hallo Coolman,
il y a en un paquet (jamais eu autant)
SR - Auto [20/10/2011] [ 53248] soft Xpansion Dispatch Service (SXDS10) . (.soft Xpansion.) - C:\Program Files\Common Files\soft Xpansion\sxds10.exe {5936DB2517086A321730D64D86DB76A6}
O3 - Toolbar: IEBarBand - [HKLM]{5D614488-5F83-4BA7-94EC-FA492A4BE177} . (.soft Xpansion - Perfect PDF and Print 9.) -- C:\Program Files\soft Xpansion\Perfect PDF & Print 9\ieagent32.dll {28D73FA04EA8EACA9257B61CB953C73A}
O42 - Logiciel: MovieCaptioner version 2.22 - (.SynchriMedia.) [HKLM] -- {B897C7DD-480D-4405-9609-6ABA3729790B}_is1
O42 - Logiciel: PDF Password Recover - (.PDFPasswordRecover.) [HKLM] -- {FD0367D8-220D-4374-9C4E-1A8D0F086B8E}
O42 - Logiciel: The Musketeers: Victoria's Quest - (..) [HKLM] -- BFG-The Musketeers - Victorias Quest
HKLM\SOFTWARE\AbstractCurves
HKLM\SOFTWARE\SynchriMedia
HKCU\SOFTWARE\AbstractCurves
HKCU\SOFTWARE\SynchriMedia
HKCU\SOFTWARE\WonderfulShare
O43 - CFD: 08/02/2017 - [] D -- C:\Program Files\AbstractCurves
O43 - CFD: 07/08/2015 - [] D -- C:\Program Files\Detong {184E5A580516CAA7C507819C4C3A0F27}
O43 - CFD: 20/02/2017 - [] D -- C:\Program Files\Dictionnaire le Littré 2.0
O43 - CFD: 07/11/2012 - [] D -- C:\Program Files\Jufsoft {00B2034DDFD33C4C10A3FA403911E4F24B}
O43 - CFD: 06/06/2017 - [] D -- C:\Program Files\MovieCaptioner Demo
O43 - CFD: 10/05/2017 - [] D -- C:\Program Files\PDFPasswordRecover
O43 - CFD: 23/11/2014 - [] D -- C:\Program Files\soft Xpansion {28D73FA04EA8EACA9257B61CB953C73A}
O43 - CFD: 20/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dictionnaire le Littré 2.0
O43 - CFD: 01/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legacy Tales Mercy of the Gallows Collectors Edition
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legends of Atlantis
O43 - CFD: 06/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MovieCaptioner Demo
O43 - CFD: 10/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFPasswordRecover
O43 - CFD: 04/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Privacy Protector for Windows 10
O43 - CFD: 04/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Musketeers - Victorias Quest
O43 - CFD: 08/02/2017 - [] D -- C:\Users\PeterPan\AppData\Roaming\AbstractCurves
O43 - CFD: 06/11/2016 - [] D -- C:\Users\PeterPan\Desktop\BigFishCache
O43 - CFD: 10/02/2017 - [] D -- C:\Users\PeterPan\Desktop\CDBurnerXP-4.5.7.6521
O43 - CFD: 31/12/2016 - [] D -- C:\Users\PeterPan\Desktop\cports
O43 - CFD: 05/08/2017 - [] D -- C:\Users\PeterPan\Desktop\hosts
O43 - CFD: 26/04/2017 - [] D -- C:\Users\PeterPan\Desktop\inbpwgenerator1
O43 - CFD: 20/11/2017 - [0] D -- C:\Users\PeterPan\Desktop\KIS_2017
O43 - CFD: 29/05/2014 - [] D -- C:\Users\PeterPan\Desktop\LaddyC
O43 - CFD: 10/05/2017 - [] D -- C:\Users\PeterPan\Desktop\PDFPasswordRecover-95ln28
O43 - CFD: 06/06/2017 - [] D -- C:\Users\PeterPan\Desktop\SCC Caption Decoder
O43 - CFD: 03/05/2017 - [] D -- C:\Users\PeterPan\Desktop\toilettes
O43 - CFD: 08/02/2017 - [] D -- C:\Users\PeterPan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AbstractCurves
O43 - CFD: 02/11/2012 - [] D -- C:\Users\PeterPan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outil de téléchargement USB DVD Windows 7
O43 - CFD: 04/03/2016 - [] D -- C:\Users\PeterPan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Musketeers - Victorias Quest
O108 - CMH1: AccExt - . (.Orphan.)
O108 - CMH1: IcecreamShellExtension - {A8B59160-93EA-4303-9192-AA3C64FDBE31} . (.TODO: <Company name> - TODO: <File description>.) -- C:\Program Files\Icecream PDF Split and Merge\IcecreamShell.dll
O108 - CMH1: ShellExtension - . (.Orphan.)
O108 - CMH1: SX_PDF9_STUDIO - {B1B49373-0A05-4160-96FE-AF71F235B445} . (.soft Xpansion - Perfect PDF and Print 9.) -- C:\Program Files\soft Xpansion\Perfect PDF & Print 9\weagent32.dll {28D73FA04EA8EACA9257B61CB953C73A}
O108 - CMH1: VersionsPageShellExt - [CC]{9E42900A-85F9-4E67-9778-575FBBA0A81C} . (.Orphan.)
O108 - CMH4: ShellExtension - . (.Orphan.)
O108 - CMH6: AccExt - . (.Orphan.)
O108 - CMH6: RecuvaShellExt - [CC]{435E5DF5-2510-463C-B223-BDA47006D002} . (.Orphan.)
O108 - CMH6: RUShellExt - [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} . (.Orphan.)
O108 - CMH6: VersionsPageShellExt - [CC]{9E42900A-85F9-4E67-9778-575FBBA0A81C} . (.Orphan.)
O108 - CMH7: ShellExtension - . (.Orphan.)
O58 - SDL:2015/10/11 22:29:30 A . (.Zaitsev Oleg, Copyright (C) 2004-2006 - AVZ Driver.) -- C:\Windows\System32\drivers\utqwotcw.sys [7168]
O58 - SDL:2017/11/05 23:14:09 A . (.Zaitsev Oleg, Copyright (C) 2004-2006 - AVZ Driver.) -- C:\Windows\System32\drivers\utqwoty5.sys [7168]
O61 - LFC: 2017/11/20 11:19:07 A . (.http://jayrock.googlecode.com.) -- C:\Users\PeterPan\AppData\Local\KeePass\PluginCache\1DoNmMaJT7O3ars9mchx\Jayrock.dll [49152]
O61 - LFC: 2017/11/20 11:19:07 A . (.http://jayrock.googlecode.com.) -- C:\Users\PeterPan\AppData\Local\KeePass\PluginCache\1DoNmMaJT7O3ars9mchx\Jayrock.Json.dll [126976]
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (...) -- %1" %*
[MD5.B321CFF5C2BDA185783C92D99F108AC0] [WIS][2009/05/22 04:40:28] (. - .) -- C:\Windows\Installer\2043a4.msi [935424]
[MD5.E27FF04FF24580BE09E7F900BDCAF0B6] [WIS][2009/05/22 03:05:25] (. - .) -- C:\Windows\Installer\2043ac.msi [390144]
[MD5.54231F09AD008876BD1E3C4BB357F2B3] [WIS][2009/05/22 05:28:17] (. - .) -- C:\Windows\Installer\2043b8.msi [496640]
[MD5.A219BB2512B76CF460A06E2E61297DA0] [WIS][2009/09/20 18:23:01] (. - .) -- C:\Windows\Installer\2043c0.msi [384512]
[MD5.3B78F66C16E0C35B0D876C574B7F0773] [WIS][2009/09/20 19:12:52] (..) -- C:\Windows\Installer\2043c9.msi [774144]
[MD5.EB3C329787211190E1AECDC2E6B29C1C] [WIS][2009/05/22 04:49:22] (. - .) -- C:\Windows\Installer\2043dd.msi [609280]
[MD5.CCA680016D44D283B4831137F98B135B] [WIS][2008/10/17 18:29:32] (. - .) -- C:\Windows\Installer\2043e5.msi [519680]
[MD5.FCDD835CA168C7C78FEFDBF1D3B7D0F9] [WIS][2009/09/20 20:36:15] (. - .) -- C:\Windows\Installer\2043f6.msi [692736]
[MD5.EE1A8342C32B7BE09B6023FA6C4005AE] [WIS][2009/09/20 20:07:47] (. - .) -- C:\Windows\Installer\2043fe.msi [678912]
[MD5.2480CDBD065550A96CDA4C354FC72423] [WIS][2009/09/20 16:56:25] (. - .) -- C:\Windows\Installer\20440d.msi [613376]
[MD5.BDDFEFDAD18D44BAD5C140F9D45201E3] [WIS][2009/09/20 20:24:04] (. - .) -- C:\Windows\Installer\204415.msi [585216]
[MD5.853707E10B44AB388F115C56A1580CF1] [WIS][2009/05/22 04:21:36] (. - .) -- C:\Windows\Installer\204420.msi [822272]
[MD5.0138FF391163A74825AF39F407D60E85] [WIS][2009/05/22 04:05:55] (. - .) -- C:\Windows\Installer\204428.msi [470016]
[MD5.77EB26C78A3DDDFDE5A948B465A44949] [WIS][2009/05/22 02:58:17] (. - .) -- C:\Windows\Installer\204430.msi [765440]
[MD5.DB4CDE7DA1AA5FE3EA51C08FBFD1A27A] [WIS][2009/09/20 20:15:49] (. - .) -- C:\Windows\Installer\204449.msi [857600]
[MD5.4994A8CD5C2DE794D6692F8D1EC3E59A] [WIS][2017/05/10 05:11:27] (.PDFPasswordRecover.) -- C:\Windows\Installer\268549f9.msi [7097856]
[MD5.05C8717105AB978915D1AB697FB19019] [WIS][2017/04/26 09:27:16] (.The J2SE Runtime Environment with European languages. - Additional Font and Media Support.) -- C:\Windows\Installer\274fb474.msi [207360]
[MD5.DE8F8D51400CE64F2BB1BD0909855A2F] [WIS][2007/04/04 17:34:34] (..) -- C:\Windows\Installer\ee8ca.msi [2646016]
Merci
il y a en un paquet (jamais eu autant)
SR - Auto [20/10/2011] [ 53248] soft Xpansion Dispatch Service (SXDS10) . (.soft Xpansion.) - C:\Program Files\Common Files\soft Xpansion\sxds10.exe {5936DB2517086A321730D64D86DB76A6}
O3 - Toolbar: IEBarBand - [HKLM]{5D614488-5F83-4BA7-94EC-FA492A4BE177} . (.soft Xpansion - Perfect PDF and Print 9.) -- C:\Program Files\soft Xpansion\Perfect PDF & Print 9\ieagent32.dll {28D73FA04EA8EACA9257B61CB953C73A}
O42 - Logiciel: MovieCaptioner version 2.22 - (.SynchriMedia.) [HKLM] -- {B897C7DD-480D-4405-9609-6ABA3729790B}_is1
O42 - Logiciel: PDF Password Recover - (.PDFPasswordRecover.) [HKLM] -- {FD0367D8-220D-4374-9C4E-1A8D0F086B8E}
O42 - Logiciel: The Musketeers: Victoria's Quest - (..) [HKLM] -- BFG-The Musketeers - Victorias Quest
HKLM\SOFTWARE\AbstractCurves
HKLM\SOFTWARE\SynchriMedia
HKCU\SOFTWARE\AbstractCurves
HKCU\SOFTWARE\SynchriMedia
HKCU\SOFTWARE\WonderfulShare
O43 - CFD: 08/02/2017 - [] D -- C:\Program Files\AbstractCurves
O43 - CFD: 07/08/2015 - [] D -- C:\Program Files\Detong {184E5A580516CAA7C507819C4C3A0F27}
O43 - CFD: 20/02/2017 - [] D -- C:\Program Files\Dictionnaire le Littré 2.0
O43 - CFD: 07/11/2012 - [] D -- C:\Program Files\Jufsoft {00B2034DDFD33C4C10A3FA403911E4F24B}
O43 - CFD: 06/06/2017 - [] D -- C:\Program Files\MovieCaptioner Demo
O43 - CFD: 10/05/2017 - [] D -- C:\Program Files\PDFPasswordRecover
O43 - CFD: 23/11/2014 - [] D -- C:\Program Files\soft Xpansion {28D73FA04EA8EACA9257B61CB953C73A}
O43 - CFD: 20/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dictionnaire le Littré 2.0
O43 - CFD: 01/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legacy Tales Mercy of the Gallows Collectors Edition
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legends of Atlantis
O43 - CFD: 06/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MovieCaptioner Demo
O43 - CFD: 10/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFPasswordRecover
O43 - CFD: 04/09/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Privacy Protector for Windows 10
O43 - CFD: 04/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Musketeers - Victorias Quest
O43 - CFD: 08/02/2017 - [] D -- C:\Users\PeterPan\AppData\Roaming\AbstractCurves
O43 - CFD: 06/11/2016 - [] D -- C:\Users\PeterPan\Desktop\BigFishCache
O43 - CFD: 10/02/2017 - [] D -- C:\Users\PeterPan\Desktop\CDBurnerXP-4.5.7.6521
O43 - CFD: 31/12/2016 - [] D -- C:\Users\PeterPan\Desktop\cports
O43 - CFD: 05/08/2017 - [] D -- C:\Users\PeterPan\Desktop\hosts
O43 - CFD: 26/04/2017 - [] D -- C:\Users\PeterPan\Desktop\inbpwgenerator1
O43 - CFD: 20/11/2017 - [0] D -- C:\Users\PeterPan\Desktop\KIS_2017
O43 - CFD: 29/05/2014 - [] D -- C:\Users\PeterPan\Desktop\LaddyC
O43 - CFD: 10/05/2017 - [] D -- C:\Users\PeterPan\Desktop\PDFPasswordRecover-95ln28
O43 - CFD: 06/06/2017 - [] D -- C:\Users\PeterPan\Desktop\SCC Caption Decoder
O43 - CFD: 03/05/2017 - [] D -- C:\Users\PeterPan\Desktop\toilettes
O43 - CFD: 08/02/2017 - [] D -- C:\Users\PeterPan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AbstractCurves
O43 - CFD: 02/11/2012 - [] D -- C:\Users\PeterPan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outil de téléchargement USB DVD Windows 7
O43 - CFD: 04/03/2016 - [] D -- C:\Users\PeterPan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Musketeers - Victorias Quest
O108 - CMH1: AccExt - . (.Orphan.)
O108 - CMH1: IcecreamShellExtension - {A8B59160-93EA-4303-9192-AA3C64FDBE31} . (.TODO: <Company name> - TODO: <File description>.) -- C:\Program Files\Icecream PDF Split and Merge\IcecreamShell.dll
O108 - CMH1: ShellExtension - . (.Orphan.)
O108 - CMH1: SX_PDF9_STUDIO - {B1B49373-0A05-4160-96FE-AF71F235B445} . (.soft Xpansion - Perfect PDF and Print 9.) -- C:\Program Files\soft Xpansion\Perfect PDF & Print 9\weagent32.dll {28D73FA04EA8EACA9257B61CB953C73A}
O108 - CMH1: VersionsPageShellExt - [CC]{9E42900A-85F9-4E67-9778-575FBBA0A81C} . (.Orphan.)
O108 - CMH4: ShellExtension - . (.Orphan.)
O108 - CMH6: AccExt - . (.Orphan.)
O108 - CMH6: RecuvaShellExt - [CC]{435E5DF5-2510-463C-B223-BDA47006D002} . (.Orphan.)
O108 - CMH6: RUShellExt - [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} . (.Orphan.)
O108 - CMH6: VersionsPageShellExt - [CC]{9E42900A-85F9-4E67-9778-575FBBA0A81C} . (.Orphan.)
O108 - CMH7: ShellExtension - . (.Orphan.)
O58 - SDL:2015/10/11 22:29:30 A . (.Zaitsev Oleg, Copyright (C) 2004-2006 - AVZ Driver.) -- C:\Windows\System32\drivers\utqwotcw.sys [7168]
O58 - SDL:2017/11/05 23:14:09 A . (.Zaitsev Oleg, Copyright (C) 2004-2006 - AVZ Driver.) -- C:\Windows\System32\drivers\utqwoty5.sys [7168]
O61 - LFC: 2017/11/20 11:19:07 A . (.http://jayrock.googlecode.com.) -- C:\Users\PeterPan\AppData\Local\KeePass\PluginCache\1DoNmMaJT7O3ars9mchx\Jayrock.dll [49152]
O61 - LFC: 2017/11/20 11:19:07 A . (.http://jayrock.googlecode.com.) -- C:\Users\PeterPan\AppData\Local\KeePass\PluginCache\1DoNmMaJT7O3ars9mchx\Jayrock.Json.dll [126976]
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (...) -- %1" %*
[MD5.B321CFF5C2BDA185783C92D99F108AC0] [WIS][2009/05/22 04:40:28] (. - .) -- C:\Windows\Installer\2043a4.msi [935424]
[MD5.E27FF04FF24580BE09E7F900BDCAF0B6] [WIS][2009/05/22 03:05:25] (. - .) -- C:\Windows\Installer\2043ac.msi [390144]
[MD5.54231F09AD008876BD1E3C4BB357F2B3] [WIS][2009/05/22 05:28:17] (. - .) -- C:\Windows\Installer\2043b8.msi [496640]
[MD5.A219BB2512B76CF460A06E2E61297DA0] [WIS][2009/09/20 18:23:01] (. - .) -- C:\Windows\Installer\2043c0.msi [384512]
[MD5.3B78F66C16E0C35B0D876C574B7F0773] [WIS][2009/09/20 19:12:52] (..) -- C:\Windows\Installer\2043c9.msi [774144]
[MD5.EB3C329787211190E1AECDC2E6B29C1C] [WIS][2009/05/22 04:49:22] (. - .) -- C:\Windows\Installer\2043dd.msi [609280]
[MD5.CCA680016D44D283B4831137F98B135B] [WIS][2008/10/17 18:29:32] (. - .) -- C:\Windows\Installer\2043e5.msi [519680]
[MD5.FCDD835CA168C7C78FEFDBF1D3B7D0F9] [WIS][2009/09/20 20:36:15] (. - .) -- C:\Windows\Installer\2043f6.msi [692736]
[MD5.EE1A8342C32B7BE09B6023FA6C4005AE] [WIS][2009/09/20 20:07:47] (. - .) -- C:\Windows\Installer\2043fe.msi [678912]
[MD5.2480CDBD065550A96CDA4C354FC72423] [WIS][2009/09/20 16:56:25] (. - .) -- C:\Windows\Installer\20440d.msi [613376]
[MD5.BDDFEFDAD18D44BAD5C140F9D45201E3] [WIS][2009/09/20 20:24:04] (. - .) -- C:\Windows\Installer\204415.msi [585216]
[MD5.853707E10B44AB388F115C56A1580CF1] [WIS][2009/05/22 04:21:36] (. - .) -- C:\Windows\Installer\204420.msi [822272]
[MD5.0138FF391163A74825AF39F407D60E85] [WIS][2009/05/22 04:05:55] (. - .) -- C:\Windows\Installer\204428.msi [470016]
[MD5.77EB26C78A3DDDFDE5A948B465A44949] [WIS][2009/05/22 02:58:17] (. - .) -- C:\Windows\Installer\204430.msi [765440]
[MD5.DB4CDE7DA1AA5FE3EA51C08FBFD1A27A] [WIS][2009/09/20 20:15:49] (. - .) -- C:\Windows\Installer\204449.msi [857600]
[MD5.4994A8CD5C2DE794D6692F8D1EC3E59A] [WIS][2017/05/10 05:11:27] (.PDFPasswordRecover.) -- C:\Windows\Installer\268549f9.msi [7097856]
[MD5.05C8717105AB978915D1AB697FB19019] [WIS][2017/04/26 09:27:16] (.The J2SE Runtime Environment with European languages. - Additional Font and Media Support.) -- C:\Windows\Installer\274fb474.msi [207360]
[MD5.DE8F8D51400CE64F2BB1BD0909855A2F] [WIS][2007/04/04 17:34:34] (..) -- C:\Windows\Installer\ee8ca.msi [2646016]
Merci
Avec les rumeurs, c'est comme avec la photographie. Quand on a quelque chose de négatif, on peut le développer et l'agrandir. Passer pour un idiot aux yeux d'un imbécile est une volupté de fin gourmet. "Que Dieu me garde bien de mes amis".
