[SOLVED] WU Thread 20012 - For BrianDrab

stephan · May 29, 2016

Hi everyone, hi BrianDrab,

First thank you Brian for your reply.

I first post in the windowsupdate section to explain my problems :
https://www.sysnative.com/forums/wi...nable-download-windows-update.html#post157390

Since Brian tell me to check for malware first, here it is :

My data are backed up.
I remove Deluge (P2P client) and restarted my computer.

I wil put 3 others posts : one for the end of FRST.txt, another for Addition.txt and the last one for SALog.txt and checkup.txt.

Regards

Stephan

FRST.txt :

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016
Exécuté par pom (administrateur) sur ASUS (29-05-2016 10:20:53)
Exécuté depuis C:\Users\pom\Desktop
Profils chargés: pom (Profils disponibles: pom & lil & pom1 & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 9 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool:

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera

pas déplacé.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine

Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine

Components\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonix Technology Co., Ltd.) C:\Windows\vsnp2uvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel

\SRSPremiumPanel_64.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe

==================== Registre (Avec liste blanche)

===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la

valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

[11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-

06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [909824 2010-01-21] (Sonix

Technology Co., Ltd.)
HKLM\...\Run: [Ocster Backup] => "C:\Program Files\Ocster Backup\bin\backupClient-

ox.exe" --hidden
HKLM\...\Run: [BoxSyncHelper] => C:\Program Files\Box Sync\BoxSyncHelper.exe

[393216 2013-06-07] (Box, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast

\AvastUI.exe [7400576 2016-05-12] (AVAST Software)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless

Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [ATKMEDIA] => J:\ATK Media\DMedia.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files

\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [HControlUser] => J:\ATK Hotkey\HControlUser.exe
HKLM-x32\...\Run: [UpdateP2GoShortCut] => "C:\Program Files (x86)\CyberLink

\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink

\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
HKLM-x32\...\Run: [UpdateLBPShortCut] => "C:\Program Files (x86)\CyberLink

\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink

\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
HKLM-x32\...\Run: [SearchSettings] => "C:\Program Files (x86)\Common Files\Spigot

\Search Settings\SearchSettings.exe"
HKLM-x32\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime

\QTTask.exe" -atboottime
HKLM-x32\...\Run: [MMReminderService] => C:\Program Files (x86)\Mindjet

\MindManager 10\MMReminderService.exe
HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] => C:\Program Files

(x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2013-09-14]

()
HKLM-x32\...\Run: [CLMLServer] => "C:\Program Files (x86)\CyberLink\Power2Go

\CLMLSvc.exe"
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS

WebStorage\3.0.84.161\AsusWSPanel.exe /S
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple

\Apple Application Support\APSDaemon.exe"
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common

Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe

[152392 2013-02-20] (Apple Inc.)
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Google Update]

=> C:\Users\pom\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-

29] (Google Inc.)
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run:

[VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp

\VideoDownloaderUltimate.exe /repair
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Syncables] => C:

\Program Files (x86)\syncables\syncables desktop\Syncables.exe
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Skype] => "C:

\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Skitch] => C:

\Program Files (x86)\Evernote\Skitch\\\Skitch.exe -start-on-hide
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Google Photos

Backup] => "C:\Users\pom\AppData\Local\Programs\Google\Google Photos Backup

\Google Photos Backup.exe" /autostart
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Cobian Backup 11

interface] => "C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe" -service
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Cobian Backup

11] => "C:\Program Files (x86)\Cobian Backup 11\Cobian.exe"
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Control Panel\Desktop\

\SCRNSAVE.EXE -> none
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2009-

07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {07b40172-9807-3c1c-ba59-

6079a4aac108} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncFileLockedByOther] -> {04594f02-32ea-3587-

9086-f41d8e0913ce} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {89dd0924-32ad-3eef-af9e-

47999ec8e5ea} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {6186e773-c867-3e53-bafc-

97618c51f764} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {cb7cb4c9-490e-3599-b355-

e16ba7b83aa6} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopFileLocked] -> {C253B817-3A00-475f-

A5A3-6F2DD704B48D} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopNotSynced] -> {19ACC806-F7AA-46AA-

A80A-726A07CA6637} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopNotSyncedCollabs] -> {337D9DE0-3F8B-

4430-AF0F-FFC24A95AE8F} => C:\Windows\system32\mscoree.dll [2010-11-05]

(Microsoft Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopSynced] -> {B7AC9C6D-F15B-4B1A-

A88D-F518D13861D9} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopSyncedCollab] -> {9E48C232-F601-4E41

-BB3E-16CBAF317AA4} => C:\Windows\system32\mscoree.dll [2010-11-05]

(Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-

00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-

09] (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-

9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage

\3.0.84.161\ASUSWSShellExt64.dll Pas de fichier
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-

4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage

\3.0.84.161\ASUSWSShellExt64.dll Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

\AutorunsDisabled [2012-09-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Sync.lnk

[2013-06-29]
ShortcutTarget: Box Sync.lnk -> C:\Program Files\Box Sync\BoxSync.exe (Box, Inc.)
Startup: C:\Users\pom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs

\Startup\AutorunsDisabled [2012-10-19] ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera

supprimé ou restauré à la valeur par défaut.)

ProxyEnable: [S-1-5-21-1363170374-948335828-1288231404-1000] => Proxy est

activé.
ProxyServer: [S-1-5-21-1363170374-948335828-1288231404-1000] =>

http=127.0.0.1:8082
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{19171F79-8300-48A8-9B34-095551DCAF4B}: [DhcpNameServer]

192.168.1.1 192.168.1.1
ManualProxies: 1http=127.0.0.1:8082

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =

hxxp://asus.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Software\Microsoft\Internet

Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Software\Microsoft\Internet

Explorer\Main,Start Page = hxxps://fr.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

URL = hxxp://www.bing.com/search?q={searchTerms}

&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-

SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-

E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}

&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-

SearchBox
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =

hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:

{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}

&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-1363170374-948335828-1288231404-1000 ->

DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1363170374-948335828-1288231404-1000 ->

{ED16FF60-718F-4287-8C4D-6DC36A43D0D2} URL =

hxxps://fr.search.yahoo.com/search?p={searchTerms}

&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Complitly -> {0FB6A909-6086-458F-BD92-1F8EE10042A0} -> C:\Users\pom

\AppData\Roaming\Complitly\64\Complitly64.dll => Pas de fichier
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:

\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-23] (AVAST

Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-

D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-27]

(Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} ->

C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-23] (AVAST

Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-

9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-

27] (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -

Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -

Pas de fichier
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-

D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04

-23] (AVAST Software)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:

\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Pas de fichier

FireFox:
========
FF ProfilePath: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default
FF Session Restore: -> est activé.
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash

\NPSWF64_21_0_0_242.dll [2016-05-14] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf ->

C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2012-08-

14] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft

Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer

Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer

\npPDFXCviewNPPlugin.dll [2012-08-14] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash

\NPSWF32_21_0_0_242.dll [2016-05-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes

\Mozilla Plugins\npitunes.dll [2013-02-20] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer

Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer

\Win32\npPDFXCviewNPPlugin.dll [2012-08-14] (Tracker Software Products (Canada)

Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google

\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files

(x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java

\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java

\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft

Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files

(x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files

(x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files

(x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files

(x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer

Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer

\Win32\npPDFXCviewNPPlugin.dll [2012-08-14] (Tracker Software Products (Canada)

Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files

\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll [2011-10-03] (Wolfram

Research, Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader

\bin\nppdf.dll [2010-12-14] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000: @docu-

track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files

\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-08-14] (Tracker

Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000:

@talk.google.com/GoogleTalkPlugin -> C:\Users\pom\AppData\Roaming\Mozilla

\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000:

@talk.google.com/O1DPlugin -> C:\Users\pom\AppData\Roaming\Mozilla\plugins

\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000:

@tools.google.com/Google Update;version=3 -> C:\Users\pom\AppData\Local\Google

\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000:

@tools.google.com/Google Update;version=9 -> C:\Users\pom\AppData\Local\Google

\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000:

@unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pom\AppData\LocalLow\Unity

\WebPlayer\loader\npUnity3D32.dll [2013-04-03] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\pom\AppData\Roaming\mozilla\plugins

\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\pom\AppData\Roaming\mozilla\plugins

\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\des.xml [2016-03-01]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\facebook-search.xml [2016-02-17]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\firefox-modules.xml [2016-02-17]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\ixquick-https.xml [2016-02-17]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\kickassto.xml [2016-02-17]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\knoema.xml [2016-02-16]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\linguee-fr-en.xml [2016-03-01]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\qwant.xml [2016-02-17]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\startpage-ssl.xml [2016-02-17]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\thepiratebayorg.xml [2016-02-17]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\torrents-search.xml [2016-02-17]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\twitter-search.xml [2016-02-17]
FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\searchplugins\wolfram-alpha.xml [2016-02-17]
FF Extension: Zemanta - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\extensions\firefox@zemanta.com.xpi [2016-03-11]
FF Extension: DownThemAll! - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

\Profiles\ffedjd9k.default\extensions\{DDC359D1-844A-42a7-9AA1-

88A850A938A8}.xpi [2016-04-14]
FF Extension: ExportHTMLFolder - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

\Profiles\ffedjd9k.default\extensions\ExportHTMLFolder@luc.pastisman.xpi [2016-04-

29]
FF Extension: Diigo Toolbar - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\extensions\{fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3} [2016-04-29]
FF Extension: Google Shortcuts - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

\Profiles\ffedjd9k.default\extensions\{5C46D283-ABDE-4dce-B83C-

08881401921C}.xpi [2016-04-29]
FF Extension: feedly - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\extensions\feedly@devhd.xpi [2016-04-29]
FF Extension: FEBE - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-

05-24]
FF Extension: FeedlyTube - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\Extensions\@feedlytube.xpi [2016-02-16]
FF Extension: Google Scholar Button - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

\Profiles\ffedjd9k.default\Extensions\button@scholar.google.com.xpi [2016-04-27]
FF Extension: Buffer for Firefox - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

\Profiles\ffedjd9k.default\Extensions\firefox@buffer.xpi [2016-02-13]
FF Extension: Ghostery - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\Extensions\firefox@ghostery.com.xpi [2016-05-04]
FF Extension: HTTPS by default - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

\Profiles\ffedjd9k.default\Extensions\https-by-default@robwu.nl.xpi [2016-04-27]
FF Extension: Wordreference Translate In Page - C:\Users\pom\AppData\Roaming

\Mozilla\Firefox\Profiles\ffedjd9k.default\Extensions\jid1-

AIK1jwTdfcyYQw@jetpack.xpi [2016-04-28]
FF Extension: Add to Feedly Plus - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

\Profiles\ffedjd9k.default\Extensions\jid1-lpXbkGi1kHPDGQ@jetpack.xpi [2016-02-16]
FF Extension: Add to feedly - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\Extensions\jid1-YZsgHbPHarNxRg@jetpack.xpi [2016-04-28]
FF Extension: Tab Groups - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\Extensions\tabgroups@quicksaver.xpi [2016-03-21]
FF Extension: uBlock Origin - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\Extensions\uBlock0@raymondhill.net.xpi [2016-05-02]
FF Extension: gtranslate - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2016-05-

14]
FF Extension: Video DownloadHelper - C:\Users\pom\AppData\Roaming\Mozilla

\Firefox\Profiles\ffedjd9k.default\Extensions\{b9db16a4-6edc-47ec-a1f4-

b86292ed211d}.xpi [2016-05-23]
FF Extension: web_clipper - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

\ffedjd9k.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016

-04-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software

\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep

\FF [2016-05-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software

\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF

[2016-05-09]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files

(x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart

Web Printing\MozillaAddOn3 [2011-09-02] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST

Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST

Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Firefox\Extensions:

[smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web

Printing\MozillaAddOn3

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?p=

{searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/ie?

output=fxjson&command={searchTerms}&nResults=10
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application

\50.0.2661.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application

\50.0.2661.102\ppGoogleNaClPluginChrome.dll => Pas de fichier
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome

\Application\50.0.2661.102\pdf.dll => Pas de fichier
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files

(x86)\Mozilla Firefox\plugins\np-mswmp.dll => Pas de fichier
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files (x86)\Mozilla Firefox\plugins

\npPDFXCviewNPPlugin.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

\plugins\npqtplugin.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

\plugins\npqtplugin2.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

\plugins\npqtplugin3.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

\plugins\npqtplugin4.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

\plugins\npqtplugin5.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

\plugins\npqtplugin6.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

\plugins\npqtplugin7.dll => Pas de fichier
CHR Plugin: (Google Talk Plugin) - C:\Users\pom\AppData\Roaming\Mozilla\plugins

\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\pom\AppData\Roaming

\Mozilla\plugins\npgtpo3dautoplugin.dll => Pas de fichier
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\pom\AppData\Roaming

\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Wolfram Mathematica) - C:\Program Files (x86)\Common Files\Wolfram

Research\Browser\8.0.4.2609412\npmathplugin.dll (Wolfram Research, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth

\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google,

Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update

\1.3.21.153\npGoogleUpdate3.dll => Pas de fichier
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin

\plugin2\npjp2.dll => Pas de fichier
CHR Plugin: (DocuCom PDF Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin

\nppdf.dll (Zeon Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

(VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live

\Photo Gallery\NPWLPG.dll => Pas de fichier
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla

Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\pom\AppData\LocalLow\Unity\WebPlayer\loader

\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director

\np32dsw_1203133.dll => Pas de fichier
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash

\NPSWF32_11_8_800_94.dll => Pas de fichier
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows

\SysWOW64\npDeployJava1.dll => Pas de fichier
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight

\5.1.20513.0\npctrl.dll => Pas de fichier
CHR Profile: C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\pom\AppData\Local\Google\Chrome\User

Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Shortcuts for Google™) - C:\Users\pom\AppData\Local\Google

\Chrome\User Data\Default\Extensions\baohinapilmkigilbbbcccncoljkdpnd [2016-05-07]
CHR Extension: (JSONView) - C:\Users\pom\AppData\Local\Google\Chrome\User Data

\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2014-01-08]
CHR Extension: (uBlock Origin) - C:\Users\pom\AppData\Local\Google\Chrome\User

Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-05-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\pom\AppData\Local\Google

\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-

20]
CHR Extension: (Avast Online Security) - C:\Users\pom\AppData\Local\Google\Chrome

\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-07]
CHR Extension: (Pocket) - C:\Users\pom\AppData\Local\Google\Chrome\User Data

\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-08-17]
CHR Extension: (Ghostery) - C:\Users\pom\AppData\Local\Google\Chrome\User Data

\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-03-12]
CHR Extension: (Save to Pocket) - C:\Users\pom\AppData\Local\Google\Chrome\User

Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-05-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pom\AppData\Local

\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

[2015-08-13]
CHR Extension: (Pdfy me!) - C:\Users\pom\AppData\Local\Google\Chrome\User Data

\Default\Extensions\pbjlkllgdheclcbffnloofaoiiadkofd [2015-09-10]
CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\pom\AppData

\Local\Google\Chrome\User Data\Default\Extensions\pnhplgjpclknigjpccbcnmicgcieojbh

[2016-03-12]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:

\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:

\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:

\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-

04-23]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <pas de

Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program

Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx <non

trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] -

hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche)

========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296

2016-05-09] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

[5570272 2016-05-09] (Avast Software)
S3 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [231936 2009-02-17] ()

[Fichier non signé]
S3 GSService; C:\Windows\SysWOW64\GSService.exe [450272 2013-03-28] ()
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832

2009-05-21] (Hewlett-Packard Co.) [Fichier non signé]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009

-09-20] (Hewlett-Packard Co.) [Fichier non signé]
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS

\LMS.exe [262144 2009-10-01] (Intel Corporation) [Fichier non signé]
S3 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2768720

2014-01-08] (CybelSoft)
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13]

(Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06]

(Hewlett-Packard) [Fichier non signé]
S4 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service

\OUCore.exe [1081984 2012-04-13] (France Telecom SA)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06]

(Hewlett-Packard) [Fichier non signé]
S3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS

\UNS.exe [2314240 2009-10-01] (Intel Corporation) [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14]

(Microsoft Corporation)

===================== Pilotes (Avec liste blanche)

==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft

Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-09] (AVAST

Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-09] (AVAST

Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-09]

(AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-09] (AVAST

Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-09] (AVAST

Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-09] (AVAST

Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-09] (AVAST

Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-09] (AVAST

Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-09] (AVAST

Software)
S3 DrmCAudio; C:\Windows\System32\drivers\DrmCAudio.sys [34528 2013-03-28]

(Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom

Corporation)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys

[17568 2013-10-23] (CybelSoft)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-04-23] (AVAST

Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies,

Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2010-09-07]

(Sonix Technology Co., Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-10-07]

(Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-10-07]

(Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-10-07]

(Paragon)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys

[323392 2016-05-09] (Avast Software)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-

01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-

01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-

01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-

01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-

01-25] (Wondershare)
S3 cpuz134; \??\C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [X]
U2 TMAgent; pas de ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

========================== MD5 Pilotes =======================

C:\Windows\system32\drivers\1394ohci.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\ACPI.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\acpipmi.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\adp94xx.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\adpahci.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\adpu320.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\aliide.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\amdide.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\amdk8.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\atikmdag.sys

3F47D92F6D54263BF2CDEDAA6284D27C
C:\Windows\System32\DRIVERS\atikmpag.sys

A171B311BAFF865AEEE3635D1226898E
C:\Windows\system32\drivers\amdppm.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\drivers\AmUStor.SYS

9C7F164B49CADC658D1B3C575782F346
C:\Windows\System32\drivers\anvsnddrv.sys

E71711D37C48AC40FD3E2866A5ABBA51
C:\Windows\system32\drivers\appid.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\arc.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\arcsas.sys ==> Le MD5 est légitime
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

4C016FD76ED5C05E84CA8CAB77993961
C:\Windows\system32\drivers\aswHwid.sys 1694434F5B9AB16772C7A8E2EF9134CA
C:\Windows\system32\drivers\aswKbd.sys 786E8BCDFF674068F3C950615FC2E71C
C:\Windows\system32\drivers\aswMonFlt.sys

33D0DD0471FDF449C81338863FC63978
C:\Windows\system32\drivers\aswRdr2.sys

DF190688D993A3DB227BFB0BB40BD7D4
C:\Windows\System32\Drivers\aswRvrt.sys D873455DFA27680585AE238503917DF5
C:\Windows\system32\drivers\aswSnx.sys A371A06EC8F4830C263D3F5CA5A11B65
C:\Windows\system32\drivers\aswSP.sys 6B7F6CE19A16240EE9DE2C528897ED9C
C:\Windows\system32\drivers\aswStm.sys 3575F9226251DE48E065ED5C384A21EF
C:\Windows\System32\Drivers\aswVmm.sys

BA4CDCD8C0395E91C38CD2C5CE3E7FA2
C:\Windows\System32\DRIVERS\asyncmac.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\atapi.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\athrx.sys F8633CDD09647A64EE8DB550630427FF
C:\Windows\System32\drivers\AtihdW76.sys

4BF5BCA6E2608CD8A00BC4A6673A9F47
C:\Windows\system32\drivers\bxvbda.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Beep.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\blbdrive.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\bowser.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\BrFiltLo.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\BrFiltUp.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Brserid.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\BrSerWdm.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\BrUsbSer.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\bthpan.sys

02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\cdrom.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\circlass.sys ==> Le MD5 est légitime
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\System32\DRIVERS\CmBatt.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\cmdide.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\cng.sys CA3FB5A6B626D8A00A89E049CF95954E
C:\Windows\System32\drivers\compbatt.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\crcdisk.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\dfsc.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\discache.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\disk.sys 616387BBD83372220B09DE95F4E67BBC
C:\Windows\System32\DRIVERS\Dot4.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\Dot4Prt.sys

E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\DrmCAudio.sys

0CFC491A2A428E42262B8CBCFAF8DAB2
C:\Windows\system32\drivers\drmkaud.sys 26FE888505E5A945B0536AF9A2A27A6F
C:\Windows\System32\drivers\dxgkrnl.sys

3A9D7D464BDB3B70D7ECF689ADABBD4D
C:\Windows\system32\drivers\evbda.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\elxstor.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\errdev.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ETD.sys

05B0DCDA418E297A1B4CD8D7B8ADE403
C:\Windows\System32\Drivers\exfat.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\fastfat.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\fdc.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\fileinfo.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\filetrace.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\flpydisk.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\fltmgr.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\FsDepends.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\gagp30kx.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys

8E98D21EE06192492A5671A6144D092F
C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys

7D66EBDE8B7F9B4E00BEEFEEE82670D4
C:\Windows\system32\drivers\hcw85cir.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\HECIx64.sys

B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\drivers\HidBatt.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\hidbth.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\hidir.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\hidusb.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\HpSAMD.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\i8042prt.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\iaStor.sys 2064090C9FAAD92C090D77E50E735B2E
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\Impcd.sys

DD587A55390ED2295BCE6D36AD567DA9
C:\Windows\System32\drivers\RTKVHD64.sys

589B94A9B73A0E819FF873743A480834
C:\Windows\system32\drivers\intelide.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\intelppm.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\IPMIDrv.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\ipnat.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\irenum.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\isapnp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\kbdhid.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\kbfiltr.sys E63EF8C3271D014F14E2469CE75FECB4
C:\Windows\System32\Drivers\ksecdd.sys A8B94B5FE392C5AD92EA2CC8E4876887
C:\Windows\System32\Drivers\ksecpkg.sys 49F1533E36B9E9719A2BB6761680E4C5
C:\Windows\system32\drivers\ksthunk.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\L1C62x64.sys

48686C29856F46443952A831424F8D6F
C:\Windows\System32\DRIVERS\lltdio.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\lsi_fc.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\lsi_sas.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\lsi_sas2.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\lsi_scsi.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\luafv.sys ==> Le MD5 est légitime
C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys

8506CD0516D03955BC3C23FCF051C0C9
C:\Windows\system32\drivers\megasas.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\MegaSR.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\modem.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\monitor.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\mouclass.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\mouhid.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\mountmgr.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\mpio.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\mpsdrv.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\mrxdav.sys D7ADC2B83CA0B0381F75A98351F72CEE
C:\Windows\System32\DRIVERS\mrxsmb.sys

355E6E6B432892A5B20750EA5B317F3C
C:\Windows\System32\DRIVERS\mrxsmb10.sys

0631CC5098CC713568BCE103D8CB9575
C:\Windows\System32\DRIVERS\mrxsmb20.sys

448E1B0809DEECC5A37E64E80FFA7597
C:\Windows\System32\drivers\msahci.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\msdsm.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Msfs.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\mshidkmdf.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\msisadrv.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\MSKSSRV.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\MSPCLOCK.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\MSPQM.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\MsRPC.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\mssmbios.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\MSTEE.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\MTConfig.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ATK64AMD.sys

032D35C996F21D19A205A7C8F0B76F3C
C:\Windows\System32\Drivers\mup.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\nwifi.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\ndis.sys F7309F42555F8AAB7144A51A1F2585B0
C:\Windows\System32\DRIVERS\ndiscap.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ndistapi.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ndisuio.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\ndiswan.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\NDProxy.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\netbios.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\netbt.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\nfrd960.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\ngvss.sys 2C0EA76EAF7FBF99AF0A2F8C9BD4A556
C:\Windows\System32\drivers\npf.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Npfs.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\nsiproxy.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\Ntfs.sys 47B2D0B31BDC3EBE6090228E2BA3764D
C:\Windows\System32\Drivers\Null.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\ohci1394.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\parport.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\pciide.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\pcmcia.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\pcw.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\peauth.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\raspptp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\processr.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\pacer.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\ql2300.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\ql40xx.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\qwavedrv.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rasacd.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\raspppoe.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rassstp.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rdbss.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\rdpbus.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\rdpencdd.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\rdprefmp.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\rfcomm.sys

3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sbp2port.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\scfilter.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\secdrv.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\serenum.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\serial.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sermouse.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sffdisk.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sffp_mmc.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sffp_sd.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sfloppy.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\SiSG664.sys

1BC348CF6BAA90EC8E533EF6E6A69933
C:\Windows\system32\drivers\SiSRaid2.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\sisraid4.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\smb.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\snp2uvc.sys

C98375D19F9E9966F6201BAE65FB3728
C:\Windows\System32\Drivers\spldr.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\swenum.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys

04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\tssecsrv.sys

E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys

9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\TurboB.sys

C45A3E051C65106A28982CAED125F855
C:\Windows\system32\drivers\uagp35.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\udfs.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\uimx64.sys

6640110398438BDC6CC8D48EEC8EDDC5
C:\Windows\System32\Drivers\Uim_IMx64.sys

20BABEFA37F38B3CC26C0E9A26B844FF
C:\Windows\System32\Drivers\uim_vimx64.sys

441E8BC5E68200038F0F1941A10C85F4
C:\Windows\system32\drivers\uliagpkx.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\umbus.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\umpass.sys ==> Le MD5 est légitime
C:\Windows\System32\Drivers\usbaapl64.sys

C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\drivers\usbaudio.sys

B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys

ACCEA6BC68D0C9A78EB97EE159028B4E
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 311C1DD1088E55BEAE15954D17F50646
C:\Windows\System32\DRIVERS\usbhub.sys

280E90CBF4B2DDD169F0728CB44D726F
C:\Windows\system32\drivers\usbohci.sys 9406D801042FAF859CF81B2C886413DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\system32\drivers\USBSTOR.SYS

D029DD09E22EB24318A8FC3D8138BA43
C:\Windows\system32\drivers\usbuhci.sys A83D0EC9AE4C31704442099D40BA2471
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys

821A1C09F51152BDF753B59E50B36AF1
C:\Windows\System32\DRIVERS\VBoxNetAdp.sys

9B9F3754DBEB263766D06B0F1556E2B5
C:\Windows\System32\drivers\vdrvroot.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\vgapnp.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\vga.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\vhdmp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\viaide.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\volmgr.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\volmgrx.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\volsnap.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\vsmraid.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\vwifibus.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\vwififlt.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\vwifimp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\wacompen.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\wanarp.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\wanarp.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\wd.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\Wdf01000.sys

442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> Le MD5 est légitime
C:\Windows\System32\DRIVERS\wimfltr.sys

52DED146E4797E6CCF94799E8E22BB2A
C:\Windows\System32\drivers\wimmount.sys ==> Le MD5 est légitime
C:\Windows\SysWOW64\drivers\wimmount.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> Le MD5 est légitime
C:\Windows\system32\drivers\ws2ifsl.sys ==> Le MD5 est légitime
C:\Windows\System32\drivers\VirtualAudio1.sys

ADD2FE1A9F4EE41A6D724819550D4E1F
C:\Windows\System32\drivers\VirtualAudio2.sys

ADD2FE1A9F4EE41A6D724819550D4E1F
C:\Windows\System32\drivers\VirtualAudio3.sys

ADD2FE1A9F4EE41A6D724819550D4E1F
C:\Windows\System32\drivers\VirtualAudio4.sys

ADD2FE1A9F4EE41A6D724819550D4E1F
C:\Windows\System32\drivers\VirtualAudio5.sys

ADD2FE1A9F4EE41A6D724819550D4E1F
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\system32\drivers\WUDFRd.sys

DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

ne sera pas déplacé, sauf s'il est inscrit séparément.)

stephan · May 29, 2016

Second part of FRST.txt:

==================== Trois mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-05-29 10:20 - 2016-05-29 10:21 - 00056230 _____ C:\Users\pom\Desktop

\FRST.txt
2016-05-29 10:19 - 2016-05-29 10:20 - 00000000 ____D C:\FRST
2016-05-29 10:02 - 2016-05-29 10:02 - 00898560 _____ C:\Users\pom\Desktop

\RGSA.exe
2016-05-29 10:00 - 2016-05-29 10:00 - 02383872 _____ (Farbar) C:\Users\pom

\Desktop\FRST64.exe
2016-05-27 14:30 - 2016-05-27 14:30 - 00097856 _____ (Oracle Corporation) C:

\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-27 14:30 - 2016-05-27 14:30 - 00000000 ____D C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\Java
2016-05-27 14:29 - 2016-05-27 14:29 - 00000000 ____D C:\Users\Default\AppData

\Roaming\Sun
2016-05-27 14:29 - 2016-05-27 14:29 - 00000000 ____D C:\Users\Default User

\AppData\Roaming\Sun
2016-05-27 12:51 - 2016-05-27 12:51 - 00354195 _____ C:\Users\pom\Desktop\Fete

du velo 5 juin 2016.pdf
2016-05-26 19:44 - 2016-05-26 19:44 - 00000078 _____ C:\Windows

\system32\ASUS.Windows 7 Home Premium, 64-bit Service Pack 1 (build 7601).txt
2016-05-26 19:44 - 2016-05-26 19:44 - 00000000 ____D C:\Windows\RegBak
2016-05-26 19:40 - 2016-05-26 19:40 - 00000000 ____D C:\Program Files\Acelogix
2016-05-26 19:02 - 2016-05-26 19:02 - 00000000 ____D C:\Users\Default\AppData

\Local\Apple
2016-05-26 19:02 - 2016-05-26 19:02 - 00000000 ____D C:\Users\Default User

\AppData\Local\Apple
2016-05-26 18:50 - 2016-05-27 13:14 - 00000000 ____D C:\Users\pom\Desktop

\windows update error resolution
2016-05-26 18:24 - 2016-05-26 18:24 - 02884096 _____ (niemiro) C:\Users\pom

\Downloads\SFCFix.exe
2016-05-26 17:57 - 2016-05-26 17:57 - 00000000 ____D C:\Program Files

(x86)\Secunia
2016-05-26 17:51 - 2016-05-26 17:51 - 00738880 _____ (Oracle Corporation) C:

\Users\pom\Downloads\jxpiinstall.exe
2016-05-26 16:53 - 2016-05-26 16:53 - 00000000 ____D C:\Windows\ERDNT
2016-05-26 14:54 - 2016-05-26 18:38 - 00000000 ____D C:\SFCFix
2016-05-26 14:45 - 2016-05-26 18:38 - 00000000 ____D C:\Users\pom\AppData

\Local\niemiro
2016-05-25 23:39 - 2016-05-25 23:39 - 00003544 ____N C:\bootsqm.dat
2016-05-25 16:25 - 2016-05-25 16:25 - 00001146 _____ C:\Users\pom\Desktop

\Utilitaires & MAINTENANCE - Raccourci.lnk
2016-05-25 15:15 - 2016-05-25 15:17 - 00000000 ___RD C:\Users\pom\Skitch
2016-05-25 12:46 - 2016-05-25 12:46 - 00001001 _____ C:\Users\pom\Desktop

\budget.ods - Raccourci.lnk
2016-05-25 12:46 - 2016-05-25 12:46 - 00000967 _____ C:\Users\pom\Desktop\revenu

et activités.ods - Raccourci.lnk
2016-05-24 16:00 - 2016-05-24 16:00 - 00001490 _____ C:\Users\pom\Desktop

\ADMINISTRATIF INTENDANCE - Raccourci.lnk
2016-05-22 22:31 - 2016-05-22 22:31 - 00000218 _____ C:\Users\pom\AppData\Local

\recently-used.xbel
2016-05-21 22:19 - 2016-05-21 22:19 - 00000000 ____D C:\Windows

\SysWOW64\vbox
2016-05-21 22:19 - 2016-05-21 22:19 - 00000000 ____D C:\Windows\system32\vbox
2016-05-18 12:05 - 2016-05-18 15:58 - 00173747 _____ C:\Users\pom\Desktop

\2016_CvNourry_vendeur-wurth.odt
2016-05-15 16:10 - 2016-05-15 16:10 - 00001497 _____ C:\Users\pom\Desktop

\calendrier juin college.txt
2016-05-14 17:14 - 2016-05-17 13:49 - 00000000 ____D C:\Users\lil\AppData

\Roaming\.lifecraft
2016-05-14 17:11 - 2016-05-14 17:11 - 00282277 _____ C:\Users\lil\Desktop\Lifecraft

(1).exe
2016-05-14 17:09 - 2016-05-14 17:09 - 00282277 _____ C:\Users\lil\Downloads

\Lifecraft.exe
2016-05-14 16:56 - 2016-05-14 16:56 - 00093003 _____ C:\Users\lil\Desktop

\Mineshafter-launcher(1).jar
2016-05-13 21:07 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:

\Windows\system32\msxml3.dll
2016-05-13 21:07 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:

\Windows\system32\msxml3r.dll
2016-05-13 21:07 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msxml3.dll
2016-05-13 21:07 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msxml3r.dll
2016-05-13 21:07 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:

\Windows\system32\wucltux.dll
2016-05-13 21:07 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:

\Windows\system32\wuwebv.dll
2016-05-13 21:07 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:

\Windows\system32\wudriver.dll
2016-05-13 21:07 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:

\Windows\system32\WinSetupUI.dll
2016-05-13 21:07 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wuwebv.dll
2016-05-13 21:07 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:

\Windows\system32\wuaueng.dll
2016-05-13 21:07 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:

\Windows\system32\wuapi.dll
2016-05-13 21:07 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:

\Windows\system32\wuauclt.exe
2016-05-13 21:07 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:

\Windows\system32\wups2.dll
2016-05-13 21:07 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:

\Windows\system32\wuapp.exe
2016-05-13 21:07 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:

\Windows\system32\wups.dll
2016-05-13 21:07 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:

\Windows\system32\wu.upgrade.ps.dll
2016-05-13 21:07 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wuapi.dll
2016-05-13 21:07 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wudriver.dll
2016-05-13 21:07 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wuapp.exe
2016-05-13 21:07 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wups.dll
2016-05-13 21:07 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:

\Windows\system32\tbs.dll
2016-05-13 21:07 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:

\Windows\system32\fveapibase.dll
2016-05-13 21:07 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\tbs.dll
2016-05-13 21:07 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:

\Windows\system32\rpcss.dll
2016-05-13 21:07 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\disk.sys
2016-05-13 21:07 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\ntfs.sys
2016-05-13 21:07 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:

\Windows\system32\ucrtbase.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ucrtbase.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-05-13 21:07 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-05-13 21:07 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:

\Windows\system32\mapistub.dll
2016-05-13 21:07 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:

\Windows\system32\mapi32.dll
2016-05-13 21:07 - 2015-11-14 01:08 - 00017920 _____ (Microsoft Corporation) C:

\Windows\system32\fixmapi.exe
2016-05-13 21:07 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mapistub.dll
2016-05-13 21:07 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mapi32.dll
2016-05-13 21:07 - 2015-11-14 00:49 - 00014336 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\fixmapi.exe
2016-05-13 21:07 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:

\Windows\system32\fveapi.dll
2016-05-13 21:07 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:

\Windows\system32\perftrack.dll
2016-05-13 21:07 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:

\Windows\system32\wdi.dll
2016-05-13 21:07 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:

\Windows\system32\powertracker.dll
2016-05-13 21:07 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wdi.dll
2016-05-13 21:06 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\d3d10level9.dll
2016-05-13 21:06 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:

\Windows\system32\d3d10level9.dll
2016-05-13 21:06 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\dxgkrnl.sys
2016-05-13 21:06 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\dxgmms1.sys
2016-05-13 21:06 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:

\Windows\system32\gdi32.dll
2016-05-13 21:06 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:

\Windows\system32\cdd.dll
2016-05-13 21:06 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\gdi32.dll
2016-05-13 21:06 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:

\Windows\system32\CompatTelRunner.exe
2016-05-13 21:06 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:

\Windows\system32\aeinv.dll
2016-05-13 21:06 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:

\Windows\system32\appraiser.dll
2016-05-13 21:06 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:

\Windows\system32\aepic.dll
2016-05-13 21:06 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:

\Windows\system32\generaltel.dll
2016-05-13 21:06 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:

\Windows\system32\devinv.dll
2016-05-13 21:06 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:

\Windows\system32\invagent.dll
2016-05-13 21:06 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:

\Windows\system32\acmigration.dll
2016-05-13 21:06 - 2016-03-16 02:22 - 00154344 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\ksecpkg.sys
2016-05-13 21:06 - 2016-03-16 02:22 - 00095464 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\ksecdd.sys
2016-05-13 21:06 - 2016-03-16 02:16 - 01212928 _____ (Microsoft Corporation) C:

\Windows\system32\rpcrt4.dll
2016-05-13 21:06 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:

\Windows\system32\samsrv.dll
2016-05-13 21:06 - 2016-03-16 02:16 - 00344064 _____ (Microsoft Corporation) C:

\Windows\system32\schannel.dll
2016-05-13 21:06 - 2016-03-16 02:16 - 00210432 _____ (Microsoft Corporation) C:

\Windows\system32\wdigest.dll
2016-05-13 21:06 - 2016-03-16 02:16 - 00190464 _____ (Microsoft Corporation) C:

\Windows\system32\rpchttp.dll
2016-05-13 21:06 - 2016-03-16 02:16 - 00135680 _____ (Microsoft Corporation) C:

\Windows\system32\sspicli.dll
2016-05-13 21:06 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:

\Windows\system32\samlib.dll
2016-05-13 21:06 - 2016-03-16 02:16 - 00086528 _____ (Microsoft Corporation) C:

\Windows\system32\TSpkg.dll
2016-05-13 21:06 - 2016-03-16 02:16 - 00028672 _____ (Microsoft Corporation) C:

\Windows\system32\sspisrv.dll
2016-05-13 21:06 - 2016-03-16 02:16 - 00028160 _____ (Microsoft Corporation) C:

\Windows\system32\secur32.dll
2016-05-13 21:06 - 2016-03-16 02:15 - 00316416 _____ (Microsoft Corporation) C:

\Windows\system32\msv1_0.dll
2016-05-13 21:06 - 2016-03-16 02:15 - 00312320 _____ (Microsoft Corporation) C:

\Windows\system32\ncrypt.dll
2016-05-13 21:06 - 2016-03-16 02:15 - 00060416 _____ (Microsoft Corporation) C:

\Windows\system32\msobjs.dll
2016-05-13 21:06 - 2016-03-16 02:14 - 01464320 _____ (Microsoft Corporation) C:

\Windows\system32\lsasrv.dll
2016-05-13 21:06 - 2016-03-16 02:14 - 00731136 _____ (Microsoft Corporation) C:

\Windows\system32\kerberos.dll
2016-05-13 21:06 - 2016-03-16 02:14 - 00146432 _____ (Microsoft Corporation) C:

\Windows\system32\msaudite.dll
2016-05-13 21:06 - 2016-03-16 02:13 - 00463872 _____ (Microsoft Corporation) C:

\Windows\system32\certcli.dll
2016-05-13 21:06 - 2016-03-16 02:13 - 00043520 _____ (Microsoft Corporation) C:

\Windows\system32\cryptbase.dll
2016-05-13 21:06 - 2016-03-16 02:13 - 00022016 _____ (Microsoft Corporation) C:

\Windows\system32\credssp.dll
2016-05-13 21:06 - 2016-03-16 02:12 - 00690688 _____ (Microsoft Corporation) C:

\Windows\system32\adtschema.dll
2016-05-13 21:06 - 2016-03-16 01:54 - 00666112 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\rpcrt4.dll
2016-05-13 21:06 - 2016-03-16 01:54 - 00171520 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wdigest.dll
2016-05-13 21:06 - 2016-03-16 01:54 - 00096768 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\sspicli.dll
2016-05-13 21:06 - 2016-03-16 01:54 - 00065536 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\TSpkg.dll
2016-05-13 21:06 - 2016-03-16 01:53 - 00251392 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\schannel.dll
2016-05-13 21:06 - 2016-03-16 01:53 - 00141312 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\rpchttp.dll
2016-05-13 21:06 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\samlib.dll
2016-05-13 21:06 - 2016-03-16 01:53 - 00022016 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\secur32.dll
2016-05-13 21:06 - 2016-03-16 01:52 - 00553984 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\kerberos.dll
2016-05-13 21:06 - 2016-03-16 01:52 - 00260608 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msv1_0.dll
2016-05-13 21:06 - 2016-03-16 01:52 - 00223232 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ncrypt.dll
2016-05-13 21:06 - 2016-03-16 01:52 - 00146432 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msaudite.dll
2016-05-13 21:06 - 2016-03-16 01:52 - 00060416 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msobjs.dll
2016-05-13 21:06 - 2016-03-16 01:51 - 00690688 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\adtschema.dll
2016-05-13 21:06 - 2016-03-16 01:51 - 00342528 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\certcli.dll
2016-05-13 21:06 - 2016-03-16 01:51 - 00017408 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\credssp.dll
2016-05-13 21:06 - 2016-03-16 01:16 - 00064000 _____ (Microsoft Corporation) C:

\Windows\system32\auditpol.exe
2016-05-13 21:06 - 2016-03-16 01:05 - 00050176 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\auditpol.exe
2016-05-13 21:06 - 2016-03-16 01:03 - 00159744 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\mrxsmb.sys
2016-05-13 21:06 - 2016-03-16 01:02 - 00291328 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\mrxsmb10.sys
2016-05-13 21:06 - 2016-03-16 01:02 - 00129536 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\mrxsmb20.sys
2016-05-13 21:06 - 2016-03-16 01:00 - 00030720 _____ (Microsoft Corporation) C:

\Windows\system32\lsass.exe
2016-05-13 21:06 - 2016-03-16 00:52 - 00036352 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\cryptbase.dll
2016-05-13 21:06 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:

\Windows\system32\wmp.dll
2016-05-13 21:06 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:

\Windows\system32\wmploc.DLL
2016-05-13 21:06 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:

\Windows\system32\msdxm.ocx
2016-05-13 21:06 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:

\Windows\system32\dxmasf.dll
2016-05-13 21:06 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:

\Windows\system32\seclogon.dll
2016-05-13 21:06 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:

\Windows\system32\spwmp.dll
2016-05-13 21:06 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wmploc.DLL
2016-05-13 21:06 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wmp.dll
2016-05-13 21:06 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\spwmp.dll
2016-05-13 21:06 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msdxm.ocx
2016-05-13 21:06 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\dxmasf.dll
2016-05-13 21:06 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:

\Windows\system32\mfds.dll
2016-05-13 21:06 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mfds.dll
2016-05-13 21:06 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:

\Windows\system32\oleaut32.dll
2016-05-13 21:06 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:

\Windows\system32\asycfilt.dll
2016-05-13 21:06 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\oleaut32.dll
2016-05-13 21:06 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\asycfilt.dll
2016-05-13 21:06 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\USBSTOR.SYS
2016-05-13 21:06 - 2016-01-22 08:19 - 14179840 _____ (Microsoft Corporation) C:

\Windows\system32\shell32.dll
2016-05-13 21:06 - 2016-01-22 08:15 - 01866752 _____ (Microsoft Corporation) C:

\Windows\system32\ExplorerFrame.dll
2016-05-13 21:06 - 2016-01-22 08:12 - 01940992 _____ (Microsoft Corporation) C:

\Windows\system32\authui.dll
2016-05-13 21:06 - 2016-01-22 08:05 - 12877824 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\shell32.dll
2016-05-13 21:06 - 2016-01-22 08:00 - 01498624 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ExplorerFrame.dll
2016-05-13 21:06 - 2016-01-22 07:59 - 01805824 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\authui.dll
2016-05-13 21:06 - 2016-01-22 07:19 - 03231232 _____ (Microsoft Corporation) C:

\Windows\explorer.exe
2016-05-13 21:06 - 2016-01-22 07:12 - 02973184 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\explorer.exe
2016-05-13 21:06 - 2016-01-07 19:42 - 00141312 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\mrxdav.sys
2016-05-13 21:06 - 2015-12-08 23:54 - 02285056 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msmpeg2vdec.dll
2016-05-13 21:06 - 2015-12-08 23:54 - 01620992 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WMVDECOD.DLL
2016-05-13 21:06 - 2015-12-08 23:54 - 01568768 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WMVENCOD.DLL
2016-05-13 21:06 - 2015-12-08 23:54 - 01325056 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WMSPDMOE.DLL
2016-05-13 21:06 - 2015-12-08 23:54 - 00902144 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WMADMOD.DLL
2016-05-13 21:06 - 2015-12-08 23:54 - 00815616 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WMADMOE.DLL
2016-05-13 21:06 - 2015-12-08 23:54 - 00740352 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wmpmde.dll
2016-05-13 21:06 - 2015-12-08 23:54 - 00739328 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WMSPDMOD.DLL
2016-05-13 21:06 - 2015-12-08 23:54 - 00665088 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WMVXENCD.DLL
2016-05-13 21:06 - 2015-12-08 23:54 - 00541184 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WMVSDECD.DLL
2016-05-13 21:06 - 2015-12-08 23:54 - 00358400 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WMVSENCD.DLL
2016-05-13 21:06 - 2015-12-08 23:54 - 00154112 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\VIDRESZR.DLL
2016-05-13 21:06 - 2015-12-08 23:53 - 03209728 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mf.dll
2016-05-13 21:06 - 2015-12-08 23:53 - 01329664 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\quartz.dll
2016-05-13 21:06 - 2015-12-08 23:53 - 00970240 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msmpeg2adec.dll
2016-05-13 21:06 - 2015-12-08 23:53 - 00829952 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-05-13 21:06 - 2015-12-08 23:53 - 00609280 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\MFWMAAEC.DLL
2016-05-13 21:06 - 2015-12-08 23:53 - 00519680 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\qdvd.dll
2016-05-13 21:06 - 2015-12-08 23:53 - 00509952 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\qedit.dll
2016-05-13 21:06 - 2015-12-08 23:53 - 00489984 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\evr.dll
2016-05-13 21:06 - 2015-12-08 23:53 - 00415744 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\MP4SDECD.DLL
2016-05-13 21:06 - 2015-12-08 23:53 - 00354816 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mfplat.dll
2016-05-13 21:06 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\MPG4DECD.DLL
2016-05-13 21:06 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\MP43DECD.DLL
2016-05-13 21:06 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-05-13 21:06 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\qasf.dll
2016-05-13 21:06 - 2015-12-08 23:53 - 00193536 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ksproxy.ax
2016-05-13 21:06 - 2015-12-08 23:53 - 00153600 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\COLORCNV.DLL
2016-05-13 21:06 - 2015-12-08 23:53 - 00103424 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mfps.dll
2016-05-13 21:06 - 2015-12-08 23:53 - 00079872 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\MP3DMOD.DLL
2016-05-13 21:06 - 2015-12-08 23:53 - 00067584 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\devenum.dll
2016-05-13 21:06 - 2015-12-08 23:53 - 00053248 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mfvdsp.dll
2016-05-13 21:06 - 2015-12-08 23:53 - 00050176 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\rrinstaller.exe
2016-05-13 21:06 - 2015-12-08 23:53 - 00023040 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mfpmp.exe
2016-05-13 21:06 - 2015-12-08 23:53 - 00004608 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ksuser.dll
2016-05-13 21:06 - 2015-12-08 23:50 - 00002048 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mferror.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 04121600 _____ (Microsoft Corporation) C:

\Windows\system32\mf.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 02777088 _____ (Microsoft Corporation) C:

\Windows\system32\msmpeg2vdec.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 01955328 _____ (Microsoft Corporation) C:

\Windows\system32\WMVENCOD.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 01888768 _____ (Microsoft Corporation) C:

\Windows\system32\WMVDECOD.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 01575424 _____ (Microsoft Corporation) C:

\Windows\system32\WMSPDMOE.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 01573888 _____ (Microsoft Corporation) C:

\Windows\system32\quartz.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 01307136 _____ (Microsoft Corporation) C:

\Windows\system32\msmpeg2adec.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 01232896 _____ (Microsoft Corporation) C:

\Windows\system32\WMADMOD.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 01160192 _____ (Microsoft Corporation) C:

\Windows\system32\MSMPEG2ENC.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 01153024 _____ (Microsoft Corporation) C:

\Windows\system32\WMADMOE.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 01026048 _____ (Microsoft Corporation) C:

\Windows\system32\wmpmde.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 01010688 _____ (Microsoft Corporation) C:

\Windows\system32\mcmde.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 00978944 _____ (Microsoft Corporation) C:

\Windows\system32\WMSPDMOD.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00666112 _____ (Microsoft Corporation) C:

\Windows\system32\WMVSDECD.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00653824 _____ (Microsoft Corporation) C:

\Windows\system32\MP4SDECD.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00642048 _____ (Microsoft Corporation) C:

\Windows\system32\WMVXENCD.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00632320 _____ (Microsoft Corporation) C:

\Windows\system32\evr.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 00624640 _____ (Microsoft Corporation) C:

\Windows\system32\qedit.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 00484864 _____ (Microsoft Corporation) C:

\Windows\system32\MFWMAAEC.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00447488 _____ (Microsoft Corporation) C:

\Windows\system32\WMVSENCD.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00432128 _____ (Microsoft Corporation) C:

\Windows\system32\mfplat.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 00378880 _____ (Microsoft Corporation) C:

\Windows\system32\SysFxUI.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 00371712 _____ (Microsoft Corporation) C:

\Windows\system32\qdvd.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 00292352 _____ (Microsoft Corporation) C:

\Windows\system32\VIDRESZR.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00254464 _____ (Microsoft Corporation) C:

\Windows\system32\qasf.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 00225792 _____ (Microsoft Corporation) C:

\Windows\system32\RESAMPLEDMO.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00224768 _____ (Microsoft Corporation) C:

\Windows\system32\MPG4DECD.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00223744 _____ (Microsoft Corporation) C:

\Windows\system32\MP43DECD.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00206848 _____ (Microsoft Corporation) C:

\Windows\system32\mfps.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 00189952 _____ (Microsoft Corporation) C:

\Windows\system32\COLORCNV.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00100864 _____ (Microsoft Corporation) C:

\Windows\system32\MP3DMOD.DLL
2016-05-13 21:06 - 2015-12-08 21:07 - 00076288 _____ (Microsoft Corporation) C:

\Windows\system32\devenum.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 00070144 _____ (Microsoft Corporation) C:

\Windows\system32\mfvdsp.dll
2016-05-13 21:06 - 2015-12-08 21:07 - 00055808 _____ (Microsoft Corporation) C:

\Windows\system32\rrinstaller.exe
2016-05-13 21:06 - 2015-12-08 21:07 - 00005120 _____ (Microsoft Corporation) C:

\Windows\system32\ksuser.dll
2016-05-13 21:06 - 2015-12-08 21:06 - 00250880 _____ (Microsoft Corporation) C:

\Windows\system32\ksproxy.ax
2016-05-13 21:06 - 2015-12-08 21:06 - 00024576 _____ (Microsoft Corporation) C:

\Windows\system32\mfpmp.exe
2016-05-13 21:06 - 2015-12-08 21:04 - 00002048 _____ (Microsoft Corporation) C:

\Windows\system32\mferror.dll
2016-05-13 21:06 - 2015-12-08 20:54 - 00116736 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\drmk.sys
2016-05-13 21:06 - 2015-12-08 20:12 - 00230400 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\portcls.sys
2016-05-13 21:06 - 2015-12-08 20:11 - 00005632 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\drmkaud.sys
2016-05-13 21:05 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:

\Windows\system32\jnwmon.dll
2016-05-13 21:05 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:

\Windows\system32\InkEd.dll
2016-05-13 21:05 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\InkEd.dll
2016-05-13 20:47 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WindowsCodecs.dll
2016-05-13 20:47 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:

\Windows\system32\WindowsCodecs.dll
2016-05-09 18:12 - 2016-05-23 15:16 - 00016046 _____ C:\Users\pom\Desktop

\paquerette.ods
2016-05-09 12:41 - 2016-05-09 12:40 - 00398152 _____ (AVAST Software) C:

\Windows\system32\aswBoot.exe
2016-05-09 12:40 - 2016-05-09 12:40 - 00052184 _____ (AVAST Software) C:

\Windows\avastSS.scr
2016-05-08 19:08 - 2016-05-08 23:34 - 00000000 ____D C:\Users\pom\Desktop\tests

de personnalité
2016-05-05 20:52 - 2016-05-06 23:56 - 00000000 ____D C:\Program Files

(x86)\Mozilla Firefox
2016-05-05 20:51 - 2016-05-05 20:51 - 01239383 _____ C:\Users\pom\Desktop

\Maison Lil SweetHome3D.sh3d
2016-05-05 20:23 - 2016-05-05 20:23 - 00000000 ____D C:\Users\pom\AppData

\Roaming\eTeks
2016-05-05 20:16 - 2016-05-05 20:16 - 00000000 ____D C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2016-05-05 20:15 - 2016-05-05 20:16 - 00000000 ____D C:\Program Files\Sweet

Home 3D
2016-05-05 20:04 - 2016-05-05 20:05 - 133996320 _____ (Trimble Navigation Limited)

C:\Users\pom\Downloads\SketchUpMake-fr-x64.exe
2016-05-01 11:54 - 2016-05-01 11:54 - 00218207 _____ C:\Users\pom\Desktop

\ardeche.pdf
2016-04-24 08:31 - 2016-05-09 12:57 - 00003908 _____ C:\Windows\System32\Tasks

\SafeZone scheduled Autoupdate 1454875948
2016-04-23 13:38 - 2016-04-23 13:38 - 00000000 ____D C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\AVAST Software
2016-04-21 21:49 - 2016-04-21 21:50 - 57666112 _____ (Oracle Corporation) C:

\Users\pom\Downloads\jre-8u91-windows-x64.exe
2016-04-21 12:52 - 2016-05-16 17:23 - 00000000 ____D C:\Users\lil\AppData

\Roaming\TS3Client
2016-04-21 12:51 - 2016-04-21 12:51 - 00001201 _____ C:\Users\lil\Desktop

\TeamSpeak 3 Client.lnk
2016-04-21 12:51 - 2016-04-21 12:51 - 00001159 _____ C:\Users\lil\AppData

\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-04-21 12:51 - 2016-04-21 12:51 - 00000000 ____D C:\Users\lil\AppData\Local

\TeamSpeak 3 Client
2016-04-21 12:50 - 2016-04-21 12:51 - 29265912 _____ (TeamSpeak Systems GmbH)

C:\Users\lil\Downloads\TeamSpeak3-Client-win32-3.0.19.exe
2016-04-20 19:32 - 2016-04-20 19:33 - 01285469 _____ C:\Users\lil\Downloads

\Launcher_EN (6).jar
2016-04-20 19:30 - 2016-04-20 19:31 - 01285469 _____ C:\Users\lil\Downloads

\Launcher_EN (5).jar
2016-04-20 15:08 - 2016-04-20 15:08 - 01285469 _____ C:\Users\lil\Downloads

\Launcher_EN (4).jar
2016-04-20 15:06 - 2016-04-20 15:07 - 01285469 _____ C:\Users\lil\Downloads

\Launcher_EN (3).jar
2016-04-20 15:05 - 2016-04-20 15:05 - 01285469 _____ C:\Users\lil\Downloads

\Launcher_EN (2).jar
2016-04-20 15:01 - 2016-05-17 13:57 - 01225080 _____ C:\Users\lil\Desktop

\Launcher_EN (1).jar
2016-04-20 14:59 - 2016-04-20 14:59 - 00675988 _____ C:\Users\lil\Downloads

\Minecraft (1).exe
2016-04-20 14:57 - 2016-04-20 14:57 - 00675988 _____ C:\Users\lil\Downloads

\Minecraft.exe
2016-04-20 14:43 - 2016-04-20 14:44 - 01285469 _____ C:\Users\lil\Downloads

\Launcher_EN.jar
2016-04-17 17:10 - 2016-04-17 17:10 - 07454720 _____ C:\Users\pom\Downloads

\LibreOffice_5.0.5_Win_x86_helppack_fr.msi
2016-04-17 17:09 - 2016-04-17 17:12 - 224387072 _____ C:\Users\pom\Downloads

\LibreOffice_5.0.5_Win_x86.msi
2016-04-10 20:21 - 2016-04-10 20:21 - 00001066 _____ C:\Users\pom\Desktop

\hardy.txt
2016-03-31 23:44 - 2016-03-31 23:44 - 00000223 _____ C:\Users\pom\Desktop

\Macaroni Beach ( Mustique Island ) SVG - YouTube.URL
2016-03-31 23:29 - 2016-03-31 23:29 - 02047299 _____ C:\Users\pom\Desktop

\Lintelligence-Émotionnelle-.swf
2016-03-31 23:07 - 2016-03-31 23:10 - 00002160 _____ C:\Users\pom\Desktop

\Domaine d'intérêt.vue - Raccourci.lnk
2016-03-30 23:57 - 2016-03-30 23:57 - 00000099 _____ C:\Users\pom\Desktop

\mustique.txt
2016-03-23 21:57 - 2016-03-23 22:02 - 00001230 _____ C:\Users\pom\Desktop

\Moon+ Reader - Raccourci.lnk
2016-03-23 11:28 - 2016-03-23 11:28 - 00000252 _____ C:\Users\pom\Desktop

\Traditional Economics Failed. Here's a New Blueprint. - Evonomics.URL
2016-03-21 23:51 - 2016-03-28 13:53 - 00005735 _____ C:\Users\pom\Desktop

\polanyi.txt
2016-03-21 16:43 - 2016-03-21 16:43 - 00000000 ____D C:\Users\pom\Desktop\P2p
2016-03-20 17:43 - 2016-03-26 21:23 - 00000000 ____D C:\Users\pom\Desktop\Les

limites de la création monétaire
2016-03-20 16:06 - 2016-03-20 16:06 - 00001346 _____ C:\Users\pom\Desktop

\ECONOMIE - Raccourci.lnk
2016-03-20 15:47 - 2016-03-20 15:47 - 00000251 _____ C:\Users\pom\Desktop\Next

System Project Comparative Framework - The Next System Project.URL
2016-03-20 11:19 - 2016-03-20 11:19 - 00000000 ____D C:\Users\lil\AppData

\Roaming\Sun
2016-03-20 11:19 - 2016-03-20 11:19 - 00000000 ____D C:\Users\lil\.oracle_jre_usage
2016-03-18 02:24 - 2016-05-05 20:16 - 00000000 ____D C:\Users\pom

\.oracle_jre_usage
2016-03-18 02:24 - 2016-03-18 02:24 - 00000000 ____D C:\Users\pom\AppData

\Roaming\Sun
2016-03-16 18:53 - 2016-03-16 21:47 - 00010020 _____ C:\Users\pom\Desktop\les

idées de la grande transformation expliquée par maucourant.txt
2016-03-16 16:10 - 2016-03-16 16:10 - 00001312 _____ C:\Users\pom\Desktop\La-

Grande-Transformation-table-matieres.txt
2016-03-11 10:51 - 2016-03-11 10:51 - 00000255 _____ C:\Users\pom\Desktop\Notes

on the Next Bust The Economy Simply Explained.URL
2016-03-09 12:10 - 2016-03-09 12:10 - 00000273 _____ C:\Users\pom\Desktop\Does

the United States have a productivity slowdown or a measurement problem.URL
2016-03-08 12:05 - 2016-03-08 12:05 - 00000313 _____ C:\Users\pom\Desktop

\Review of “Ultrasociety How 10,000 Years of War Made Humans the Greatest

Cooperators on Earth” The Evolution Institute.URL
2016-03-06 16:01 - 2016-03-06 16:01 - 00000264 _____ C:\Users\pom\Desktop\“Great

and mighty things which thou knowest not” [] – Perry G Mehrling.URL
2016-03-01 17:23 - 2016-03-31 23:07 - 00001309 _____ C:\Users\pom\Desktop

\0MonApprentissage - Raccourci.lnk
2016-03-01 17:23 - 2016-03-26 13:19 - 00001615 _____ C:\Users\pom\Desktop

\Objectifs vie apprentissage - contenu apprentissage - Raccourci.lnk
2016-02-29 13:39 - 2016-02-29 13:39 - 00001275 _____ C:\Users\pom\Desktop

\ARCHIVES - Raccourci.lnk

==================== Trois mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-05-29 10:19 - 2012-03-19 22:13 - 00003912 _____ C:\Windows\System32\Tasks

\User_Feed_Synchronization-{A623D0E0-3B18-49C3-A8F1-B864B4755857}
2016-05-29 10:16 - 2012-07-08 23:22 - 00004182 _____ C:\Windows\System32\Tasks

\avast! Emergency Update
2016-05-29 10:16 - 2011-06-29 20:04 - 00000000 ____D C:\Program Files\P4G
2016-05-29 10:16 - 2011-04-13 04:33 - 00001066 _____ C:\Windows\Tasks

\GoogleUpdateTaskMachineCore.job
2016-05-29 10:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-29 09:51 - 2011-02-19 06:29 - 00831454 _____ C:\Windows

\system32\perfh00C.dat
2016-05-29 09:51 - 2011-02-19 06:29 - 00179042 _____ C:\Windows

\system32\perfc00C.dat
2016-05-29 09:51 - 2009-07-14 07:13 - 01867632 _____ C:\Windows

\system32\PerfStringBackup.INI
2016-05-29 09:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-29 09:36 - 2011-04-13 04:33 - 00001070 _____ C:\Windows\Tasks

\GoogleUpdateTaskMachineUA.job
2016-05-29 09:33 - 2012-10-10 13:55 - 00001070 _____ C:\Windows\Tasks

\GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000UA.job
2016-05-29 09:31 - 2012-10-10 13:55 - 00001018 _____ C:\Windows\Tasks

\GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000Core.job
2016-05-29 09:26 - 2014-01-17 23:29 - 00001002 _____ C:\Windows\Tasks\Adobe

Flash Player Updater.job
2016-05-29 00:08 - 2011-09-10 20:45 - 00000000 ____D C:\Users\pom\AppData

\Roaming\VLC
2016-05-28 23:52 - 2015-12-15 20:01 - 00000000 ____D C:\Users\pom\captvty
2016-05-28 23:25 - 2009-07-14 06:45 - 00018736 ____H C:\Windows

\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-

8115-601632D005A0
2016-05-28 23:25 - 2009-07-14 06:45 - 00018736 ____H C:\Windows

\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-

8115-601632D005A0
2016-05-28 19:38 - 2011-10-23 14:26 - 00000000 ____D C:\Users\pom\Documents

\ADMINISTRATIF INTENDANCE
2016-05-27 20:47 - 2012-11-27 14:57 - 00000000 ____D C:\Users\pom\Documents\A

LIRE
2016-05-27 16:00 - 2012-08-24 16:47 - 00000000 ____D C:\Windows\pss
2016-05-27 15:36 - 2011-10-23 14:05 - 00000000 ____D C:\ProgramData\Apple
2016-05-27 15:25 - 2011-06-29 20:03 - 00001961 _____ C:\Windows

\system32\ServiceFilter.ini
2016-05-27 14:29 - 2012-10-30 23:47 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-27 14:10 - 2011-06-29 20:03 - 00002403 _____ C:\Windows

\system32\AutoRunFilter.ini
2016-05-27 03:04 - 2016-01-06 02:45 - 00000000 ___SD C:\Windows

\SysWOW64\GWX
2016-05-27 03:04 - 2016-01-06 02:45 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-26 17:43 - 2012-10-19 12:11 - 00000000 ___RD C:\Users\pom\Utilitaires &

MAINTENANCE
2016-05-26 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-26 16:26 - 2011-06-29 20:02 - 00000000 ____D C:\Windows

\SysWOW64\K_Series_ScreenSaver_EN dir
2016-05-26 12:17 - 2014-01-05 11:35 - 01966840 _____ C:\Windows\ntbtlog.txt
2016-05-25 16:26 - 2011-09-02 07:01 - 00000000 ____D C:\Users\pom
2016-05-25 16:01 - 2012-07-22 20:15 - 00000000 ____D C:\Users\pom\Documents

\GOOGLE EARTH
2016-05-25 15:53 - 2012-01-07 15:55 - 00000000 ___RD C:\Users\lil
2016-05-25 15:18 - 2013-09-20 09:59 - 00000000 ____D C:\Users\pom\AppData

\Local\ElevatedDiagnostics
2016-05-25 12:56 - 2014-01-17 14:12 - 00000000 ____D C:\Users\pom\Downloads

\INSTALLE
2016-05-25 12:53 - 2014-01-02 00:56 - 00000000 ____D C:\Users\lil\Documents

\Bibliothèque Lilouan
2016-05-25 02:27 - 2013-06-29 14:57 - 00000000 ____D C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\Box Sync
2016-05-24 21:13 - 2014-11-11 00:52 - 00000000 ____D C:\Windows\rescache
2016-05-24 15:58 - 2013-06-29 14:56 - 00000000 ____D C:\Program Files\Box Sync
2016-05-24 15:44 - 2012-04-07 15:04 - 00000000 ____D C:\Users\pom\Documents

\EURO EUROPE
2016-05-24 14:05 - 2013-06-29 14:59 - 00000000 ____D C:\Users\pom\Documents\My

Box Files
2016-05-23 22:02 - 2014-01-27 09:05 - 00000000 ____D C:\Users\pom\AppData

\Roaming\MusicBee
2016-05-23 21:30 - 2009-07-14 06:45 - 00349760 _____ C:\Windows

\system32\FNTCACHE.DAT
2016-05-23 21:23 - 2012-11-27 17:58 - 00000000 ____D C:\Users\pom\Documents

\DVPT PERSO
2016-05-23 21:18 - 2013-08-06 19:32 - 00078536 _____ C:\Users\pom\AppData\Local

\GDIPFONTCACHEV1.DAT
2016-05-23 19:53 - 2014-01-23 09:18 - 00000000 ____D C:\Users\pom\Documents

\Bibliothèque Fictions
2016-05-23 18:46 - 2013-09-06 13:29 - 00000000 ____D C:\Program Files

(x86)\Cobian Backup 11
2016-05-23 18:45 - 2012-10-15 16:32 - 00000000 ____D C:\Program Files

(x86)\Evernote
2016-05-23 18:34 - 2013-08-21 15:24 - 00000000 ____D C:\ProgramData\34BE82C4

-E596-4e99-A191-52C6199EBF69
2016-05-23 18:06 - 2013-06-23 18:43 - 00000000 ____D C:\Users\pom\KAG
2016-05-23 17:38 - 2013-01-14 17:58 - 00000000 ____D C:\Program Files

(x86)\QuickTime
2016-05-23 17:27 - 2013-07-21 14:02 - 00000000 ____D C:\Program Files

(x86)\SpeedFan
2016-05-23 17:26 - 2012-03-09 19:51 - 00000000 ____D C:\ProgramData\BigBrainz
2016-05-20 18:29 - 2013-11-02 10:54 - 00000000 ____D C:\Users\DefaultAppPool
2016-05-19 21:38 - 2014-09-04 13:48 - 00000000 ____D C:\Users\lil\Documents

\collège
2016-05-18 12:33 - 2014-11-29 18:32 - 00000000 ____D C:\Users\pom\Documents

\Mes numérisations
2016-05-17 14:29 - 2015-09-12 17:58 - 00001133 _____ C:\Users\lil\Desktop

\nativelog.txt
2016-05-17 14:29 - 2014-05-25 13:32 - 00000000 ____D C:\Users\lil\AppData

\Roaming\.minecraft
2016-05-15 03:01 - 2015-02-27 17:44 - 00000000 ____D C:\Windows

\system32\appraiser
2016-05-14 16:56 - 2012-11-10 13:04 - 00000000 ____D C:\Users\lil\AppData

\Roaming\vlc
2016-05-14 15:26 - 2014-01-17 23:29 - 00797376 _____ (Adobe Systems Incorporated)

C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-14 15:26 - 2014-01-17 23:29 - 00142528 _____ (Adobe Systems Incorporated)

C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-14 15:26 - 2014-01-17 23:29 - 00003940 _____ C:\Windows\System32\Tasks

\Adobe Flash Player Updater
2016-05-14 09:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-05-14 09:24 - 2014-05-23 11:57 - 00000000 ___SD C:\Windows

\system32\CompatTel
2016-05-14 09:22 - 2013-10-23 15:31 - 00000000 ____D C:\Program Files\Windows

Journal
2016-05-14 03:43 - 2011-09-02 19:24 - 01842700 _____ C:\Windows

\SysWOW64\PerfStringBackup.INI
2016-05-14 03:29 - 2013-08-05 18:08 - 00000000 ____D C:\Windows\system32\MRT
2016-05-14 03:05 - 2011-10-20 11:37 - 139319312 _____ (Microsoft Corporation) C:

\Windows\system32\MRT.exe
2016-05-13 10:09 - 2014-01-18 01:24 - 00002195 _____ C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-11 07:31 - 2011-04-13 04:33 - 00004066 _____ C:\Windows\System32\Tasks

\GoogleUpdateTaskMachineUA
2016-05-11 07:31 - 2011-04-13 04:33 - 00003814 _____ C:\Windows\System32\Tasks

\GoogleUpdateTaskMachineCore
2016-05-11 07:28 - 2012-10-10 13:55 - 00004036 _____ C:\Windows\System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000UA
2016-05-11 07:28 - 2012-10-10 13:55 - 00003640 _____ C:\Windows\System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000Core
2016-05-09 12:40 - 2016-02-05 22:03 - 00037144 _____ (AVAST Software) C:

\Windows\system32\Drivers\aswKbd.sys
2016-05-09 12:40 - 2014-05-02 14:50 - 00037656 _____ (AVAST Software) C:

\Windows\system32\Drivers\aswHwid.sys
2016-05-09 12:40 - 2014-01-16 12:25 - 01070904 _____ (AVAST Software) C:

\Windows\system32\Drivers\aswSnx.sys
2016-05-09 12:40 - 2014-01-16 12:25 - 00465792 _____ (AVAST Software) C:

\Windows\system32\Drivers\aswSP.sys
2016-05-09 12:40 - 2014-01-16 12:25 - 00287528 _____ (AVAST Software) C:

\Windows\system32\Drivers\aswVmm.sys
2016-05-09 12:40 - 2014-01-16 12:25 - 00166432 _____ (AVAST Software) C:

\Windows\system32\Drivers\aswStm.sys
2016-05-09 12:40 - 2014-01-16 12:25 - 00107792 _____ (AVAST Software) C:

\Windows\system32\Drivers\aswMonFlt.sys
2016-05-09 12:40 - 2014-01-16 12:25 - 00103064 _____ (AVAST Software) C:

\Windows\system32\Drivers\aswRdr2.sys
2016-05-09 12:40 - 2014-01-16 12:25 - 00074544 _____ (AVAST Software) C:

\Windows\system32\Drivers\aswRvrt.sys
2016-05-07 20:19 - 2012-11-27 18:39 - 00000000 ___RD C:\Users\pom\Documents

\Pensée critique
2016-05-06 23:56 - 2015-10-21 14:18 - 00000000 ____D C:\Program Files

(x86)\Mozilla Maintenance Service

==================== Fichiers à la racine de certains dossiers =======

2012-11-27 22:48 - 2012-11-27 22:48 - 0204496 _____ (Malwarebytes) C:\Program

Files (x86)\startuplite-setup-1.07.exe
2012-02-20 00:04 - 2012-02-20 00:04 - 0000006 _____ () C:\Program Files

(x86)\Common Files\WPVersion.txt
2013-07-03 21:10 - 2013-07-03 21:11 - 0001335 _____ () C:\Users\pom\AppData

\Roaming\Bubble Dock.boostrap.log
2013-07-03 21:10 - 2013-07-03 21:18 - 0015580 _____ () C:\Users\pom\AppData

\Roaming\Bubble Dock.installation.log
2013-11-15 16:38 - 2013-11-15 16:38 - 0001252 _____ () C:\Users\pom\AppData

\Roaming\Launch Internet Explorer Browser.lnk
2014-01-14 16:14 - 2014-01-14 16:14 - 0000005 _____ () C:\Users\pom\AppData

\Roaming\mbam.context.scan
2012-03-07 18:44 - 2012-03-14 10:29 - 0000041 _____ () C:\Users\pom\AppData

\Roaming\Offre.ini
2012-09-08 21:52 - 2012-09-09 20:43 - 0001053 _____ () C:\Users\pom\AppData

\Roaming\Requiem.log
2012-04-10 00:47 - 2014-11-03 19:30 - 0005632 _____ () C:\Users\pom\AppData

\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-22 22:31 - 2016-05-22 22:31 - 0000218 _____ () C:\Users\pom\AppData

\Local\recently-used.xbel
2012-02-27 23:03 - 2014-01-14 11:22 - 0007599 _____ () C:\Users\pom\AppData

\Local\resmon.resmoncfg
2015-02-22 19:10 - 2015-02-22 19:10 - 0000000 _____ () C:\Users\pom\AppData

\Local\{73B9DEB4-B0E7-4B36-A210-72AA04AE72A2}
2015-03-20 21:41 - 2015-03-20 21:41 - 0000000 _____ () C:\Users\pom\AppData

\Local\{8561641C-9DC7-4D18-A93A-8E0350C0BF7B}
2011-04-13 04:48 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData

\FullRemove.exe
2012-05-18 17:46 - 2012-03-19 17:46 - 0000032 ____R () C:\ProgramData\hash.dat
2011-09-02 20:42 - 2012-03-26 16:45 - 0001263 _____ () C:\ProgramData

\hpzinstall.log
2012-11-07 23:16 - 2012-11-07 23:16 - 0000192 _____ () C:\ProgramData

\Microsoft.SqlServer.Compact.351.64.bc
2011-06-29 20:07 - 2011-06-29 20:07 - 0000105 _____ () C:\ProgramData

\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-06-29 20:06 - 2011-06-29 20:06 - 0000107 _____ () C:\ProgramData

\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\hash.dat
C:\Users\pom\libeay32.dll
C:\Users\pom\libgcc_s_dw2-1.dll
C:\Users\pom\libssl32.dll
C:\Users\pom\libstdc++-6.dll
C:\Users\pom\mingwm10.dll
C:\Users\pom\QtCore4.dll
C:\Users\pom\QtGui4.dll
C:\Users\pom\QtNetwork4.dll
C:\Users\pom\QtSvg4.dll
C:\Users\pom\QtWebKit4.dll
C:\Users\pom\QtXml4.dll

Certains fichiers dans TEMP:
====================
C:\Users\lil\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\lil\AppData\Local\Temp\jshortcut-1691344604840352521.dll
C:\Users\lil\AppData\Local\Temp\jshortcut-3341333916126528912.dll
C:\Users\lil\AppData\Local\Temp\jshortcut-5210347850661295507.dll
C:\Users\lil\AppData\Local\Temp\jshortcut-8029099041024461006.dll

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la

vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

==================== BCD ================================

Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=C:
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
nx OptOut

Chargeur de d‚marrage Windows
-----------------------------
identificateur {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
device ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa

\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa

\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
systemroot \windows
nx OptIn
winpe Yes

Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes

ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}

ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de p‚riph‚rique
-----------------------
identificateur {8cb2d9b5-7c05-11de-842e-b4611d44fefa}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\boot.sdi

LastRegBack: 2016-05-24 17:41

==================== Fin de FRST.txt ============================

stephan · May 29, 2016

Addition.txt

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:29-05

-2016
Exécuté par pom (2016-05-29 10:23:07)
Exécuté depuis C:\Users\pom\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-02 05:01:02)
Mode d'amorçage: Normal
==========================================================

==================== Comptes: =============================

Administrateur (S-1-5-21-1363170374-948335828-1288231404-500 - Administrator -

Disabled)
Invité (S-1-5-21-1363170374-948335828-1288231404-501 - Limited - Enabled)
lil (S-1-5-21-1363170374-948335828-1288231404-1001 - Limited - Enabled) => C:

\Users\lil
pom (S-1-5-21-1363170374-948335828-1288231404-1000 - Administrator - Enabled)

=> C:\Users\pom
pom1 (S-1-5-21-1363170374-948335828-1288231404-1081 - Administrator - Enabled)

=> C:\Users\pom1

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-

94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-

DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-

AFE241D3E736}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont

susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les

programmes publicitaires devront être désinstallés manuellement.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems

Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version:

21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version:

21.0.0.242 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-

AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Assistance Livebox (HKLM-x32\...\Assistance Livebox) (Version: 1.2.0.1 - Orange)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E})

(Version: 1.0.13 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158})

(Version: 3.0.20 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-

51E30DB1A9AA}) (Version: 1.1.40 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00

-9406-43599238DE0D}) (Version: - )
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-

4A52B30041A1}) (Version: 1.0.20 - asus)
ATI AVIVO64 Codecs (Version: 11.6.0.51005 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{363836F9-D52D-8976-EC20-

8C6965A4D045}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
ATI Catalyst Install Manager (HKLM\...\{583EE643-CF83-A1F2-A90F-

ADB75F7B532D}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE})

(Version: 1.0.0007 - ASUS)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: -

Audacity Team)
Avast Antivirus Gratuit (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Box Sync (64 bit) (HKLM\...\{6C45E7AD-4A4F-4AEB-9788-C5A483EFCA2F})

(Version: 3.2.65.0 - Box.net, Inc)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Calcul Mental version 1.0.9 (HKLM-x32\...\{62974C8F-0013-4262-AF5E-

7F46C992672E}_is1) (Version: 1.0.9 - RyXéo SARL)
calibre 64bit (HKLM\...\{103BE372-2B02-43DB-AEE9-B94E59BBE60F}) (Version:

2.21.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Compare Advance 1.4.0.0 (HKLM-x32\...\Compare Advance_is1) (Version: - BauerApps)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21})

(Version: 1.0.8 - ASUS)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Dictionnaire le Littré 2.0 (HKLM-x32\...\{2575CF76-C88A-4B97-AC0F-

62FFA453FD08}_is1) (Version: - Murielle Descerisiers)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Enjoy 5e (HKLM-x32\...\Enjoy 5e) (Version: 1.0.00 - Editions Didier)
Enjoy6 (HKLM-x32\...\{B6EC7F1E-973B-44C3-88D7-9262A36DF03F}}_is1)

(Version: - -)
ETDWare PS/2-x64 7.0.5.16_WHQL (HKLM\...\Elantech) (Version: 7.0.5.16 - ELAN

Microelectronics Corp.)
e-verbe version 1.7 (HKLM\...\e-verbe_is1) (Version: - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.6 -

ASUS)
FeedDemon (HKLM-x32\...\FeedDemon_is1) (Version: 4.5.0.0 - NewsGator

Technologies, Inc.)
Folder Colorizer version 1.0.2 (HKLM\...\{A133E9CD-2879-4F30-87D4-

1604AFD5C5CC}_is1) (Version: 1.0.2 - Softorino)
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version: - )
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version:

0.9.0 - )
FreeOCR v4.2 (HKLM-x32\...\freeocr_is1) (Version: - )
Freeplane (HKLM\...\{D3941722-C4DD-4509-88C4-0E87F675A859}_is1) (Version:

1.2.20 - Open source)
Fresh Memory 1.1.1 (HKLM-x32\...\Fresh Memory) (Version: - )
Fubuki version 1.0 (HKLM-x32\...\{F4866E24-2529-4516-8E45-474F72B4BCB7}_is1)

(Version: 1.0 - AbulEdu.org)
GCompris Uninstall (HKLM-x32\...\GCompris) (Version: - )
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.9.0 - International GeoGebra

Institute)
GEONExT 1.74 (HKLM-x32\...\GEONExT_is1) (Version: 1.74 - GEONExT Group)
GnuPG For Windows (HKLM-x32\...\GPG4Win) (Version: 1.1.4 - The Gpg4win Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1})

(Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4})

(Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-

B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard)

Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version:

13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version:

13.0 - HP)
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-

2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF})

(Version: 11.14.0001 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools)

(Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version:

5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-

000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
Instrumenpoche (HKLM-x32\...\net.instrumenpoche.iep) (Version: v2.6 - UNKNOWN)
Instrumenpoche (x32 Version: 2.6 - UNKNOWN) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-

857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562

-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-

6BD661174E32}) (Version: 1.0.115.11 - Intel)
Interlex 2.5 (HKLM-x32\...\Interlex_is1) (Version: 2.5 - Andrew Quilley)
iPrint (HKLM-x32\...\iPrint_is1) (Version: 6.1 - Inzone Software Limited)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version:

10.6.3.25 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0})

(Version: 8.0.910.14 - Oracle Corporation)
Klavaro-1.9.4 (HKLM-x32\...\Klavaro_is1) (Version: - )
L&H TTS3000 Français (HKLM-x32\...\LHTTSFRF) (Version: - )
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
Le Terrier d'AbulEdu - Calculs 8.4.1 (HKLM-x32\...\{A2A947FC-5B7F-11DE-C687-

000E2EB85B1E}_is1) (Version: - RyXéo SARL)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO

A/S)
LibreOffice 4.0 Help Pack (French) (HKLM-x32\...\{8A8FFD7E-F670-4B7A-B553-

C64A9EDA3CDB}) (Version: 4.0.4.2 - The Document Foundation)
LibreOffice 4.0.4.2 (HKLM-x32\...\{FE88323B-9F0E-4596-8F56-37757C6918E9})

(Version: 4.0.4.2 - The Document Foundation)
Ma-Config.com (64 bits) (HKLM\...\{5DA27AE6-4460-4380-BABC-BB79E1D109D8})

(Version: 7.1.2.0 - Cybelsoft)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mathematica Extras 8.0 (2609412) (HKLM\...\A-WIN-Extras 8.0.4 2609412_is1)

(Version: 8.0.4 - Wolfram Research, Inc.)
Maths à Gogo (HKLM-x32\...\Maths à Gogo) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-

CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64})

(Version: 1.0.0100 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})

(Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-

8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...

\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 -

Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...

\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft

Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...

\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 -

Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-

B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...

\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft

Corporation)
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version:

1.0.0.0 - Mojang)
Miro (HKLM-x32\...\Miro) (Version: 5.0.2 - Participatory Culture Foundation)
Mnemosyne 2.2a (HKLM-x32\...\Mnemosyne_is1) (Version: - )
Mozilla Firefox 46.0.1 (x86 fr) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 fr)) (Version:

46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version:

46.0.1.5966 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-

8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multiplication (HKLM-x32\...\{09D2C433-2866-4F06-BAC5-14DD0DF9791A}_is1)

(Version: 1.00.0024 - IAMANYS)
MusicBee 2.2 (HKLM-x32\...\MusicBee) (Version: 2.2 - Steven Mayall)
NB Probe (HKLM-x32\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version:

- )
Nombre Cible version 1.0 (HKLM-x32\...\{9AF1C48C-90D5-48EA-AF9B-

9CEE541519C8}_is1) (Version: 1.0 - AbulEdu.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.5 - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OOo4Kids 1.2 (HKLM-x32\...\{E8E5A668-C0D3-4B0A-AB0C-8E785106EA97})

(Version: 1.2.122 - OOo4Kids)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Open-Sankoré (HKLM-x32\...\{E63D17F8-D9DA-479D-B9B5-0D101A03703B}_is1)

(Version: - Open-Sankore)
Orange Installeur version 1.2.5.0 (HKLM-x32\...\{D13FE823-C575-4451-AC37-

E645A67AA581}_1.2.5.0) (Version: - Orange)
Orange update (HKLM-x32\...\OrangeUpdateManager) (Version: 2.0.7.0 - Orange)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D})

(Version: 1.7.0 - pdfforge)
Pdfedit (HKLM-x32\...\{6C11089A-E23F-4E9B-B12C-316BF1A4376B}) (Version:

4.5.0.0 - PdfEdit team)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-

457C-A0F7-73B9A2EF6902}) (Version: 10.0 - PlotSoft LLC)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version:

2.5.205.0 - Tracker Software Products Ltd)
PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version: - Tracker Software)
PhoXo (HKLM-x32\...\PhoXo) (Version: 7.1.0.0 - PhoXo)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pokémon Trading Card Game Online (HKLM-x32\...\{73550466-AE32-47D0-9868-

C6066BDC0A3D}) (Version: 1.0.0 - The Pokémon Company International)
PS_AIO_03_C4400_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard)

Hidden
Python 2.7 PyGTK 2.24.0 (HKLM-x32\...\{EF55A180-F177-4BF8-A711-

FE297D480245}) (Version: 2.24.0 - hxxp://www.pygtk.org/)
Python 2.7.2 (HKLM-x32\...\{2E295B5B-1AD4-4d36-97C2-A316084722CF}) (Version:

2.7.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-

958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
RetroShare (HKLM-x32\...\RetroShare) (Version: - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten

Group)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skitch (HKLM-x32\...\Skitch 2.3.2.176) (Version: 2.3.2.176 - Evernote Corp.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Sokoban pour Windows (HKLM-x32\...\Sokoban pour Windows) (Version: Version RC de

avril 2006 - Marc TERRIER)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-

7702C731D722}) (Version: 1.10.0500 - SRS Labs, Inc.)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Stellarium 0.11.3 (HKLM-x32\...\Stellarium_is1) (Version: - )
Sweet Home 3D version 5.2 (HKLM\...\Sweet Home 3D_is1) (Version: 5.2 - eTeks)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.22.0 - 2BrightSparks)
Tcl/Tk AbulEdu 8.4 (HKLM-x32\...\Tcl/Tk AbulEdu_is1) (Version: - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Tetris (HKLM-x32\...\{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1) (Version:

1.64 - Crystal Office Systems)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-1363170374-948335828-1288231404

-1000\...\TimeAdjuster) (Version: - IrekSoftware.com)
ToKé'MaThS (HKLM-x32\...\ToKé'MaThS) (Version: - )
ToKé'MoTs (HKLM-x32\...\ToKé'MoTs) (Version: - )
ToK'eNgLiSh (HKLM-x32\...\ToK'eNgLiSh) (Version: - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Tux of Math Command (remove only) (HKLM-x32\...\TuxMath) (Version: - )
Unity Web Player (HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...

\UnityWebPlayer) (Version: - Unity Technologies ApS)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version:

5.8.55133.207 - Sonix)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
VUE 3.3.0 (HKLM-x32\...\VUE) (Version: 3.3.0 - Tufts University)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-

867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version:

2.30.3 - ASUS)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2})

(Version: 3.0.19 - ASUS)

==================== Personnalisé CLSID (Avec liste blanche):

==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:

\Users\pom\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users

\pom\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Pas de fichier

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {12FF6D56-2A7C-492B-9E46-5E455F8B2564} - System32\Tasks\AVAST

Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus

\backup.exe [2016-03-04] (AVAST Software)
Task: {19D4A719-177E-43F1-BCA1-3EB6778F1789} - System32\Tasks\{F370624B-

568C-47A4-8895-50F292526020} => Firefox.exe
Task: {1EC99C14-D2FB-46AE-AC59-22C076C3ECE8} - System32\Tasks

\{B7B50FC0-A2EE-4B6A-A442-972F71DD0694} => C:\Program Files (x86)\Skype

\Phone\Skype.exe
Task: {28AD10E8-4CF3-45C2-89A2-3677FBF88A24} - System32\Tasks\Net4Switch

=> C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
Task: {2D5E4E4D-CF63-447E-8D36-08A5EF41A2B9} - System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000UA =>

C:\Users\pom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google

Inc.)
Task: {4D37CCD1-552F-42FD-9890-A44BC47B69D8} - System32\Tasks\{3D6B6310

-9A27-47DD-907F-E866992A6B54} => pcalua.exe -a C:\Users\pom\Downloads\defi-

ortho-enfants_install.exe -d C:\Users\pom\Downloads
Task: {533E1219-4056-4687-8B1E-ACE1C5031D88} - System32\Tasks\SRS Premium

Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel

\srspremiumpanel_64.exe [2010-11-20] (SRS Labs, Inc.)
Task: {60F398C6-F009-4FEB-B4EF-955537F134F2} - System32\Tasks

\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update

\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {6D82BE5B-FA19-40A2-902E-281ABDED3ABD} - System32\Tasks

\{7306E76B-BBB5-46DA-87DF-EB52A3FDFE60} => pcalua.exe -a C:\Users\pom

\Desktop\AdobeAIRInstaller.exe -d C:\Users\pom\Desktop
Task: {6E9A7883-9886-4149-B5AE-9F8F3356ABB8} - System32\Tasks\{45C5F2C5-

BCB7-402A-9C82-1033C9041A08} => pcalua.exe -a C:\Users\pom\Downloads

\spchapi.EXE -d C:\Users\pom\Downloads
Task: {6F564842-A6C3-4E02-A06E-34070B6FDBF7} - System32\Tasks\ACMON =>

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {73A76E5F-A2CE-492E-8075-D1F13550238D} - System32\Tasks

\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {769318F1-C1B1-40F5-8892-930100F5BB10} - System32\Tasks\ATKOSD2 =>

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17]

(ASUS)
Task: {7DBD0769-3C63-4415-A777-2C7D77AE0F11} - System32\Tasks

\{5B0DAFEF-199B-4000-B862-A81759BCDC5D} => Firefox.exe
Task: {7E8ED9D1-737F-4539-B62F-4A5AAAE3D7AA} - System32\Tasks

\{95C4528E-4FEE-476B-BF77-0AA21A15A2DE} => Firefox.exe
Task: {80649BF9-1116-4E09-8A8B-9ECEBC9EFEDB} - System32\Tasks\ASUS P4G

=> C:\Program Files\P4G\BatteryLife.exe [2010-08-12] (ASUS)
Task: {84A77F86-B445-48DE-B57F-B89B693CD5C2} - System32\Tasks

\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update

\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8A7D4F59-B04D-4DE1-B908-140116966E15} - System32\Tasks\{4CC0AD81

-3CFE-44EC-A318-ACE52C04711E} => Firefox.exe
Task: {9B22C600-6635-4BB2-AE74-7530F1B20AE5} - System32\Tasks\{6B70EA02-

18A9-420A-B375-553B07B424BE} => Firefox.exe

hxxp://ui.skype.com/ui/0/5.8.0.154.261/fr/go/help.faq.installer?

source=lightinstaller&LastError=1618
Task: {B06A1D91-5D64-4004-A7F6-7BAC9C3BA400} - System32\Tasks\essai => C:

\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe [2011-12-08] (The

Audacity Team)
Task: {B363ECB0-62BC-4B96-9FF7-1B6BD65E056C} - System32\Tasks\SafeZone

scheduled Autoupdate 1454875948 => C:\Program Files\AVAST Software\SZBrowser

\launcher.exe [2016-04-15] (Avast Software)
Task: {B8260DDA-BFF6-4BC7-978E-055C6FFF6B70} - System32\Tasks\Adobe Flash

Player Updater => C:\Windows\SysWOW64\Macromed\Flash

\FlashPlayerUpdateService.exe [2016-05-14] (Adobe Systems Incorporated)
Task: {C3788A3E-147E-4A4F-83F9-F29CCCD79C9B} - System32\Tasks\avast!

Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

[2016-05-09] (AVAST Software)
Task: {C624FD83-8AB4-4B53-AAED-C0C92B86579E} - \Desk 365 RunAsStdUser ->

Pas de fichier <==== ATTENTION
Task: {CFBE72BE-CB90-4D7E-BC04-BD83D0529E9E} - System32\Tasks

\{60B5477A-FF45-41EF-AC99-DA8BBE73B84C} => pcalua.exe -a "C:\Program Files

(x86)\Mozilla Firefox\firefox.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {DC3C3D28-2D5B-4F37-BB20-6EFB62A5638E} - System32\Tasks

\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform

Ltd)
Task: {DFDC6240-527E-4492-93E5-9CE97569348E} - System32\Tasks\{B1A09B03-

3D4A-46C0-84F0-D8D55ECACE3D} => Firefox.exe
Task: {FE51DBB0-5153-4214-9837-CFDCEBE911FD} - System32\Tasks\{74CAE2B9

-C421-4DE1-ACD2-84DF054FF5AA} => Firefox.exe

hxxp://ui.skype.com/ui/0/6.11.0.102/fr/abandoninstall?page=tsProgressBar
Task: {FE58D060-1AA7-45B4-83C9-B8168CCD0951} - System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000Core =>

C:\Users\pom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google

Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le

fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows

\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files

(x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files

(x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-

1288231404-1000Core.job => C:\Users\pom\AppData\Local\Google\Update

\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-

1288231404-1000UA.job => C:\Users\pom\AppData\Local\Google\Update

\GoogleUpdate.exe

==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés

ou restaurés.)

==================== Modules chargés (Avec liste blanche) ==============

2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G

\DevMng.dll
2010-09-23 17:53 - 2010-09-23 17:53 - 01601536 _____ () C:\Program Files

(x86)\ASUS\Wireless Console 3\wcourier.exe
2016-05-09 12:40 - 2016-05-09 12:40 - 00123344 _____ () C:\Program Files\AVAST

Software\Avast\log.dll
2016-05-09 12:40 - 2016-05-09 12:40 - 00135816 _____ () C:\Program Files\AVAST

Software\Avast\JsonRpcServer.dll
2016-05-29 09:27 - 2016-05-29 09:27 - 02982040 _____ () C:\Program Files\AVAST

Software\Avast\defs\16052900\algo.dll
2016-05-09 12:40 - 2016-05-09 12:40 - 00479680 _____ () C:\Program Files\AVAST

Software\Avast\ffl2.dll
2016-05-09 12:40 - 2016-05-09 12:40 - 00309912 _____ () C:\Program Files\AVAST

Software\Avast\browser_pass.dll
2016-02-05 22:02 - 2016-02-05 22:02 - 40539648 _____ () C:\Program Files\AVAST

Software\Avast\libcef.dll
2013-06-11 23:28 - 2013-06-11 23:28 - 01005744 _____ () C:\Program Files

(x86)\LibreOffice 4.0\program\libxml2.dll
2013-06-11 23:28 - 2013-06-11 23:28 - 00102064 _____ () C:\Program Files

(x86)\LibreOffice 4.0\program\librdf.dll
2013-06-11 23:28 - 2013-06-11 23:28 - 00289968 _____ () C:\Program Files

(x86)\LibreOffice 4.0\program\raptor.dll
2013-06-11 23:28 - 2013-06-11 23:28 - 00158384 _____ () C:\Program Files

(x86)\LibreOffice 4.0\program\rasqal.dll
2013-06-11 23:28 - 2013-06-11 23:28 - 00175280 _____ () C:\Program Files

(x86)\LibreOffice 4.0\program\libxslt.dll
2013-06-11 23:28 - 2013-06-11 23:28 - 00077488 _____ () C:\Program Files

(x86)\LibreOffice 4.0\program\python3.dll
2013-06-11 06:09 - 2013-06-11 06:09 - 00049152 _____ () C:\Program Files

(x86)\LibreOffice 4.0\program\python-core-3.3.0\lib\_socket.pyd

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS

- Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\ProgramData\Temp:3E7393FC [120]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [133]

==================== Mode sans échec (Avec liste blanche)

===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le

"AlternateShell" sera restauré.)

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la

valeur par défaut ou supprimé.)

==================== Internet Explorer sites de confiance/sensibles

===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

==================== Hosts contenu: ==========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de

réinitialiser le fichier hosts.)

2009-07-14 04:34 - 2014-01-17 00:04 - 04168956 ____N C:\Windows

\system32\Drivers\etc\hosts

127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 212link.com # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.adorika.net # hosts anti-adware / pups
127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
127.0.0.1 ads.pornerbros.com # hosts anti-adware / pups
127.0.0.1 ads.realken.com # hosts anti-adware / pups
127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups
127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups
127.0.0.1 ads.tersecta.com # hosts anti-adware / pups
127.0.0.1 a.dungtank.com # hosts anti-adware / pups

Il y a 70902 plus de lignes.

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Control Panel\Desktop\

\Wallpaper -> C:\Users\pom\AppData\Roaming\Microsoft\Windows\Themes

\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =>

(ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Actuellement, il n'y a pas de correction automatique pour cette section.)

MSCONFIG\Services: #UpdateService => 2
MSCONFIG\Services: AFBAgent => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: cbVSCService11 => 3
MSCONFIG\Services: HOSTS Anti-PUPs => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: ocster_backup => 2
MSCONFIG\Services: PDF Architect Helper Service => 2
MSCONFIG\Services: PDF Architect Service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start

Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss

\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start

Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart

daemon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start

Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital

Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start

Menu^Programs^Startup^iPrint.lnk => C:\Windows\pss\iPrint.lnk.CommonStartup
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun

\AmIcoSinglun64.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software

Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin

\hpqSRMon.exe
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies

\ATI.ACE\Core-Static\CLIStart.exe" MSRun

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{50D76052-134E-46DB-AF8E-63827F883C0F}] => (Allow) C:

\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}] => (Allow)

LPort=2869
FirewallRules: [{B827E1C7-5A7A-484C-9653-2FE388A8B888}] => (Allow)

LPort=1900
FirewallRules: [{25BDD843-A815-48A8-A216-66D065687049}] => (Allow) C:

\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}] => (Allow) C:

\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}] => (Allow)

LPort=5353
FirewallRules: [{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}] => (Allow)

LPort=8182
FirewallRules: [{188F5D90-A615-47D3-B75C-60EF520FA4F4}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{C84F0668-387F-42E1-A403-F0165C88FE67}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{2CE10764-942F-4EE8-9109-DD56293058E6}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{99A0D41F-670B-4E03-942B-87DE476F6CE1}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{0EF215AF-1069-431C-9397-A43C7F2D80E9}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{C3626C7D-6C0E-4D93-98BC-DCEE46A47FDA}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{0F7D2EE8-1F3D-40A1-8C52-3CE2305B9DA8}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{CDF9206C-EB32-41FB-9ED4-D4D3823D5434}] => (Allow) C:

\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{1AB49DF1-EE62-4885-AC92-CCBA3A2484F7}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{16FE488B-87A8-4C5D-95D0-C07236BCB055}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{881D5E4C-C3EF-4838-81B8-460D10E4C5B4}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{C2032BC2-4F14-4674-830E-FF188F8B3EC4}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B6D6FCE0-C89F-4876-A457-59FEE2086769}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{9BA9F757-4B5D-4967-A016-168F977E90F7}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{3DD938D1-C1C8-4736-871C-5E5EA044D8E6}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{0FC9FE57-10CC-47B8-88BD-6D56A74A3C7E}] => (Allow) C:

\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{557BC608-78D9-4474-8A41-D39C5678E4B7}] => (Allow) C:

\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{E2B2FC1C-874F-4AF9-B7F8-8BF997686175}C:

\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files

(x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{0CCEC0AD-BDF9-4B50-8FA5-DAA05888E3E5}C:

\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files

(x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{D852EB04-3B86-4512-9BCF-1359AA2317F2}] => (Allow) C:

\Program Files (x86)\Common Files\Apple\Apple Application Support

\WebKit2WebProcess.exe
FirewallRules: [{3D8DEB4B-F926-49F5-AD9E-3BB32ADBA2D2}] => (Allow) C:

\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{99D0D7C9-B50B-4FC9-9599-059A4E5CCCF1}] => (Allow) C:

\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EF24816D-955E-4280-8E56-BE84265E3843}] => (Allow) C:

\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{538B7E63-8E5D-4A94-8D94-6EBD4A67E02F}] => (Allow) C:

\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{42360C14-1DF0-4178-A071-71B5A49026B0}C:

\program files (x86)\participatory culture foundation\miro\miro_downloader.exe] =>

(Allow) C:\program files (x86)\participatory culture foundation\miro

\miro_downloader.exe
FirewallRules: [UDP Query User{1CC5BCBF-5EA4-4045-8490-B258E47B539A}C:

\program files (x86)\participatory culture foundation\miro\miro_downloader.exe] =>

(Allow) C:\program files (x86)\participatory culture foundation\miro

\miro_downloader.exe
FirewallRules: [TCP Query User{212CB18B-BE97-47EB-9695-29E7B7D56C68}C:

\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files

(x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{F5218F46-29F9-4BDA-96A4-D8921D50CB98}C:

\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files

(x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{55F7139F-133F-41D7-B82E-E5FF32F6E3C1}C:

\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc

\vlc.exe
FirewallRules: [UDP Query User{10E8190F-3B1E-4F04-A7CA-C183E0473C55}C:

\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc

\vlc.exe
FirewallRules: [{6674152E-0C4C-4100-95C6-DFE1B059F5F4}] => (Block) C:

\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{BE613C53-3AF0-40B7-ADD2-D8E5B5C8BB85}] => (Block) C:

\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{54538AE3-870F-406A-BB12-F6B374AEA857}] => (Allow) C:

\program files (x86)\participatory culture foundation\miro\miro_downloader.exe
FirewallRules: [{53FA8477-4647-4D48-B3A0-E57320A2624F}] => (Allow) C:

\program files (x86)\participatory culture foundation\miro\miro_downloader.exe
FirewallRules: [TCP Query User{72B28088-0F2B-4F99-854F-E1EED15D9CFF}C:

\program files\urbanterror\iourbanterror.exe] => (Block) C:\program files\urbanterror

\iourbanterror.exe
FirewallRules: [UDP Query User{7A432BFA-F0EA-48FD-A621-FBD12E10720E}C:

\program files\urbanterror\iourbanterror.exe] => (Block) C:\program files\urbanterror

\iourbanterror.exe
FirewallRules: [{43DCD8E9-0968-4947-8F13-9918573CA06A}] => (Allow) C:

\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\WolframCDFPlayer.exe
FirewallRules: [{FD25DFF1-5700-4884-8264-0D629540CBAB}] => (Allow) C:

\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\WolframCDFPlayer.exe
FirewallRules: [{E4724E16-4243-49E0-AE04-4531FF0EC099}] => (Allow) C:

\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\math.exe
FirewallRules: [{F6420343-FBE5-4A54-A7EB-92423A4218FC}] => (Allow) C:

\Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\math.exe
FirewallRules: [TCP Query User{962CC268-4EFC-443B-907D-BA9C9874EDF5}C:

\program files (x86)\retroshare\retroshare.exe] => (Allow) C:\program files

(x86)\retroshare\retroshare.exe
FirewallRules: [UDP Query User{BCA31924-A9EA-4427-AD33-E4FC6CCFF93E}C:

\program files (x86)\retroshare\retroshare.exe] => (Allow) C:\program files

(x86)\retroshare\retroshare.exe
FirewallRules: [TCP Query User{0F631139-C4A4-4E07-A88D-9F323C4B4CEC}C:

\program files (x86)\retroshare\retroshare.exe] => (Allow) C:\program files

(x86)\retroshare\retroshare.exe
FirewallRules: [UDP Query User{E83A3538-BAEF-4449-A612-7A07D4AD60CE}C:

\program files (x86)\retroshare\retroshare.exe] => (Allow) C:\program files

(x86)\retroshare\retroshare.exe
FirewallRules: [TCP Query User{C4619ED4-6582-4A7A-98BF-CB525C61F6EC}C:

\program files (x86)\asebastudio\asebachallenge.exe] => (Allow) C:\program files

(x86)\asebastudio\asebachallenge.exe
FirewallRules: [UDP Query User{7FF36E7F-9FD0-46DF-AB57-5371CB146AE1}C:

\program files (x86)\asebastudio\asebachallenge.exe] => (Allow) C:\program files

(x86)\asebastudio\asebachallenge.exe
FirewallRules: [{E1CFF55E-A2C6-4ABD-9F4B-7B699E431551}] => (Allow) C:

\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
FirewallRules: [{A0876E9A-E75A-4884-AE26-69086BB9A4CF}] => (Allow) C:

\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
FirewallRules: [TCP Query User{F8E874EF-8A0F-41E7-AF6A-34C6CC7C5A06}C:

\program files\winpcap\rpcapd.exe] => (Block) C:\program files\winpcap\rpcapd.exe
FirewallRules: [UDP Query User{D2F9B5F4-F3D3-4872-8496-89FE4DCDE773}C:

\program files\winpcap\rpcapd.exe] => (Block) C:\program files\winpcap\rpcapd.exe
FirewallRules: [{E8D49345-FF23-49D0-88DB-ABBC041FF573}] => (Allow) C:

\Users\pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{37D7E76B-D44F-4668-8735-865D85C73F14}] => (Allow) C:\Users

\pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{3FEA70D7-39A3-4297-90EE-FC9970D1E863}C:

\program files (x86)\mnemosyne\mnemosyne-webserver.exe] => (Allow) C:\program files

(x86)\mnemosyne\mnemosyne-webserver.exe
FirewallRules: [UDP Query User{677CDCB7-364E-43CF-9B31-E1625AA96A2F}C:

\program files (x86)\mnemosyne\mnemosyne-webserver.exe] => (Allow) C:\program files

(x86)\mnemosyne\mnemosyne-webserver.exe
FirewallRules: [{46219781-7234-47D8-9BE9-25A7FBE14D86}] => (Allow) C:

\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1E2B61E2-4EAF-4AF8-8525-A5326D117634}] => (Allow) C:

\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7B53CFA8-4D3F-4CE9-BCFD-448D846BC970}C:

\users\pom\kag\kag.exe] => (Allow) C:\users\pom\kag\kag.exe
FirewallRules: [UDP Query User{59C49D4B-26E6-47DF-B55B-E11D6F783E77}C:

\users\pom\kag\kag.exe] => (Allow) C:\users\pom\kag\kag.exe
FirewallRules: [{2EF19C9E-B94C-4857-A763-FB135B4E212D}] => (Allow)

LPort=48113
FirewallRules: [{DABC2EBC-FF36-4829-9A07-8C52C399A801}] => (Allow)

LPort=48114
FirewallRules: [{9C6ED9A2-A62C-4615-AFF3-E08DCDFE7084}] => (Allow) C:

\Program Files\ma-config.com\MaConfigAgent.exe
FirewallRules: [{D11338B9-9A7A-41D7-B3C8-7917A6A0974A}] => (Allow) C:

\Program Files\ma-config.com\MaConfigAgent.exe
FirewallRules: [{21C8781A-6379-4988-A5C7-E4FCC2A8A545}] => (Allow) C:

\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{8D9C1964-1E28-403B-A2A9-1DB54243021E}C:

\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin

\javaw.exe
FirewallRules: [UDP Query User{C2B04AF1-8E71-43D9-B121-6EBD675E9A0F}C:

\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin

\javaw.exe
FirewallRules: [{05700B26-8560-4D3B-951B-859B43CDD0B6}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{B3AA4D1D-ACBE-413E-B889-DF1F88F89645}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{F0AE8FDE-0AEF-4C66-9502-0D6C8952AFBA}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{EEC634E1-69C8-47F4-BAD4-DF23B531C1F2}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%

\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation

\SMSvcHost.exe
FirewallRules: [{CBD2BCF0-38E0-49FD-A2B2-D0F4F3C331D8}] => (Allow)

%ProgramFiles% (x86)\Deluge\deluge.exe
FirewallRules: [TCP Query User{FB201529-294A-4DC7-BA24-805F7DF8C757}C:

\program files (x86)\deluge\deluged-debug.exe] => (Allow) C:\program files (x86)\deluge

\deluged-debug.exe
FirewallRules: [UDP Query User{2DBA24C0-D814-4913-BFC4-C22A50627B81}C:

\program files (x86)\deluge\deluged-debug.exe] => (Allow) C:\program files (x86)\deluge

\deluged-debug.exe
FirewallRules: [TCP Query User{1E9CFBFD-1327-441B-B6CB-514C617B4C5D}C:

\program files (x86)\deluge\deluge-web-debug.exe] => (Allow) C:\program files

(x86)\deluge\deluge-web-debug.exe
FirewallRules: [UDP Query User{C192753B-5EE9-4DE4-BA42-37EE45BAA911}C:

\program files (x86)\deluge\deluge-web-debug.exe] => (Allow) C:\program files

(x86)\deluge\deluge-web-debug.exe
FirewallRules: [TCP Query User{A96CAD79-5929-461F-BD79-64689904399C}C:

\program files\calibre2\calibre.exe] => (Allow) C:\program files\calibre2\calibre.exe
FirewallRules: [UDP Query User{96B93A7C-D990-4556-BD98-9995FDCFC110}C:

\program files\calibre2\calibre.exe] => (Allow) C:\program files\calibre2\calibre.exe
FirewallRules: [{E51B963C-07FC-47FD-AA5D-83967B25B164}] => (Allow)

LPort=54982
FirewallRules: [{BDA56FA0-648F-471F-AD40-2BD16268A0A1}] => (Allow)

LPort=8080
FirewallRules: [{7478F5D2-ED9D-480D-96C7-9F21E542A263}] => (Allow)

%ProgramFiles%\Calibre2\calibre.exe
FirewallRules: [{1E5B2C7B-D67B-4356-AD49-DF148FA951EC}] => (Allow)

%ProgramFiles%\Calibre2\calibre-server.exe
FirewallRules: [{CD609019-E49F-46F1-96F4-2CFE996EF7FC}] => (Allow)

%ProgramFiles%\Calibre2\calibre.exe
FirewallRules: [{B27CDA40-3520-4B1E-B47A-9A75ABD2FC40}] => (Allow)

%ProgramFiles%\Calibre2\calibre-server.exe
FirewallRules: [{0781B04A-F678-4B7B-BB46-2B77F0EDC8BB}] => (Allow) C:

\program files (x86)\asebastudio\asebachallenge.exe
FirewallRules: [{61D1D7FF-AB4B-4B12-BA44-E38C750BD601}] => (Allow) C:

\program files (x86)\asebastudio\asebachallenge.exe
FirewallRules: [{E5895E6D-E878-4364-8186-52A8D56FEF97}] => (Allow) C:

\program files (x86)\deluge\deluged-debug.exe
FirewallRules: [{5C437C7E-30DC-4A8D-A49D-F2CA4562EDE2}] => (Allow) C:

\program files (x86)\deluge\deluged-debug.exe
FirewallRules: [{5316B327-F230-4936-9E75-B5E9216719BC}] => (Allow) C:

\program files (x86)\deluge\deluge-web-debug.exe
FirewallRules: [{4171631A-8FDF-4D5C-884C-E93E4BEBB408}] => (Allow) C:

\program files (x86)\deluge\deluge-web-debug.exe
FirewallRules: [{1F365AC0-EBC0-488E-8C39-4A3A78588185}] => (Allow) C:\Users

\pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{1DFD8306-C940-4020-9E60-B179A66DBD97}] => (Allow) C:\Users

\pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{9EAE847D-A6EB-4039-AA36-8315A0E3A637}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{DEC85FC4-CE10-4C99-A918-03249DE5402D}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1CFB3886-8621-4ECC-A649-30D91642B6F7}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{61DF78E3-8F24-4786-B752-B0ED70AEC44F}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{CA041A0A-8E8A-429F-982B-BD1386418750}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{8712E7DE-51C4-48E7-A8F6-CE4D408E0A9D}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{CD5BC8AF-B27E-4FB2-92B9-FBFE6477AF0C}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{5400ACBC-1B8C-467C-857C-FA0E66472D64}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{7692B5A6-24EE-4D02-BFEA-39122402A848}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{FE86492D-2359-4D80-A88C-E2BF553CDD21}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{42AD5127-8840-43C2-A44C-D40B460ACF66}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{9AB5DBD0-F237-4D65-B21C-5588683276B6}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{C67B4DAE-658C-465A-84FE-B5E19CEB8941}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{D3A6E382-0345-458A-90B5-1DE392AEDF9A}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8AB6152B-3AEB-4B8C-A862-98E8626DFDCD}] => (Allow) C:

\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{2E96F3A1-C93C-44B8-9028-11D174CA2156}] => (Allow) C:

\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{697D1DF6-3033-4085-A3B7-EB3C1670C6BF}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{B7E07F3D-178F-482D-9C78-6A26EAEE8E47}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{B2B162C9-D31D-4427-837C-AD744FE88A3B}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{B46E2158-C532-4B3A-A32F-A470F1C0FE8F}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{50F70302-DF1D-4406-8225-11C806FC82F9}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{1351C510-6842-4BD6-A261-BFD8BE53FD8D}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B108594E-8803-4E5A-A9BF-2E944A5AD575}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{4BCCEFA3-33A5-425F-85A8-9234632D3899}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{477ACCC1-5C5A-4EA4-8C33-3A417FC53348}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{6F3D6EE0-63B4-4DEA-B5E4-933675616451}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{6EE7527F-BF2C-42B2-ABCB-AD152247EDAE}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{31862449-2885-47DD-8744-B1106774BC5F}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{E7E86EEB-D603-41DB-B2D2-9FEBC342883A}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{0CE1C67D-719D-42FC-82C6-3E9DDABFE02A}] => (Allow) C:

\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{3831F32D-188D-4ED3-8301-443B5B3D1586}] => (Allow) C:

\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{22E02307-6042-4C20-B0B1-0803A902B621}] => (Allow) C:

\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{648A5D1B-A3D6-4ED4-8244-CDB284728055}] => (Block) C:

\program files\urbanterror\iourbanterror.exe
FirewallRules: [{53A60EC3-8F30-4949-8941-C146D58441D0}] => (Block) C:

\program files\urbanterror\iourbanterror.exe
FirewallRules: [{0735AD14-6697-4A09-BEDE-EC490415B278}] => (Allow)

LPort=5353
FirewallRules: [{FEEC9F8D-8028-4DD8-8D7C-F113675AD318}] => (Allow)

LPort=8182
FirewallRules: [{6F5F3F81-930E-4DE8-814F-BCA93BE61670}] => (Allow) C:

\program files\java\jre7\bin\javaw.exe
FirewallRules: [{3F49C93D-0299-4C98-BBBD-E260A61C5C6C}] => (Allow) C:

\program files\java\jre7\bin\javaw.exe
FirewallRules: [{9A426F8F-89CC-41DD-9576-A495F90ED8FA}] => (Allow) C:\users

\pom\kag\kag.exe
FirewallRules: [{A6A59621-CF3D-474C-8039-53D7AB885F63}] => (Allow) C:\users

\pom\kag\kag.exe
FirewallRules: [{21850DC3-C527-4635-874C-A155D8E97506}] => (Allow)

LPort=48113
FirewallRules: [{73F61C5B-311F-420B-ABE0-20B0A9203C4C}] => (Allow)

LPort=48114
FirewallRules: [{A1A6F118-033C-48E8-B2A9-A26219DC86EA}] => (Allow) C:

\program files (x86)\participatory culture foundation\miro\miro_downloader.exe
FirewallRules: [{255EC65A-809A-4C14-8B94-927451FDAF12}] => (Allow) C:

\program files (x86)\participatory culture foundation\miro\miro_downloader.exe
FirewallRules: [{CA04000B-D314-48A4-9443-507ADE870B05}] => (Allow) C:

\program files (x86)\mnemosyne\mnemosyne-webserver.exe
FirewallRules: [{232760DC-4BF9-4C42-ACE1-3928763420D3}] => (Allow) C:

\program files (x86)\mnemosyne\mnemosyne-webserver.exe
FirewallRules: [{7972FF11-002A-4BAA-9D7D-E1329954045F}] => (Allow) C:

\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
FirewallRules: [{57F9B947-E31F-41A3-AECC-CFF858F12E7A}] => (Allow) C:

\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
FirewallRules: [{6EA969DB-151C-4B5A-8F12-54C36D17BD92}] => (Allow) C:

\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [{D74B4813-A44E-4311-8C9B-5206E83B7DE8}] => (Allow) C:

\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [{79B1677B-2387-4407-B298-244C839E5DFD}] => (Block) C:

\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{D86D8947-CF55-4073-9A70-4FE2040456B0}] => (Block) C:

\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{53A1DC86-4423-4BDC-B2B6-E07A283A8B82}] => (Block) C:

\program files\winpcap\rpcapd.exe
FirewallRules: [{861C1BAD-4170-447A-BEDE-222D1D24A521}] => (Block) C:

\program files\winpcap\rpcapd.exe
FirewallRules: [{05EAD675-3D16-46C6-ADEE-CF7736E347E0}] => (Allow) C:

\program files (x86)\retroshare\retroshare.exe
FirewallRules: [{475EE96B-CF55-4C4A-B1B5-484E8DAD76DC}] => (Allow) C:

\program files (x86)\retroshare\retroshare.exe
FirewallRules: [{E5FC3CCD-5E80-47F8-9E5C-8C3FE06E5AF4}] => (Allow) C:

\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{25326382-B078-44B3-99D6-32AF6B64D7B8}] => (Allow) C:

\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{DD41BA1C-F4C0-4D3F-A1F2-47325291FAAF}] => (Allow) C:

\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{88A0E187-A561-4A43-BAAA-90774A5D34FB}] => (Allow) C:

\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC1A20F9-4140-47E5-8ED8-3FD3C4377C01}] => (Allow) C:

\program files\calibre2\calibre.exe
FirewallRules: [{8855FC3A-DE1B-4AD7-9092-3706726D058D}] => (Block) C:

\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{CC200D3D-7DF2-4630-AD9D-CACE02E515EE}] => (Block) C:

\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{043113BB-F18D-4E10-A86B-7F9E18EC606C}] => (Allow) C:

\Program Files (x86)\Common Files\Apple\Apple Application Support

\WebKit2WebProcess.exe
FirewallRules: [{79494C24-BEF5-4B2C-9A00-51C6ACF5C3AB}] => (Allow) C:

\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{04D2DBF4-9CBF-4BE9-8FB6-60B2BB2FACCB}] => (Allow)

LPort=1900
FirewallRules: [{379560EA-B5E7-4DCE-9706-6C41845FE2BF}] => (Allow)

LPort=2869
FirewallRules: [{C1EDAB7B-D8A1-4C3A-924A-80EA416019C0}] => (Allow) C:

\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{2864F066-486E-4DD3-A5D9-81BFE7C334E8}] => (Allow) C:

\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{E8FEC331-11C1-4558-A5E8-EFEE82AE4901}] => (Allow) C:

\program files (x86)\asebastudio\asebachallenge.exe
FirewallRules: [{B6D6FB8E-FA00-493F-9712-B3841748F08D}] => (Allow) C:

\program files (x86)\asebastudio\asebachallenge.exe
FirewallRules: [{D9A4694B-1CDF-4CDE-A40B-EAE82EBE77AB}] => (Allow) C:

\program files (x86)\deluge\deluged-debug.exe
FirewallRules: [{925D4CD9-1783-4A96-A5D3-A1D68FC7A169}] => (Allow) C:

\program files (x86)\deluge\deluged-debug.exe
FirewallRules: [{5BE43F81-BA73-411D-A6C6-8F253162F44B}] => (Allow) C:

\program files (x86)\deluge\deluge-web-debug.exe
FirewallRules: [{8E0853B1-C1C0-481C-BEC7-02D8838D5E22}] => (Allow) C:

\program files (x86)\deluge\deluge-web-debug.exe
FirewallRules: [{C3AD196B-AD25-4E7A-A7B8-3801F00305B2}] => (Allow) C:

\Users\pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{78EFD4DE-534D-4D47-99FC-2DD522AD769C}] => (Allow) C:

\Users\pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{D6021C09-BF44-4CB4-95C9-A31B9526FBD6}] => (Block) C:

\program files\urbanterror\iourbanterror.exe
FirewallRules: [{56FD09A4-C3A3-437F-BA14-EFC20643B266}] => (Block) C:

\program files\urbanterror\iourbanterror.exe
FirewallRules: [{28F6DE31-44CB-46BF-9814-A0C416937BE4}] => (Allow)

LPort=5353
FirewallRules: [{9F0670E0-C201-41A0-B938-0A5C52674DFB}] => (Allow)

LPort=8182
FirewallRules: [{C3A3057E-E46D-49ED-A136-8658409A561D}] => (Allow) C:

\program files\java\jre7\bin\javaw.exe
FirewallRules: [{6DD4F97E-8802-49E3-AA24-BBC682B66FA2}] => (Allow) C:

\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F91D0710-3D15-42FB-A5F6-11B6F18B6EDD}] => (Allow) C:\users

\pom\kag\kag.exe
FirewallRules: [{1300708D-1356-4863-BBCC-8BA9E5DE56B7}] => (Allow) C:\users

\pom\kag\kag.exe
FirewallRules: [{44104ECB-580B-4392-894B-19DCAFC734AD}] => (Allow)

LPort=48113
FirewallRules: [{91CF2A0A-D41B-4BC4-885A-0C2BB47913BC}] => (Allow)

LPort=48114
FirewallRules: [{87560971-6138-45B6-8AA7-6DE5A56EAD76}] => (Allow) C:

\program files (x86)\participatory culture foundation\miro\miro_downloader.exe
FirewallRules: [{A9C8EB0F-F2EE-4836-B1DD-5839DDE2721E}] => (Allow) C:

\program files (x86)\participatory culture foundation\miro\miro_downloader.exe
FirewallRules: [{423FAC1F-3D92-4026-B2B0-D57BDE5712E7}] => (Allow) C:

\program files (x86)\mnemosyne\mnemosyne-webserver.exe
FirewallRules: [{6943EB71-04C3-4627-9040-C112D55BC68C}] => (Allow) C:

\program files (x86)\mnemosyne\mnemosyne-webserver.exe
FirewallRules: [{146E020F-3B04-4268-8E59-FF4591F7EAA3}] => (Allow) C:

\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
FirewallRules: [{29CD363D-5600-4A02-9E94-C657997F0F6D}] => (Allow) C:

\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
FirewallRules: [{1E0337AB-AC9F-4512-B414-1893D59060AC}] => (Block) C:

\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{17DB035A-3C93-4F45-ABEC-E039F4859248}] => (Block) C:

\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{2E787C8F-ED1E-41A4-82C8-FE29B073FD96}] => (Block) C:

\program files\winpcap\rpcapd.exe
FirewallRules: [{F9B5D926-BD10-477F-8385-AAC57D9DA41B}] => (Block) C:

\program files\winpcap\rpcapd.exe
FirewallRules: [{2B790A4A-1689-4F2B-BF78-53ED610101B5}] => (Allow) C:

\program files (x86)\retroshare\retroshare.exe
FirewallRules: [{4E0C51C6-64C0-4110-8414-08BB767329B3}] => (Allow) C:

\program files (x86)\retroshare\retroshare.exe
FirewallRules: [{BCFF81D7-B652-44E6-9858-7FD8D8E1C3D8}] => (Allow) C:

\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EF715C55-D8BA-4AAA-8050-6EDAD548664D}] => (Allow) C:

\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{00659B8B-5EBE-4D89-AF87-261AC1F9B7F4}] => (Allow) C:

\program files\calibre2\calibre.exe
FirewallRules: [{1EB7BBB8-F091-4B2F-B9C4-99E8BDD7E381}] => (Block) C:

\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{0AF73DB1-7D0D-4471-B344-B0977FD0A30D}] => (Block) C:

\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{E1D6982E-6E45-4143-8642-1C97AC862B99}] => (Allow) C:

\Program Files\ma-config.com\MaConfigAgent.exe
FirewallRules: [{FC1942C4-1393-4E73-B4CA-E5AD1032A0F3}] => (Allow) C:

\Program Files\ma-config.com\MaConfigAgent.exe
FirewallRules: [{FE3DD8BB-DC28-48F1-8FC2-5546BCD86EBA}] => (Allow) C:

\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5EDF65EC-D83B-448C-90DB-F82B9B530FB9}] => (Allow) C:

\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AFB6CBFE-2B41-4AF4-9DAF-1FEE587D396F}] => (Allow) C:

\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AFD6199F-280A-48C2-AF2C-F60BD190F8DE}] => (Allow) C:

\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{B2AD2A5C-5DDE-4386-98D4-A7B0E81FB508}C:

\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java

\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A0E76551-8432-4146-AF7E-2D47A8B8F98A}C:

\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java

\jre7\bin\javaw.exe
FirewallRules: [{7727DB54-594F-4886-875C-9A7AAB436AE0}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{944959BB-1889-4620-A38A-613AC87350A2}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{1379C0CE-7A5D-4234-96E5-B37357A08F02}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{46FFCCF1-869D-4CE1-9B23-264E959BEEA9}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{247852C9-1ABB-4E0E-99F9-9D440F794C2D}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{8A4325D1-3916-43A2-94A7-7272CD04DAD5}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{67AE59A3-51A5-42B5-90CC-68AA99B612B9}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{F17D6C7E-F0C7-417B-9DC2-989615C6747F}] => (Allow) C:

\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9910B06A-7E36-4F07-B2AF-040803EF4E06}] => (Allow) C:

\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4166761-A563-493A-83FD-93970EC8F28D}] => (Allow) C:

\Program Files\Andy\Andy.exe
FirewallRules: [{BF10BCD0-F7DE-4585-ACE1-767CC56B901F}] => (Allow) C:

\Program Files\Andy\Andy.exe
FirewallRules: [{0548A974-8E34-4B58-8731-4802378FBB0D}] => (Allow) C:

\Program Files\Andy\HandyAndy.exe
FirewallRules: [{6D82048D-AE7D-4942-8E88-8BE0D6E81F07}] => (Allow) C:

\Program Files\Andy\HandyAndy.exe
FirewallRules: [{35F8F8BB-4629-4B40-A264-A20AB6E3D941}] => (Allow) C:

\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BB19D4A3-62A7-422F-B926-F30CDA9612B2}] => (Allow) C:

\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{EF91A272-913F-455C-8758-6C6D456B2000}] => (Allow) C:

\Program Files\Andy\Setup.exe
FirewallRules: [{544918C1-5D07-4E45-8A9A-ACDA9892B606}] => (Allow) C:

\Program Files\Andy\Setup.exe
FirewallRules: [{C080C4DC-5F27-4F6A-8142-8FE4CD249393}] => (Allow) C:

\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F6D5D4F7-B1CD-4928-921E-37FB9D510F12}] => (Allow) C:

\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B3626FB2-DD9D-4BEE-B899-378B9C9424F6}C:

\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:

\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{33D3FF87-F0C0-4723-8717-E47D249D8484}C:

\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:

\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{1257290A-9F98-452B-8F2D-F944DD5EB1F8}C:

\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:

\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{82F8B1F1-E1F6-4706-A2D5-87190A895F24}C:

\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:

\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{99B2B64C-00BB-4400-AE12-4D6937055A98}C:

\program files (x86)\java\jre1.8.0_74\bin\javaw.exe] => (Block) C:\program files

(x86)\java\jre1.8.0_74\bin\javaw.exe
FirewallRules: [UDP Query User{195E9D87-6FE5-4F58-BA90-51C0337322FB}C:

\program files (x86)\java\jre1.8.0_74\bin\javaw.exe] => (Block) C:\program files

(x86)\java\jre1.8.0_74\bin\javaw.exe
FirewallRules: [{0160A57F-EEEB-42DA-AC17-FD12EBE497AE}] => (Allow) C:

\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3D5DEA20-D31E-42AB-A307-6B4141B7D50A}] => (Allow) C:

\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{6356E43C-5C49-41CA-A25D-8C67D46D5ACC}] => (Allow) C:

\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D297ABB1-00FD-4631-8481-FBA8067ED0A7}] => (Allow) C:

\Program Files (x86)\Sokoban pour Windows\sokoban.exe
FirewallRules: [{B7A3C54E-B5E4-40E7-9019-BB062D209F69}] => (Allow) C:

\Program Files (x86)\Sokoban pour Windows\sokoban.exe
FirewallRules: [{3C0C04E7-89E9-4F75-AF7A-D6EBEDB1CDEA}] => (Allow) C:

\Program Files\Andy\Andy.exe
FirewallRules: [{923A7659-5C0D-4558-8541-9FE0135E4D38}] => (Allow) C:

\Program Files\Andy\Setup.exe
FirewallRules: [{EA559D47-F320-4B8F-94BF-1A0717B30AE1}] => (Allow) C:

\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0DD0AF59-1597-48CE-9758-1364D7F303B4}] => (Allow)

LPort=1900
FirewallRules: [{C4231114-DE59-4D64-8ADA-51F99DE0FAB4}] => (Allow)

LPort=2869
FirewallRules: [{BFFB9AB1-2CA8-4330-B187-E5A65F395117}] => (Allow) C:

\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{D36980D3-85F5-4137-B87B-04AD3C43D898}] => (Allow) C:

\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

==================== Points de restauration =========================

27-05-2016 14:51:39 Removed 7-Zip 9.20 (x64 edition)
27-05-2016 15:30:47 Removed Bonjour
27-05-2016 15:33:08 Removed Apple Application Support (32 bits)
27-05-2016 15:35:10 Removed Apple Application Support (64 bits)
27-05-2016 15:36:46 Removed Apple Software Update
27-05-2016 15:37:55 Removed Apple Mobile Device Support
28-05-2016 03:00:33 Windows Update
29-05-2016 03:00:17 Windows Update

==================== Éléments en erreur du Gestionnaire de périphériques

=============

==================== Erreurs du Journal des événements:

=========================

Erreurs Application:
==================
Error: (05/27/2016 03:29:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.19135,

horodatage : 0x56a1bbe2
Nom du module défaillant : msi.dll, version : 5.0.7601.18896, horodatage : 0x557f4749
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00000000001f1132
ID du processus défaillant : 0x%9
Heure de début de l’application défaillante : 0xExplorer.EXE0
Chemin d’accès de l’application défaillante : Explorer.EXE1
Chemin d’accès du module défaillant: Explorer.EXE2
ID de rapport : Explorer.EXE3

Error: (05/27/2016 03:29:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Explorer.EXE
Framework Version: v4.0.30319
Description: The

process was terminated due to an unhandled exception.
Exception Info: exception code

c0000005, exception address 000007FEF9CB1132

Error: (05/27/2016 03:13:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.19135,

horodatage : 0x56a1bbe2
Nom du module défaillant : msi.dll, version : 5.0.7601.18896, horodatage : 0x557f4749
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00000000001f1132
ID du processus défaillant : 0x%9
Heure de début de l’application défaillante : 0xExplorer.EXE0
Chemin d’accès de l’application défaillante : Explorer.EXE1
Chemin d’accès du module défaillant: Explorer.EXE2
ID de rapport : Explorer.EXE3

Error: (05/27/2016 03:13:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Explorer.EXE
Framework Version: v4.0.30319
Description: The

process was terminated due to an unhandled exception.
Exception Info: exception code

c0000005, exception address 000007FEF9D51132

Error: (05/27/2016 03:53:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3120

Error: (05/27/2016 03:53:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3120

Error: (05/27/2016 03:53:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/27/2016 03:53:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2060

Error: (05/27/2016 03:53:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2060

Error: (05/27/2016 03:53:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Erreurs système:
=============
Error: (05/29/2016 10:21:55 AM) (Source: iaStor) (EventID: 9) (User: )
Description: Le périphérique \Device\Ide\iaStor0 n'a pas répondu dans le délai imparti.

Error: (05/29/2016 10:13:47 AM) (Source: Service Control Manager) (EventID: 7026)

(User: )
Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger :
UimBus
Uim_IM
Uim_VIM

Error: (05/29/2016 10:13:37 AM) (Source: Service Control Manager) (EventID: 7011)

(User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de

la réponse transactionnelle du service Dnscache.

Error: (05/29/2016 10:13:03 AM) (Source: Service Control Manager) (EventID: 7000)

(User: )
Description: Le service FontCache n’a pas pu démarrer en raison de l’erreur :
%%1083

Error: (05/29/2016 10:11:13 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/29/2016 09:21:50 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (05/29/2016 09:21:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient)

(EventID: 20) (User: AUTORITE NT)
Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec

l’erreur 0x8007371b : Mise à jour de sécurité pour Windows 7 pour ordinateurs à

processeur x64 (KB2862330).

Error: (05/29/2016 03:02:13 AM) (Source: Service Control Manager) (EventID: 7011)

(User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de

la réponse transactionnelle du service Dnscache.

Error: (05/29/2016 03:01:43 AM) (Source: Service Control Manager) (EventID: 7011)

(User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de

la réponse transactionnelle du service Dnscache.

Error: (05/29/2016 03:01:13 AM) (Source: Service Control Manager) (EventID: 7011)

(User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de

la réponse transactionnelle du service LanmanWorkstation.

==================== Infos Mémoire ===========================

Processeur: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
Pourcentage de mémoire utilisée: 39%
Mémoire physique - RAM - totale: 5996.54 MB
Mémoire physique - RAM - disponible: 3618.3 MB
Mémoire virtuelle totale: 11991.28 MB
Mémoire virtuelle disponible: 9752 MB

==================== Lecteurs ================================

Drive c: (OS) (Fixed) (Total:254.37 GB) (Free:18.67 GB) NTFS ==>[lecteur avec

composants d'amorçage (obtenu depuis BCD)]
Drive d: (DATA) (Fixed) (Total:316.8 GB) (Free:5.71 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: EF24B474)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=254.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=316.8 GB) - (Type=OF Extended)

==================== Fin de Addition.txt ============================

stephan · May 29, 2016

SALog.txt :

Result of Security Analysis by Rocket Grannie (x86) Updated: 28th May 2016
Running from:C:\Users\pom\Desktop (10:49:16 - 05/29/2016)
***---------------------------------------------------------***
Microsoft Windows 7 Édition Familiale Premium X64 Service Pack 1
UAC is Enabled!
Internet Explorer 9.0.8112.16421 *Internet Explorer is out of Date*
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
***-----------------Anti-Virus - Firewall-------------------***
avast! Antivirus (Enabled - Up to Date)
Windows Firewall is Enabled!
Searching for any other Firewall
*No other Firewall Installed*
***----------------AntiSpyware - Miscellaneous---------------***
Adobe Flash Player Plugin (version 21.0.0.242)
Java is not installed
Adobe Flash Player ActiveX (version 21.0.0.242)
CCleaner -- An older version than (5.18) is installed.
Google Chrome (version 50)
Microsoft Silverlight (version 5)
Mozilla Firefox (version 46)
CCleaner (version 3.24) is *out of Date*

***----------------Analysis Complete-------------------------***

checkup.txt :

Results of screen317's Security Check version 1.014 --- 12/23/15
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 91
Java version 32-bit out of Date!
Adobe Flash Player 21.0.0.242
Mozilla Firefox (46.0.1)
Google Chrome (50.0.2661.102)
Google Chrome (50.0.2661.94)
Google Chrome (SetupMetrics.pma..)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: =
````````````````````End of Log``````````````````````

BrianDrab · May 30, 2016

Thanks for posting. Please read the following info and if agreeable continue with next steps.

- General Instructions -

Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
Any fixes provided by myself are for this log file only and should not be used on any other systems.
Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
You have 4 days to reply to each post or the topic will be closed.
Please feel free to ask any questions, especially if you are having problems with my instructions.

- Save ALL Tools to your Desktop-
All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.

Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.

Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser.

Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.

Internet Explorer - Click the Tools menu in the upper right-corner of the browser.

Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

- Finally Before We Start-

Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

Step#1- FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop.
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

Step#2 - Fresh Set of Logs
1. Right click on FRST64.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please attach the log to your next reply. Don't copy and paste the content as was done previously. For some reason it didn't format well.
6. Because you selected the Addition.txt check box this log will be created as well. Please attach this log as well.

Items for your next post
1. Fixlog.txt
2. Addition.txt

stephan · May 31, 2016

Hello Brian,

Thanks for your quick reply.
I attached to this post Fixlog.txt FRST.txt and Addition.txt.

Regards

Stephan

Résultats de correction de Farbar Recovery Scan Tool (x64) Version:29-05-2016
Exécuté par pom (2016-05-31 12:19:20) Run:1
Exécuté depuis C:\Users\pom\Desktop
Profils chargés: pom & lil (Profils disponibles: pom & lil & pom1 & DefaultAppPool)
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
CreateRestorePoint:
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run:[VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe /repair
RemoveProxy:
EmptyTemp:
*****************

Le Point de restauration a été créé avec succès.
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run:[VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe /repair => valeur non trouvé(e).

========= RemoveProxy: =========

HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => valeur supprimé(es) avec succès
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valeur supprimé(es) avec succès
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valeur supprimé(es) avec succès
HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valeur supprimé(es) avec succès
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => valeur supprimé(es) avec succès
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valeur supprimé(es) avec succès
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valeur supprimé(es) avec succès
HKU\S-1-5-21-1363170374-948335828-1288231404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valeur supprimé(es) avec succès
HKU\S-1-5-21-1363170374-948335828-1288231404-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valeur supprimé(es) avec succès
HKU\S-1-5-21-1363170374-948335828-1288231404-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valeur supprimé(es) avec succès

========= Fin de RemoveProxy: =========

EmptyTemp: => 2.5 GB données temporaires supprimées.

Le système a dû redémarrer.

==== Fin de Fixlog 12:28:31 ====

BrianDrab · May 31, 2016

It was much easier to read, thank you.

Step#1- Warnings
Registry cleaners
I see you are using a “Registry Cleaner”, Free Window Registry Repair. It's not a good idea to use registry cleaners/boosters.
The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid and erroneous entries does not affect system performance but it can result in "unpredictable results". Unless you have a particular problem that requires a registry edit to correct it, (and you are expert in the registry), I would suggest you leave the registry alone. I also see that you use CCleaner which is a good tool but caution the use of the registry cleaning part for the same reasons.

Further Information
miekiemoes' Blog: Registry Cleaners and System Tweaking Tools
Answers to common security questions - Best Practices - Anti-Virus, Anti-Malware, and Privacy Software

Low Disk Space
Two of your drives (C & D) are low on space. They have between 1 and 7 percent free disk space. This can adversely affect the performance of your computer. It's recommended to have at least 15% free disk space so that tools such as the automated defragger can keep your drive optimized.

Step#2- FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop.
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

stephan · Jun 1, 2016

Hi Brian,

I uninstalled Free Window Registry Repair and I have made room on drives C et D, almost 15%.

This the last Fixlog.txt file :

Résultats de correction de Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
Exécuté par pom (2016-06-01 14:14:32) Run:2
Exécuté depuis C:\Users\pom\Desktop
Profils chargés: pom (Profils disponibles: pom & lil & pom1 & DefaultAppPool)
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
BHO: Complitly -> {0FB6A909-6086-458F-BD92-1F8EE10042A0} -> C:\Users\pom\AppData\Roaming\Complitly\64\Complitly64.dll => Pas de fichier
C:\Users\pom\AppData\Roaming\Complitly
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx <non trouvé(e)>
cmd: bitsadmin /reset /allusers
EmptyTemp:
*****************

Le Point de restauration a été créé avec succès.
"HKLM\SOFTWARE\Policies\Google" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}" => clé supprimé(es) avec succès
"HKCR\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}" => clé supprimé(es) avec succès
"C:\Users\pom\AppData\Roaming\Complitly" => non trouvé(e).
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda" => clé supprimé(es) avec succès

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= Fin de CMD: =========

EmptyTemp: => 208.3 MB données temporaires supprimées.

Le système a dû redémarrer.

==== Fin de Fixlog 14:17:24 ====

Enjoy your day

Stephan

BrianDrab · Jun 1, 2016

Thanks. Can you let me know if the following two issues you reported are still happening?

With chrome I can't access a lot of web pages : it tells me "proxy error" and I can't access "change the proxy settings"
With Firefox all fine, except when I don't charge a web page for a couple of minutes after it takes time to access one

Then please do the following.

Step#1 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool. Click I agree if you agree with the terms of use.
4. Click on Scan.
5. After the scan is complete, if you get a message that states "AdwCleaner found no malicious program on your computer!" then you can click OK and then click the Logfile button. Notepad will open with some information. Copy/Paste this into your next reply. No need to continue with the rest of the steps for AdwCleaner.
6. If you don't get that message then click on "Clean"
7. Confirm each time with Ok.
8. Your computer will be rebooted automatically. A text file will open after the restart.
9. Please post the content of that logfile with your next answer.
10. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner
Danger
.txt

Danger

as well.

Step#2 - JRT by Malwarebytes
1. Download Junkware Removal Tool to your desktop.
2. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
3. The tool will open. Press any key at the Disclaimer screen and the program will create a restore point and then start scanning your system.
4. Please be patient as this can take a while to complete depending on your system's specifications.
5. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
6. Close the text file and reboot your machine.
7. Post the contents of JRT.txt into your next message.

Items for your next post
1. Adwcleaner log
2. JRT log

stephan · Jun 2, 2016

Hi Brian,

Chrome: I can charge any web pages, no more proxy error , thank you

I still can't access "change the proxy settings" but I don't have to use so it's ok.

FF or Chrome still take a long time to access a web page if I do not use the internet a number of minutes before.

Regards

Stephan

# AdwCleaner v5.119 - Rapport créé le 01/06/2016 à 20:34:20
# Mis à jour le 30/05/2016 par Xplode
# Base de données : 2016-05-30.3 [Serveur]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (X64)
# Nom d'utilisateur : pom - ASUS
# Exécuté depuis : C:\Users\pom\Desktop\adwcleaner_5.119.exe
# Option : Nettoyer
# Support : ToolsLib - Forum: Ask for help or share your experience.

***** [ Services ] *****

***** [ Dossiers ] *****

[-] Dossier supprimé : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
[-] Dossier supprimé : C:\Users\pom\AppData\Local\YSearchUtil
[-] Dossier supprimé : C:\Users\pom\AppData\Roaming\GrabPro
[-] Dossier supprimé : C:\Users\pom\AppData\Roaming\ProgSense
[-] Dossier supprimé : C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc
[-] Dossier supprimé : C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Extensions\baohinapilmkigilbbbcccncoljkdpnd
[-] Dossier supprimé : C:\Users\lil\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
[-] Dossier supprimé : C:\Users\pom\AppData\Local\VirtualStore\Program Files (x86)\orbitdownloader
[-] Dossier supprimé : C:\Users\pom\AppData\Local\CrashRpt

***** [ Fichiers ] *****

[-] Fichier supprimé : C:\Users\pom\AppData\Roaming\Bubble Dock.boostrap.log
[-] Fichier supprimé : C:\Users\pom\AppData\Roaming\Bubble Dock.installation.log
[-] Fichier supprimé : C:\Windows\SysNative\roboot64.exe

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Raccourcis ] *****

***** [ Tâches planifiées ] *****

[-] Tâche supprimée : Desk 365 RunAsStdUser

***** [ Registre ] *****

[-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
[-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
[-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Clé supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] Clé supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
[-] Clé supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[-] Clé supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[-] Clé supprimée : HKLM\SOFTWARE\Classes\Prod.cap
[-] Clé supprimée : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
[-] Clé supprimée : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
[-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Clé supprimée : HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
[-] Clé supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
[-] Valeur supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Valeur supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Valeur supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[-] Clé supprimée : HKCU\Software\cacaoweb
[-] Clé supprimée : HKCU\Software\ProgSense
[-] Clé supprimée : HKCU\Software\Link64
[-] Clé supprimée : HKLM\SOFTWARE\hdcode
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\11668D9C06DD0A64689920C3E9AA8BF6
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5BB8B2DE8E6BEBB47BBC322B82D20DF9
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\SearchSettings
[-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\VideoDownloaderUltimate
[-] Clé supprimée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\eSafeSvc

***** [ Navigateurs ] *****

[-] [C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\prefs.js] supprimée : user_pref("browser.pocket.settings.tags", "["webinfotools","libre","licences","protectionnisme","réseaux sociaux","energy","econ","vulgarisation","newecon","devperso","science",\[...]
[-] [C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\prefs.js] supprimée : user_pref("de.soerenrinne.googlebuttons.wholeshebang", "3D Warehouse,Accounts,Ad Manager,Ad Planner,Adsense,Adwords,Analytics,Android Developers,Android Market,Android Market Developer Console,App Eng[...]
[-] [C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\prefs.js] supprimée : user_pref("extensions.pocket.settings.tags", "["webinfotools","libre","licences","protectionnisme","réseaux sociaux","energy","econ","vulgarisation","newecon","devperso","science\[...]
[-] [C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] supprimé : yahoo.com
[-] [C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] supprimé : ask.com
[-] [C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] supprimé : baohinapilmkigilbbbcccncoljkdpnd
[-] [C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] supprimé : chklaanhfefbnpoihckbnefhakgolnmc
[-] [C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] supprimé : npdicihegicnhaangkdmcgbjceoemeoo
[-] [C:\Users\lil\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] supprimé : jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] [C:\Users\lil\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] supprimé : npdicihegicnhaangkdmcgbjceoemeoo

*************************

:: Clés "Tracing" supprimées
:: Paramètres Winsock réinitialisés

*************************

C:\AdwCleaner\AdwCleaner

Danger

.txt - [10321 octets] - [01/06/2016 20:34:20]
C:\AdwCleaner\AdwCleaner[R0].txt - [9103 octets] - [09/09/2013 23:55:57]
C:\AdwCleaner\AdwCleaner[R1].txt - [1158 octets] - [10/09/2013 00:13:57]
C:\AdwCleaner\AdwCleaner[R2].txt - [1315 octets] - [14/09/2013 22:52:20]
C:\AdwCleaner\AdwCleaner[R3].txt - [6329 octets] - [23/10/2013 13:32:14]
C:\AdwCleaner\AdwCleaner[R4].txt - [1709 octets] - [15/11/2013 18:17:35]
C:\AdwCleaner\AdwCleaner[R5].txt - [2871 octets] - [10/01/2014 18:28:06]
C:\AdwCleaner\AdwCleaner[S0].txt - [9179 octets] - [10/09/2013 00:06:07]
C:\AdwCleaner\AdwCleaner[S1].txt - [17029 octets] - [23/10/2013 13:35:55]

########## EOF - C:\AdwCleaner\AdwCleaner

Danger

.txt - [10989 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Home Premium x64
Ran by pom (Administrator) on 01/06/2016 at 20:51:28,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 67

Successfully deleted: C:\ProgramData\Start Menu\Programs\free window registry repair (Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{06EEEE8F-CD9A-4B1C-837D-2E3933858ADB} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{0928BF14-81AF-4BC9-8BBC-681C4A35176E} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{0F208664-98A0-4A58-B479-78E1F8FC62DC} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{0F34703C-8BDE-47F4-A8A0-C1C532286DC1} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{102DF2FC-D9CA-4B10-A46F-64757B87E6B9} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{15479438-174F-4C3F-8628-97D0944690CE} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{1598A499-D695-4E4C-9E87-B32C3ECB1423} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{16D77D3C-C115-4864-A640-8D343B209AA3} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{1904A5A1-139D-49A5-BC94-F6034676E510} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{1D379F04-DD16-4D03-845D-5EC685556D65} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{1E40290A-81D3-41D7-A6A0-268E5DEA4071} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{28A3197C-8464-4493-B832-B5140F152AB2} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{3C0FBD25-940F-4964-9233-D40AA4BEAFB7} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{3E862DC9-1602-429F-8AD7-8F7365E87113} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{46F67A14-095E-4B1C-B587-132572857015} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{48A5E9AE-4874-4DAC-B984-F64E144BDCE7} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{48FA95EF-CE9C-4651-86DB-2B94E79C2B27} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{4EF2E150-6E6A-4546-A9A2-E59AFC2AC423} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{5121B430-02E5-4CF8-BC75-8702B0F4F27C} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{51E62C2F-AD68-4246-A0B2-AC50E852665B} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{52CC5EC8-9952-4D79-984F-25CA1C9F615E} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{5A8E314C-50FE-411C-A7B7-50FA6A5065C9} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{604D390A-284D-4B26-9178-D404C51F06FC} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{647003D4-09D2-4742-B2C0-E9A0F7E192AA} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{68DA6DF0-CF32-4D54-819E-983D0D2BCF3B} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{6B299A9A-A3E4-4F49-A790-4E57A241E807} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{6C3443DD-9789-4891-99E8-1FE3A04CC604} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{7AF3CD55-CD77-4D7E-A0C3-9828B385F33A} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{8218410A-1B64-43BE-99A3-510CC6E6C0ED} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{88805755-C98C-42E6-88E7-17BEAB0E5E9D} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{8C40377F-2318-4298-8FC4-8979A18B2493} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{8E3B07A8-06B6-4776-BE85-21E86B3D4975} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{9271DEDB-FCE4-4566-AEA7-966BF6501B78} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{92EF7C3E-4ADF-480E-ACBB-93FFCA788DBA} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{9EA85063-1693-48A3-B5CC-F7A362AFD35D} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{A51901D4-E420-49B7-BD3D-A3DC5285D196} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{B0FBFFA2-0333-4AA9-84D3-0605CFD83D9F} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{B303E346-085C-4227-8511-510600C1A965} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{B38526D6-B3C1-4967-AE5C-965A6071C10A} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{B72A8E73-8CD8-4582-8860-1E186929AFD0} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{B72F0889-AE6E-4793-AEBC-A1F33CD6E449} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{C26C55F5-FC3B-4855-9BB8-C02BE2D74A3F} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{CB4FF3C6-9D8B-4A47-8308-4CDF58A52869} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{D79D9270-C0F5-44DF-8541-A82542370CEE} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{DC900871-33F4-4B5A-A128-1FCFD0B1EF0E} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{DE4321A1-5C43-47AF-B93C-A4601800D40E} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{E29416C0-3967-474C-91A2-4597739B596D} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{E9BF2BE7-186D-4FAD-98FE-B3AA52493591} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{EC890B62-6417-48EF-96A7-D70CA77BC172} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{F585C832-5132-4A18-A09F-1CEE6BBEDA7F} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{F878DDD3-5209-4E10-B6F8-425EA14A4BA6} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{FA357C9D-C081-4DED-808A-899A9A1F26E0} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{FA660F5A-1D9D-460F-A5F6-A6A403FC0103} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Local\{FE706FF8-6A9C-419E-AD10-D8ED2DF64747} (Empty Folder)
Successfully deleted: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\searchplugins\facebook-search.xml (File)
Successfully deleted: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\searchplugins\torrents-search.xml (File)
Successfully deleted: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\searchplugins\twitter-search.xml (File)
Successfully deleted: C:\Program Files (x86)\dll-files.com fixer (Folder)
Successfully deleted: C:\Users\pom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\70XYZZN2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\pom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GLX2IZR4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\pom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IBMH9JYP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\pom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1KRV9J8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\70XYZZN2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GLX2IZR4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IBMH9JYP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1KRV9J8 (Temporary Internet Files Folder)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/06/2016 at 21:14:15,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

BrianDrab · Jun 2, 2016

Excellent. I think we are done here. Let's clean up and go back to our other topic.

1. Clean Up!
We need to remove all the tools that we used so that should you ever be re-infected, you will download updated versions which may have updated detection logic.
1. Download Delfix from here.
2. Ensure everything is checked.
3. Click Run.
Note: The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
Note: Delete any other .bat, .log, .reg, .txt, and any other files created during this process, and left on the desktop and empty the Recycle Bin.

stephan · Jun 2, 2016

Hi Brian,

I just post the delfix report in the other thread : https://www.sysnative.com/forums/wi...-8007371b-unable-download-windows-update.html

Stephan

[SOLVED] WU Thread 20012 - For BrianDrab

stephan

Member

stephan

Member

stephan

Member

stephan

Member

BrianDrab

Emeritus

Attachments

stephan

Member

Attachments

BrianDrab

Emeritus

Attachments

stephan

Member

BrianDrab

Emeritus

stephan

Member

BrianDrab

Emeritus

stephan

Member