-99D3-3EDCE54A95A9}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_USERS\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
Registry value HKEY_USERS\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3028143-6145-4318-99D3-3EDCE54A95A9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3028143-6145-4318-99D3-3EDCE54A95A9}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\^SetupICWDesktop deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\^SetupICWDesktop not found.
========== FILES ==========
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\French folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files folder moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%1.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%1F.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%2.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%3.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%4A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%51.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%61.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%65.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%97.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\05f1fc1c-d942-4cc9-b488-6938c2878401.dmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\1627f0.mst moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\168785.mst moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\1A8.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\2e4a39.mst moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\AdobeARM.log moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\AdwCleaner.jpg moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\chart_data.dat moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Checkupdate.exe moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\chrome_installer.log moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Cleaning.ico moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\comsvcs.dll moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\D.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Donate.ico moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\etilqs_Fiwh3l5D0CrZhgJ moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\etilqs_MNXkMMWmFfB1Ew1 moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\etilqs_Mw6ncsRfcrfF0ta moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\etilqs_VY7vRVrgQocQdMx moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\etilqs_WlpWHKOyyD5lcsf moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\fc7b9f.mst moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Foxit Reader Updater.exe moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Foxit Updater.exe moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\gcapi_dll.dll moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\gtapi_signed.dll moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT150.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT151.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT152.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT153.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT154.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT155.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT161.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT162.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT163.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1A.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1B.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1C.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1D.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1E.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1F.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT20.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT21.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT22.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT23.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT24.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT25.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT26.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT28.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT29.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2A.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2A8.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2A9.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2AA.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2AB.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2AC.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2B.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT39.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT3A.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT3B.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT3C.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT3D.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT3E.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\InstallUtil.InstallLog moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\jinstall.cfg moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\KB2518870_20131014_135752250.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\KB2572078_20131014_142652656.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\KB2633870_20131014_141551750.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\KB2656351_20131014_141008875.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Microsoft .NET Framework 2.0-KB2844285_20130901_155200302.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Microsoft .NET Framework 2.0-KB2863239_20131010_132127431.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Microsoft .NET Framework 3.0-KB2861189_20131010_123341789.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Microsoft .NET Framework 3.0-KB958483_20131013_134411328.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Microsoft .NET Framework 3.5-KB2861697_20131010_125301746.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\N670UA.shd moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\preferences moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Quarantine.exe moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\RD121.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\RD23.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\RD341.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\RD48.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Reg.reg moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Reg2.reg moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Report.ico moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Scan.ico moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Set1.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\tmpA.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\tmpB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Twunk001.MTX moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\TW_DS.TMP moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Uninstall.ico moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF10A3.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF154B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF1ABF.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF1D5A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF1E07.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF2235.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF2E7B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF2FE7.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF3399.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF35EE.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF3A4B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF3C33.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF3C8C.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF3FA2.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF4656.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF46E9.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF47C2.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF48E0.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF4BAB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF4C45.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF505E.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5364.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF55EC.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF56C3.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5715.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF584B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF58BE.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF59AF.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5ADC.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5D83.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5D90.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5DCB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5DF3.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5ECB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6086.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6094.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF614A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6276.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF673C.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6ACA.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6B5E.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6B7D.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6B7F.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6E01.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6E0C.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6F28.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7091.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF72E5.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF74B5.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7540.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF774A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7B72.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7CA2.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7D35.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7EFF.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7F2F.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8258.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF83F8.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8406.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8546.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8683.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8693.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8749.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF884D.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8978.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8BF4.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8D31.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8D7A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8E3D.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8FF7.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF933F.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF9372.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF94FB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF96CF.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF978B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF9B19.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF9BDB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF9E09.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFA07C.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFA265.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFA403.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFAA92.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFAC6A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFB34B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFB806.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFB8F2.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFB919.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFBE53.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFC2DC.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFC3DD.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFC4EA.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFC52F.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFD52A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFD9F7.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFE048.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFE224.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFE54.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFE5CE.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFFB53.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~gu-ver.dat moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~SG_SI00.TMP moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: LocalService
->Temp folder emptied: 115616 bytes
->Temporary Internet Files folder emptied: 1551292 bytes
->Google Chrome cache emptied: 6099312 bytes
->Flash cache emptied: 405 bytes
User: Michèle
->Temp folder emptied: 131351476 bytes
->Temporary Internet Files folder emptied: 812229 bytes
->Java cache emptied: 1067 bytes
->Google Chrome cache emptied: 215844706 bytes
->Flash cache emptied: 548 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 289390 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 582308968 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 895,00 mb
[EMPTYFLASH]
User: Administrateur
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 0 bytes
User: Michèle
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04072014_222540
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Voilà le rapport OTL:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D3028143-6145-4318-99D3-3EDCE54A95A9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3028143-6145-4318-99D3-3EDCE54A95A9}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_USERS\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
Registry value HKEY_USERS\S-1-5-21-3258514755-1105423664-3249727002-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3028143-6145-4318-99D3-3EDCE54A95A9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3028143-6145-4318-99D3-3EDCE54A95A9}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\^SetupICWDesktop deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\^SetupICWDesktop not found.
========== FILES ==========
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\French folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files folder moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%1.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%1F.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%2.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%3.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%4A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%51.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%61.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%65.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\%%%97.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\05f1fc1c-d942-4cc9-b488-6938c2878401.dmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\1627f0.mst moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\168785.mst moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\1A8.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\2e4a39.mst moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\AdobeARM.log moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\AdwCleaner.jpg moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\chart_data.dat moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Checkupdate.exe moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\chrome_installer.log moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Cleaning.ico moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\comsvcs.dll moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\D.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Donate.ico moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\etilqs_Fiwh3l5D0CrZhgJ moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\etilqs_MNXkMMWmFfB1Ew1 moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\etilqs_Mw6ncsRfcrfF0ta moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\etilqs_VY7vRVrgQocQdMx moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\etilqs_WlpWHKOyyD5lcsf moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\fc7b9f.mst moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Foxit Reader Updater.exe moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Foxit Updater.exe moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\gcapi_dll.dll moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\gtapi_signed.dll moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT150.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT151.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT152.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT153.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT154.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT155.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT161.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT162.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT163.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1A.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1B.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1C.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1D.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1E.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT1F.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT20.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT21.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT22.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT23.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT24.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT25.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT26.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT28.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT29.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2A.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2A8.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2A9.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2AA.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2AB.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2AC.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT2B.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT39.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT3A.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT3B.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT3C.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT3D.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\IMT3E.xml moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\InstallUtil.InstallLog moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\jinstall.cfg moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\KB2518870_20131014_135752250.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\KB2572078_20131014_142652656.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\KB2633870_20131014_141551750.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\KB2656351_20131014_141008875.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Microsoft .NET Framework 2.0-KB2844285_20130901_155200302.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Microsoft .NET Framework 2.0-KB2863239_20131010_132127431.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Microsoft .NET Framework 3.0-KB2861189_20131010_123341789.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Microsoft .NET Framework 3.0-KB958483_20131013_134411328.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Microsoft .NET Framework 3.5-KB2861697_20131010_125301746.html moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\N670UA.shd moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\preferences moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Quarantine.exe moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\RD121.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\RD23.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\RD341.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\RD48.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Reg.reg moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Reg2.reg moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Report.ico moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Scan.ico moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Set1.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\tmpA.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\tmpB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Twunk001.MTX moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\TW_DS.TMP moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\Uninstall.ico moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF10A3.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF154B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF1ABF.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF1D5A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF1E07.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF2235.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF2E7B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF2FE7.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF3399.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF35EE.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF3A4B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF3C33.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF3C8C.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF3FA2.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF4656.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF46E9.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF47C2.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF48E0.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF4BAB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF4C45.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF505E.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5364.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF55EC.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF56C3.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5715.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF584B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF58BE.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF59AF.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5ADC.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5D83.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5D90.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5DCB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5DF3.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF5ECB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6086.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6094.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF614A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6276.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF673C.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6ACA.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6B5E.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6B7D.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6B7F.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6E01.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6E0C.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF6F28.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7091.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF72E5.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF74B5.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7540.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF774A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7B72.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7CA2.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7D35.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7EFF.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF7F2F.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8258.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF83F8.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8406.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8546.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8683.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8693.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8749.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF884D.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8978.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8BF4.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8D31.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8D7A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8E3D.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF8FF7.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF933F.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF9372.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF94FB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF96CF.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF978B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF9B19.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF9BDB.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DF9E09.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFA07C.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFA265.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFA403.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFAA92.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFAC6A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFB34B.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFB806.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFB8F2.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFB919.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFBE53.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFC2DC.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFC3DD.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFC4EA.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFC52F.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFD52A.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFD9F7.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFE048.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFE224.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFE54.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFE5CE.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~DFFB53.tmp moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~gu-ver.dat moved successfully.
C:\DOCUME~1\MICHLE~1\LOCALS~1\Temp\~SG_SI00.TMP moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: LocalService
->Temp folder emptied: 115616 bytes
->Temporary Internet Files folder emptied: 1551292 bytes
->Google Chrome cache emptied: 6099312 bytes
->Flash cache emptied: 405 bytes
User: Michèle
->Temp folder emptied: 131351476 bytes
->Temporary Internet Files folder emptied: 812229 bytes
->Java cache emptied: 1067 bytes
->Google Chrome cache emptied: 215844706 bytes
->Flash cache emptied: 548 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 289390 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 582308968 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 895,00 mb
[EMPTYFLASH]
User: Administrateur
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 0 bytes
User: Michèle
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04072014_222540
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
MissCata23
Messages postés
214
Date d'inscription
mercredi 15 janvier 2014
Statut
Membre
Dernière intervention
3 avril 2015
4
7 avril 2014 à 22:58
7 avril 2014 à 22:58
Ayé, j'ai passé Delfix comme tu m'as dit.
Il n'a pas supprimé Shortcut_Module par contre, j'en fais quoi?
L'ordi a l'air d'aller, bien que je trouve qu'il rame un peu mais c'est sûrement parce qu'il n'est plus tout jeune et a peu de RAM (hélas! Du coup je ne peux pas migrer vers Windows 7 et suis obligée de... prendre le risque en restant sous XP)
C'est surtout aussi sur internet que ça rame (mais pas plus qu'avant), mais je crains que ce soit dû à ma pauvre connexion de cambrousse plafonnée à 2Méga! Et là y a pas grand chose à faire...
Merci encore de ton aide. J'éteins pour ce soir. Bonne nuit! :)
(Si tu as d'autres conseils particuliers du fait que je dois rester sous XP, je suis preneuse!)
Il n'a pas supprimé Shortcut_Module par contre, j'en fais quoi?
L'ordi a l'air d'aller, bien que je trouve qu'il rame un peu mais c'est sûrement parce qu'il n'est plus tout jeune et a peu de RAM (hélas! Du coup je ne peux pas migrer vers Windows 7 et suis obligée de... prendre le risque en restant sous XP)
C'est surtout aussi sur internet que ça rame (mais pas plus qu'avant), mais je crains que ce soit dû à ma pauvre connexion de cambrousse plafonnée à 2Méga! Et là y a pas grand chose à faire...
Merci encore de ton aide. J'éteins pour ce soir. Bonne nuit! :)
(Si tu as d'autres conseils particuliers du fait que je dois rester sous XP, je suis preneuse!)
MissCata23
Messages postés
214
Date d'inscription
mercredi 15 janvier 2014
Statut
Membre
Dernière intervention
3 avril 2015
4
8 avril 2014 à 18:46
8 avril 2014 à 18:46
J'ai un gros souci (j'ai ouvert un autre sujet dans "logiciels" mais si besoin je supprimerai, je ne sais pas si c'est mieux de continuer ici...?):
Je ne peux plus ouvrir Word, Excel, Publisher (tout le pack office quoi): message problème de raccourci avec marqué: "identificateur de fonctionnalité n'est pas inscrit". Je fais comment??
Je ne peux plus ouvrir Word, Excel, Publisher (tout le pack office quoi): message problème de raccourci avec marqué: "identificateur de fonctionnalité n'est pas inscrit". Je fais comment??
MissCata23
Messages postés
214
Date d'inscription
mercredi 15 janvier 2014
Statut
Membre
Dernière intervention
3 avril 2015
4
8 avril 2014 à 20:14
8 avril 2014 à 20:14
L'ordi a rebooté tout seul alors que j'étais sous Chrome! (pas de message d'erreur en redémarrant) Mais qu'est-ce qu'il me fait?