Analysée mon pc
S.loeb88
Messages postés
186
Date d'inscription
Statut
Membre
Dernière intervention
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
je voudrais de l'aide pour faire analysé mon PC pour voir si il y a des virus ou autre bestiole car depuis quelques temps mon PC se bloque et je dois le redémarré .
j'ai déjà lancé bitdefender et malwarebyte et il m'ont rien trouvé .
je voudrais de l'aide pour faire analysé mon PC pour voir si il y a des virus ou autre bestiole car depuis quelques temps mon PC se bloque et je dois le redémarré .
j'ai déjà lancé bitdefender et malwarebyte et il m'ont rien trouvé .
A voir également:
- Analysée mon pc
- Mon pc est lent - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Plus de son sur mon pc - Guide
- Double ecran pc - Guide
23 réponses
On a du boulot :-)
Suis ce tutoriel:
https://www.security-helpzone.com/2013/02/24/securite-adware-adwcleaner_suprimer_logiciels_indesirables/
Puis fais ceci:
▶ Télécharge et lance Slowin' Cleaner.
▶ Ferme et enregistre tout ce qu'il y a d'ouvert, le logiciel devra couper tous les processus actifs.
▶ Dans l'onglet "Nettoyer", clique sur Nettoyer.
▶ Une fois le nettoyage terminé, ferme le logiciel, l'ordinateur redémarrera.
▶ Copie/colle le contenu du rapport "Slowin_Cleaner_[S][x]" sur le forum.
~~
ça va nous épurer le rapport !
Ensuite, refais un ZHPdiag :-)
Suis ce tutoriel:
https://www.security-helpzone.com/2013/02/24/securite-adware-adwcleaner_suprimer_logiciels_indesirables/
Puis fais ceci:
▶ Télécharge et lance Slowin' Cleaner.
▶ Ferme et enregistre tout ce qu'il y a d'ouvert, le logiciel devra couper tous les processus actifs.
▶ Dans l'onglet "Nettoyer", clique sur Nettoyer.
▶ Une fois le nettoyage terminé, ferme le logiciel, l'ordinateur redémarrera.
▶ Copie/colle le contenu du rapport "Slowin_Cleaner_[S][x]" sur le forum.
~~
ça va nous épurer le rapport !
Ensuite, refais un ZHPdiag :-)
le rapport de adwcleaner ( fallais bien clique direct sur suppression après l'avoir lancé pas besoin de faire recherche ? ):
# AdwCleaner v2.005 - Rapport créé le 17/10/2012 à 15:43:21
# Mis à jour le 14/10/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : jonathan - JOHN-HP
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\jonathan\Downloads\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
Arrêté & Supprimé : Web Assistant Updater
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Program Files (x86)\Conduit
Dossier Supprimé : C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2
Dossier Supprimé : C:\Program Files\Web Assistant
Dossier Supprimé : C:\ProgramData\boost_interprocess
Dossier Supprimé : C:\ProgramData\Trymedia
Dossier Supprimé : C:\Users\jonathan\AppData\Local\Conduit
Dossier Supprimé : C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Dossier Supprimé : C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbffombmdffoemfimpemoaaplncjdgfm
Dossier Supprimé : C:\Users\jonathan\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\jonathan\AppData\LocalLow\facemoods.com
Dossier Supprimé : C:\Users\jonathan\AppData\LocalLow\IncrediMail_MediaBar_Francais_2
Dossier Supprimé : C:\Users\jonathan\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\CT2724431
Dossier Supprimé : C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\extensions\{249d74a3-bd19-4657-b6ce-e62f480a20de}
Dossier Supprimé : C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\Smartbar
Fichier Supprimé : C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\searchplugins\MyStart Search.xml
***** [Registre] *****
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_Francais_2
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\kbffombmdffoemfimpemoaaplncjdgfm
Clé Supprimée : HKCU\Software\IM
Clé Supprimée : HKCU\Software\ImInstaller
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{249D74A3-BD19-4657-B6CE-E62F480A20DE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17CD6E7F-13B3-4FB2-A811-C1B885EE6C7F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{249D74A3-BD19-4657-B6CE-E62F480A20DE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2724431
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\ImInstaller
Clé Supprimée : HKLM\Software\IncrediMail_MediaBar_Francais_2
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17CD6E7F-13B3-4FB2-A811-C1B885EE6C7F}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Clé Supprimée : HKLM\Software\Web Assistant
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{17CD6E7F-13B3-4FB2-A811-C1B885EE6C7F}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kbffombmdffoemfimpemoaaplncjdgfm
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F8CCAB4-A922-4FF3-8FD5-97B015B94785}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68F50A9C-BA84-4A40-8D2E-5F672045D248}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail_MediaBar_Francais_2 Toolbar
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Clé Supprimée : HKLM\SOFTWARE\Web Assistant
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{249D74A3-BD19-4657-B6CE-E62F480A20DE}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{249D74A3-BD19-4657-B6CE-E62F480A20DE}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{249D74A3-BD19-4657-B6CE-E62F480A20DE}]
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{249D74A3-BD19-4657-B6CE-E62F480A20DE}]
***** [Navigateurs] *****
-\\ Internet Explorer v9.0.8112.16421
Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.facemoods.com/?a=ddrnw&f=2 --> hxxp://www.google.com
-\\ Mozilla Firefox v17.0 (fr)
Nom du profil : default
Fichier : C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\prefs.js
Supprimée : user_pref("CT2724431.1000082.isPlayDisplay", "true");
Supprimée : user_pref("CT2724431.1000082.state", "{\"state\":\"stopped\",\"text\":\"ckln.fm\",\"description\":\"[...]
Supprimée : user_pref("CT2724431.1000234.TWC_TMP_city", "");
Supprimée : user_pref("CT2724431.1000234.TWC_TMP_country", "FR");
Supprimée : user_pref("CT2724431.129706602501575968.pid2", "87b8825e8cba0f4f");
Supprimée : user_pref("CT2724431.129822507988156052.APP_WIN_FEATURES", "resizable=0,hscroll=0,vscroll=0,titlebar[...]
Supprimée : user_pref("CT2724431.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Supprimée : user_pref("CT2724431.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Supprimée : user_pref("CT2724431.Facebook_Mode", "2");
Supprimée : user_pref("CT2724431.Facebook_User_Locale", "fr");
Supprimée : user_pref("CT2724431.FirstTime", "true");
Supprimée : user_pref("CT2724431.FirstTimeFF3", "true");
Supprimée : user_pref("CT2724431.UserID", "UN79273016677875414");
Supprimée : user_pref("CT2724431.addressBarTakeOverEnabledInHidden", "true");
Supprimée : user_pref("CT2724431.autoDisableScopes", 0);
Supprimée : user_pref("CT2724431.defaultSearch", "false");
Supprimée : user_pref("CT2724431.embeddedsData", "[{\"appId\":\"129248981533598429\",\"apiPermissions\":{\"cross[...]
Supprimée : user_pref("CT2724431.enableAlerts", "always");
Supprimée : user_pref("CT2724431.enableSearchFromAddressBar", "false");
Supprimée : user_pref("CT2724431.firstTimeDialogOpened", "true");
Supprimée : user_pref("CT2724431.fixPageNotFoundError", "false");
Supprimée : user_pref("CT2724431.fixPageNotFoundErrorInHidden", "true");
Supprimée : user_pref("CT2724431.fixUrls", true);
Supprimée : user_pref("CT2724431.installId", "ConduitNSISIntegration");
Supprimée : user_pref("CT2724431.installType", "ConduitNSISIntegration");
Supprimée : user_pref("CT2724431.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Supprimée : user_pref("CT2724431.isNewTabEnabled", true);
Supprimée : user_pref("CT2724431.isPerformedSmartBarTransition", "true");
Supprimée : user_pref("CT2724431.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Supprimée : user_pref("CT2724431.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Supprimée : user_pref("CT2724431.openThankYouPage", "false");
Supprimée : user_pref("CT2724431.openUninstallPage", "true");
Supprimée : user_pref("CT2724431.search.searchAppId", "129248981533598429");
Supprimée : user_pref("CT2724431.search.searchCount", "0");
Supprimée : user_pref("CT2724431.searchInNewTabEnabledInHidden", "true");
Supprimée : user_pref("CT2724431.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Supprimée : user_pref("CT2724431.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Supprimée : user_pref("CT2724431.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1345042511389");
Supprimée : user_pref("CT2724431.serviceLayer_services_appTracking_lastUpdate", "1345042514060");
Supprimée : user_pref("CT2724431.serviceLayer_services_appsMetadata_lastUpdate", "1345128911532");
Supprimée : user_pref("CT2724431.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1345042511609");
Supprimée : user_pref("CT2724431.serviceLayer_services_login_10.10.20.14_lastUpdate", "1345176851581");
Supprimée : user_pref("CT2724431.serviceLayer_services_optimizer_lastUpdate", "1345042511534");
Supprimée : user_pref("CT2724431.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1345042511676");
Supprimée : user_pref("CT2724431.serviceLayer_services_searchAPI_lastUpdate", "1345128912222");
Supprimée : user_pref("CT2724431.serviceLayer_services_serviceMap_lastUpdate", "1345128910880");
Supprimée : user_pref("CT2724431.serviceLayer_services_toolbarContextMenu_lastUpdate", "1345042511731");
Supprimée : user_pref("CT2724431.serviceLayer_services_toolbarSettings_lastUpdate", "1345176850853");
Supprimée : user_pref("CT2724431.serviceLayer_services_translation_lastUpdate", "1345128911080");
Supprimée : user_pref("CT2724431.settingsINI", true);
Supprimée : user_pref("CT2724431.shouldFirstTimeDialog", "false");
Supprimée : user_pref("CT2724431.smartbar.CTID", "CT2724431");
Supprimée : user_pref("CT2724431.smartbar.Uninstall", "0");
Supprimée : user_pref("CT2724431.smartbar.toolbarName", "IncrediMail MediaBar Francais 2 ");
Supprimée : user_pref("CT2724431.startPage", "false");
Supprimée : user_pref("CT2724431.toolbarBornServerTime", "15-8-2012");
Supprimée : user_pref("CT2724431.toolbarCurrentServerTime", "17-8-2012");
Supprimée : user_pref("CT2724431.toolbarDisabled", "true");
Supprimée : user_pref("browser.search.defaultenginename", "MyStart Search");
Supprimée : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=5");
Supprimée : user_pref("extensions.facemoods.aflt", "_#ddrnw");
Supprimée : user_pref("extensions.facemoods.dfltSrch", true);
Supprimée : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
Supprimée : user_pref("extensions.facemoods.dnsErr", true);
Supprimée : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.3");
Supprimée : user_pref("extensions.facemoods.firstRun", false);
Supprimée : user_pref("extensions.facemoods.first_time", false);
Supprimée : user_pref("extensions.facemoods.hmpg", true);
Supprimée : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=ddrnw");
Supprimée : user_pref("extensions.facemoods.id", "_#d6b18b2d0000000000002c27d728ae97");
Supprimée : user_pref("extensions.facemoods.instlDay", "_#15240");
Supprimée : user_pref("extensions.facemoods.mntz", "");
Supprimée : user_pref("extensions.facemoods.newTab", true);
Supprimée : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=2");
Supprimée : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Supprimée : user_pref("extensions.facemoods.searchProviderAdded", true);
Supprimée : user_pref("extensions.facemoods.sid", "_#084b17a12e5a470ea6bb6dfae73ebcfd");
Supprimée : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=3");
Supprimée : user_pref("extensions.facemoods.update", "_#v1.4.0");
Supprimée : user_pref("extensions.facemoods.vrsn", "_#1.4.17.11");
Supprimée : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]
-\\ Google Chrome v22.0.1229.94
Fichier : C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[S1].txt - [13735 octets] - [17/10/2012 15:43:21]
########## EOF - C:\AdwCleaner[S1].txt - [13796 octets] ##########
# AdwCleaner v2.005 - Rapport créé le 17/10/2012 à 15:43:21
# Mis à jour le 14/10/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : jonathan - JOHN-HP
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\jonathan\Downloads\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
Arrêté & Supprimé : Web Assistant Updater
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Program Files (x86)\Conduit
Dossier Supprimé : C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2
Dossier Supprimé : C:\Program Files\Web Assistant
Dossier Supprimé : C:\ProgramData\boost_interprocess
Dossier Supprimé : C:\ProgramData\Trymedia
Dossier Supprimé : C:\Users\jonathan\AppData\Local\Conduit
Dossier Supprimé : C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Dossier Supprimé : C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbffombmdffoemfimpemoaaplncjdgfm
Dossier Supprimé : C:\Users\jonathan\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\jonathan\AppData\LocalLow\facemoods.com
Dossier Supprimé : C:\Users\jonathan\AppData\LocalLow\IncrediMail_MediaBar_Francais_2
Dossier Supprimé : C:\Users\jonathan\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\CT2724431
Dossier Supprimé : C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\extensions\{249d74a3-bd19-4657-b6ce-e62f480a20de}
Dossier Supprimé : C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\Smartbar
Fichier Supprimé : C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\searchplugins\MyStart Search.xml
***** [Registre] *****
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_Francais_2
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\kbffombmdffoemfimpemoaaplncjdgfm
Clé Supprimée : HKCU\Software\IM
Clé Supprimée : HKCU\Software\ImInstaller
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{249D74A3-BD19-4657-B6CE-E62F480A20DE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17CD6E7F-13B3-4FB2-A811-C1B885EE6C7F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{249D74A3-BD19-4657-B6CE-E62F480A20DE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2724431
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\ImInstaller
Clé Supprimée : HKLM\Software\IncrediMail_MediaBar_Francais_2
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17CD6E7F-13B3-4FB2-A811-C1B885EE6C7F}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Clé Supprimée : HKLM\Software\Web Assistant
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{17CD6E7F-13B3-4FB2-A811-C1B885EE6C7F}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kbffombmdffoemfimpemoaaplncjdgfm
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F8CCAB4-A922-4FF3-8FD5-97B015B94785}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68F50A9C-BA84-4A40-8D2E-5F672045D248}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail_MediaBar_Francais_2 Toolbar
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Clé Supprimée : HKLM\SOFTWARE\Web Assistant
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{249D74A3-BD19-4657-B6CE-E62F480A20DE}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{249D74A3-BD19-4657-B6CE-E62F480A20DE}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{249D74A3-BD19-4657-B6CE-E62F480A20DE}]
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{249D74A3-BD19-4657-B6CE-E62F480A20DE}]
***** [Navigateurs] *****
-\\ Internet Explorer v9.0.8112.16421
Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.facemoods.com/?a=ddrnw&f=2 --> hxxp://www.google.com
-\\ Mozilla Firefox v17.0 (fr)
Nom du profil : default
Fichier : C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\prefs.js
Supprimée : user_pref("CT2724431.1000082.isPlayDisplay", "true");
Supprimée : user_pref("CT2724431.1000082.state", "{\"state\":\"stopped\",\"text\":\"ckln.fm\",\"description\":\"[...]
Supprimée : user_pref("CT2724431.1000234.TWC_TMP_city", "");
Supprimée : user_pref("CT2724431.1000234.TWC_TMP_country", "FR");
Supprimée : user_pref("CT2724431.129706602501575968.pid2", "87b8825e8cba0f4f");
Supprimée : user_pref("CT2724431.129822507988156052.APP_WIN_FEATURES", "resizable=0,hscroll=0,vscroll=0,titlebar[...]
Supprimée : user_pref("CT2724431.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Supprimée : user_pref("CT2724431.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Supprimée : user_pref("CT2724431.Facebook_Mode", "2");
Supprimée : user_pref("CT2724431.Facebook_User_Locale", "fr");
Supprimée : user_pref("CT2724431.FirstTime", "true");
Supprimée : user_pref("CT2724431.FirstTimeFF3", "true");
Supprimée : user_pref("CT2724431.UserID", "UN79273016677875414");
Supprimée : user_pref("CT2724431.addressBarTakeOverEnabledInHidden", "true");
Supprimée : user_pref("CT2724431.autoDisableScopes", 0);
Supprimée : user_pref("CT2724431.defaultSearch", "false");
Supprimée : user_pref("CT2724431.embeddedsData", "[{\"appId\":\"129248981533598429\",\"apiPermissions\":{\"cross[...]
Supprimée : user_pref("CT2724431.enableAlerts", "always");
Supprimée : user_pref("CT2724431.enableSearchFromAddressBar", "false");
Supprimée : user_pref("CT2724431.firstTimeDialogOpened", "true");
Supprimée : user_pref("CT2724431.fixPageNotFoundError", "false");
Supprimée : user_pref("CT2724431.fixPageNotFoundErrorInHidden", "true");
Supprimée : user_pref("CT2724431.fixUrls", true);
Supprimée : user_pref("CT2724431.installId", "ConduitNSISIntegration");
Supprimée : user_pref("CT2724431.installType", "ConduitNSISIntegration");
Supprimée : user_pref("CT2724431.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Supprimée : user_pref("CT2724431.isNewTabEnabled", true);
Supprimée : user_pref("CT2724431.isPerformedSmartBarTransition", "true");
Supprimée : user_pref("CT2724431.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Supprimée : user_pref("CT2724431.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Supprimée : user_pref("CT2724431.openThankYouPage", "false");
Supprimée : user_pref("CT2724431.openUninstallPage", "true");
Supprimée : user_pref("CT2724431.search.searchAppId", "129248981533598429");
Supprimée : user_pref("CT2724431.search.searchCount", "0");
Supprimée : user_pref("CT2724431.searchInNewTabEnabledInHidden", "true");
Supprimée : user_pref("CT2724431.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Supprimée : user_pref("CT2724431.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Supprimée : user_pref("CT2724431.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Supprimée : user_pref("CT2724431.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1345042511389");
Supprimée : user_pref("CT2724431.serviceLayer_services_appTracking_lastUpdate", "1345042514060");
Supprimée : user_pref("CT2724431.serviceLayer_services_appsMetadata_lastUpdate", "1345128911532");
Supprimée : user_pref("CT2724431.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1345042511609");
Supprimée : user_pref("CT2724431.serviceLayer_services_login_10.10.20.14_lastUpdate", "1345176851581");
Supprimée : user_pref("CT2724431.serviceLayer_services_optimizer_lastUpdate", "1345042511534");
Supprimée : user_pref("CT2724431.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1345042511676");
Supprimée : user_pref("CT2724431.serviceLayer_services_searchAPI_lastUpdate", "1345128912222");
Supprimée : user_pref("CT2724431.serviceLayer_services_serviceMap_lastUpdate", "1345128910880");
Supprimée : user_pref("CT2724431.serviceLayer_services_toolbarContextMenu_lastUpdate", "1345042511731");
Supprimée : user_pref("CT2724431.serviceLayer_services_toolbarSettings_lastUpdate", "1345176850853");
Supprimée : user_pref("CT2724431.serviceLayer_services_translation_lastUpdate", "1345128911080");
Supprimée : user_pref("CT2724431.settingsINI", true);
Supprimée : user_pref("CT2724431.shouldFirstTimeDialog", "false");
Supprimée : user_pref("CT2724431.smartbar.CTID", "CT2724431");
Supprimée : user_pref("CT2724431.smartbar.Uninstall", "0");
Supprimée : user_pref("CT2724431.smartbar.toolbarName", "IncrediMail MediaBar Francais 2 ");
Supprimée : user_pref("CT2724431.startPage", "false");
Supprimée : user_pref("CT2724431.toolbarBornServerTime", "15-8-2012");
Supprimée : user_pref("CT2724431.toolbarCurrentServerTime", "17-8-2012");
Supprimée : user_pref("CT2724431.toolbarDisabled", "true");
Supprimée : user_pref("browser.search.defaultenginename", "MyStart Search");
Supprimée : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=5");
Supprimée : user_pref("extensions.facemoods.aflt", "_#ddrnw");
Supprimée : user_pref("extensions.facemoods.dfltSrch", true);
Supprimée : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
Supprimée : user_pref("extensions.facemoods.dnsErr", true);
Supprimée : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.3");
Supprimée : user_pref("extensions.facemoods.firstRun", false);
Supprimée : user_pref("extensions.facemoods.first_time", false);
Supprimée : user_pref("extensions.facemoods.hmpg", true);
Supprimée : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=ddrnw");
Supprimée : user_pref("extensions.facemoods.id", "_#d6b18b2d0000000000002c27d728ae97");
Supprimée : user_pref("extensions.facemoods.instlDay", "_#15240");
Supprimée : user_pref("extensions.facemoods.mntz", "");
Supprimée : user_pref("extensions.facemoods.newTab", true);
Supprimée : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=2");
Supprimée : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Supprimée : user_pref("extensions.facemoods.searchProviderAdded", true);
Supprimée : user_pref("extensions.facemoods.sid", "_#084b17a12e5a470ea6bb6dfae73ebcfd");
Supprimée : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=3");
Supprimée : user_pref("extensions.facemoods.update", "_#v1.4.0");
Supprimée : user_pref("extensions.facemoods.vrsn", "_#1.4.17.11");
Supprimée : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]
-\\ Google Chrome v22.0.1229.94
Fichier : C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[S1].txt - [13735 octets] - [17/10/2012 15:43:21]
########## EOF - C:\AdwCleaner[S1].txt - [13796 octets] ##########
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
rapport de ad remover:
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 15:48:57 le 17/10/2012, Mode normal
Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
jonathan@JOHN-HP (Hewlett-Packard G5429fr)
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Trymedia Systems
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [17.0 (fr)] ****
HKLM_MozillaPlugins\@garmin.com/GpsControl (x)
HKLM_MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 (x)
HKLM_MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater (x)
HKLM_MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 (x)
HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
-- C:\Users\jonathan\AppData\Roaming\Mozilla\FireFox\Profiles\fh98qhyi.default --
Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} (Garmin Communicator)
Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} (HP Detect)
Prefs.js - browser.download.lastDir, C:\\Users\\jonathan\\Desktop
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://mystart.incredimail.com/mb156?a=19d4EmLye4h
Prefs.js - browser.startup.homepage_override.buildID, 20121010150351
Prefs.js - browser.startup.homepage_override.mstone, 17.0
Prefs.js - keyword.URL, hxxp://mystart.incredimail.com/mb156/?loc=ff_address_bar&a=19d4EmLye4h&search=
========================================
**** Google Chrome Version [22.0.1229.94] ****
-- C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\Default --
Preferences - homepage: hxxp://www.google.fr/
Preferences - homepage_is_newtabpage: false
Preferences - urls_to_restore_on_startup: hxxp://www.google.fr/
Preferences - default_search_provider: "Google" (Activé: true) ( "search_url": "hxxps://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs",)
Preferences - homepage: hxxp://www.google.fr/
Preferences - homepage_is_newtabpage: false
Plugin - Remoting Viewer (Activé: true) (internal-remoting-viewer) (x)
Plugin - "Remoting Viewer" (Activé: true)
Plugin - Native Client (Activé: true) (C:\Users\jonathan\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll)
Plugin - "Native Client" (Activé: true)
Plugin - Shockwave Flash (Activé: false) (C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll)
Plugin - "Java" (Activé: true)
Plugin - Garmin Communicator Plug-In (Activé: true) (C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll)
Plugin - "Garmin Communicator Plug-In" (Activé: true)
Plugin - WildTangent Games App Presence Detector (Activé: true) (C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll)
Plugin - "WildTangent Games App Presence Detector" (Activé: true)
Plugin - Windows Live\\u0099 Photo Gallery (Activé: true) (C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - "Windows Live\\u0099 Photo Gallery" (Activé: true)
Plugin - "Silverlight" (Activé: true)
Preferences - urls_to_restore_on_startup: hxxp://www.google.fr/
========================================
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - "eBay" (hxxp://rover.ebay.com/rover/1/709-111075-12437-2/4?mpre=hxxp://shop.ebay.com/?_n...)
HKCU_SearchScopes\{DE949327-08D7-4006-AFFF-38B7656E3098} - "Propositions de recherche Amazon.fr" (hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=...)
HKLM_SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKLM_SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - "eBay" (hxxp://rover.ebay.com/rover/1/709-111075-12437-2/4?mpre=hxxp://shop.ebay.com/?_n...)
HKLM_SearchScopes\{DE949327-08D7-4006-AFFF-38B7656E3098} - "Propositions de recherche Amazon.fr" (hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=...)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\symerr.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe (Oracle Corporation)
HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files (x86)\Java\jre7\bin\javaws.exe (Oracle Corporation)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe (Oracle Corporation)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 15 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 17/10/2012 15:49:00 (6481 Octet(s))
Fin à: 15:49:43, 17/10/2012
============== E.O.F ==============
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 15:48:57 le 17/10/2012, Mode normal
Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
jonathan@JOHN-HP (Hewlett-Packard G5429fr)
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Trymedia Systems
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [17.0 (fr)] ****
HKLM_MozillaPlugins\@garmin.com/GpsControl (x)
HKLM_MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 (x)
HKLM_MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater (x)
HKLM_MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 (x)
HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
-- C:\Users\jonathan\AppData\Roaming\Mozilla\FireFox\Profiles\fh98qhyi.default --
Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} (Garmin Communicator)
Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} (HP Detect)
Prefs.js - browser.download.lastDir, C:\\Users\\jonathan\\Desktop
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://mystart.incredimail.com/mb156?a=19d4EmLye4h
Prefs.js - browser.startup.homepage_override.buildID, 20121010150351
Prefs.js - browser.startup.homepage_override.mstone, 17.0
Prefs.js - keyword.URL, hxxp://mystart.incredimail.com/mb156/?loc=ff_address_bar&a=19d4EmLye4h&search=
========================================
**** Google Chrome Version [22.0.1229.94] ****
-- C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\Default --
Preferences - homepage: hxxp://www.google.fr/
Preferences - homepage_is_newtabpage: false
Preferences - urls_to_restore_on_startup: hxxp://www.google.fr/
Preferences - default_search_provider: "Google" (Activé: true) ( "search_url": "hxxps://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs",)
Preferences - homepage: hxxp://www.google.fr/
Preferences - homepage_is_newtabpage: false
Plugin - Remoting Viewer (Activé: true) (internal-remoting-viewer) (x)
Plugin - "Remoting Viewer" (Activé: true)
Plugin - Native Client (Activé: true) (C:\Users\jonathan\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll)
Plugin - "Native Client" (Activé: true)
Plugin - Shockwave Flash (Activé: false) (C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll)
Plugin - "Java" (Activé: true)
Plugin - Garmin Communicator Plug-In (Activé: true) (C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll)
Plugin - "Garmin Communicator Plug-In" (Activé: true)
Plugin - WildTangent Games App Presence Detector (Activé: true) (C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll)
Plugin - "WildTangent Games App Presence Detector" (Activé: true)
Plugin - Windows Live\\u0099 Photo Gallery (Activé: true) (C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - "Windows Live\\u0099 Photo Gallery" (Activé: true)
Plugin - "Silverlight" (Activé: true)
Preferences - urls_to_restore_on_startup: hxxp://www.google.fr/
========================================
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - "eBay" (hxxp://rover.ebay.com/rover/1/709-111075-12437-2/4?mpre=hxxp://shop.ebay.com/?_n...)
HKCU_SearchScopes\{DE949327-08D7-4006-AFFF-38B7656E3098} - "Propositions de recherche Amazon.fr" (hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=...)
HKLM_SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKLM_SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - "eBay" (hxxp://rover.ebay.com/rover/1/709-111075-12437-2/4?mpre=hxxp://shop.ebay.com/?_n...)
HKLM_SearchScopes\{DE949327-08D7-4006-AFFF-38B7656E3098} - "Propositions de recherche Amazon.fr" (hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=...)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\symerr.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe (Oracle Corporation)
HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files (x86)\Java\jre7\bin\javaws.exe (Oracle Corporation)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe (Oracle Corporation)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 15 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 17/10/2012 15:49:00 (6481 Octet(s))
Fin à: 15:49:43, 17/10/2012
============== E.O.F ==============
###### Slowin' Cleaner (TM) 1.2 © Saachaa ######
------- Informations logiciel
| Lancement : 17/10/2012 | 16:11:07
| Mis à jour : 03 / 10 / 2012
| Infos : https://www.security-helpzone.com/
| Scanné : 0
| Nettoyé : 1
------- Informations système
| jonathan (Admin)
| Windows 7 Home Premium (x64) Service Pack 1
| Intel(R) Core(TM) i5-2400S CPU @ 2.50GHz
| RAM 4.2 GO - 54%
------- Options [Nettoyage]
|X| Tuer tous les processus
|X| Logiciels
|X| Démarrage
|X| Registre
|X| Services
|X| Tâches
|x| Installeurs
|x| Mozilla Firefox
------- Processus
| atiesrxx.exe
| atieclxx.exe
| spoolsv.exe
| armsvc.exe
| ezSharedSvcHost.exe
| HPClientServices.exe
| HPDrvMntSvc.exe
| Jhi_service.exe
| mbamscheduler.exe
| pdfsvc.exe
| RadeonProSupport.exe
| sftvsa.exe
| tmInstall.exe
| WDDMService.exe
| WDFME.exe
| WDSC.exe
| taskhost.exe
| hpsysdrv.exe
| XBoxStat.exe
| RocketDock.exe
| TeaTimer.exe
| hpwuschd2.exe
| jusched.exe
| MOM.exe
| WLIDSVC.EXE
| HPAuto.exe
| WLIDSVCM.EXE
| SDWinSec.exe
| unsecapp.exe
| CVHSVC.EXE
| SearchIndexer.exe
| SearchProtocolHost.exe
| WUDFHost.exe
| IAStorIcon.exe
| HPSA_Service.exe
| IAStorDataMgrSvc.exe
| LMS.exe
| mbamgui.exe
| UNS.exe
| firefox.exe
| SearchFilterHost.exe
| taskhost.exe
| explorer.exe
------- Mozilla Firefox
|$| Mozilla Firefox est apte à être optimisé
------- Logiciels
|@| Ad-Remover par C_XX
|@| Polar Bowler
|@| Jewel Quest Solitaire
|@| Slingo Deluxe
|@| Virtual Villagers - The Secret City
|@| Cake Mania
|@| Bejeweled 2 Deluxe
|@| Chuzzle Deluxe
|@| Fishdom
|@| Update Installer for WildTangent Games App
|@| HiJackThis
|@| WildTangent Games App (HP Games)
|@| Spybot - Search & Destroy
------- Démarrage
|#| [Sidebar] : [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
|#| [Sidebar] : [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
------- Registre
| ContigFileAllocSize : "" -> "512"
| DisableAutoUpdate : "" -> "1"
| OptimizeComplete : "" -> "N"
| Enable : "" -> "N"
| HungAppTimeout : "" -> "2500"
| WaitToKillAppTimeout : "" -> "2500"
| MenuShowDelay : "400" -> "0"
| LowLevelHooksTimeout : "" -> "1000"
| AutoEndTasks : "" -> "1"
| SmoothScroll : "" -> "0x00000000"
| WaitToKillServiceTimeout : "12000" -> "0"
| Psched : "" -> "0"
| NoBestEffortLimit : "" -> "0"
| NoAutoRebootWithLoggedOnUsers : "" -> "1"
| NtfsDisable8dot3NameCreation : "2" -> "1"
| AlwaysUnloadDll : "" -> "1"
| EnableAutoLayout : "" -> "1"
| DisablePagingExecutive : "0" -> "1"
| LargeSystemCache : "0" -> "1"
| LastAccess : "7" -> "0"
| SizReqBuf : "" -> "65535"
------- Services
|M| Modules de génération de clés IKE et AuthIP - (IKEEXT)
|D| Télécopie - (Fax)
|D| GamesAppService - (GamesAppService)
|D| Windows Search - (WSearch)
|D| WebClient - (WebClient)
|D| Client DNS - (Dnscache)
|D| Stratégie de retrait de la carte à puce - (SCPolicySvc)
|D| Téléphonie - (TapiSrv)
|D| Service de rapport d'erreurs Windows - (WerSvc)
|D| Ouverture de session secondaire - (seclogon)
|D| Carte à puce - (SCardSvr)
|D| Gestion des clés et des certificats d'intégrité - (hkmsvc)
|D| Registre à distance - (RemoteRegistry)
|D| Service Panneau de saisie Tablet PC - (TabletInputService)
|D| Propagation du certificat - (CertPropSvc)
|D| Groupement de mise en réseau de pairs - (p2psvc)
|D| Client de suivi de lien distribué - (TrkWks)
|D| Interruption SNMP - (SNMPTRAP)
|D| Agent de protection d'accès réseau - (napagent)
|D| Gestionnaire d'identité réseau homologue - (p2pimsvc)
|D| Service Énumérateur d'appareil mobile - (WPDBusEnum)
------- Tâches planifiées
|&| Adobe Flash Player Updater.job
|&| GoogleUpdateTaskMachineCore.job
|&| GoogleUpdateTaskMachineUA.job
|&| GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000Core.job
|&| GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000UA.job
|&| HPCeeScheduleForJOHN-HP$.job
|&| HPCeeScheduleForjonathan.job
------- Installeurs
|*| C:\Users\jonathan\Desktop\DepannageRSRBR2012.exe
|*| C:\Users\jonathan\Desktop\four tout\Norton 2011 I.S v18.5.0.125 + [ 88 yr ] Crack\NIS-TW-30-18-5-0-125-FR.exe
|*| C:\Users\jonathan\Desktop\hd tv\data\proxy\privoxy.exe
|*| C:\Users\jonathan\Desktop\hd tv\data\rtmpdump\rtmpgw.exe
|*| C:\Users\jonathan\Desktop\PS3\ebootFIX.exe
|*| C:\Users\jonathan\Desktop\PS3\ebootMOD.exe
|*| C:\Users\jonathan\Desktop\PS3\elf_builder.exe
|*| C:\Users\jonathan\Desktop\PS3\make_self.exe
|*| C:\Users\jonathan\Desktop\PS3\make_self_npdrm.exe
|*| C:\Users\jonathan\Desktop\PS3\package_finalize.exe
|*| C:\Users\jonathan\Desktop\PS3\psn_package_npdrm.exe
|*| C:\Users\jonathan\Desktop\PS3\readself.exe
|*| C:\Users\jonathan\Desktop\PS3\self_rebuilder.exe
|*| C:\Users\jonathan\Desktop\PS3\unself.exe
|*| C:\Users\jonathan\Documents\MapSource_6163.exe
|*| C:\Users\jonathan\Downloads\Install_Pack_Group_R.exe
|*| C:\Users\jonathan\Downloads\Install_Pack_N4_S2000_2.exe
|*| C:\Users\jonathan\Downloads\Install_Pack_R3.exe
|*| C:\Users\jonathan\Downloads\jxpiinstall.exe
|*| C:\Users\jonathan\Downloads\Patch F1RTS 2012 V2.3(1).exe
|*| C:\Users\jonathan\Downloads\rFactor2_Build49_Setup(1).exe
|*| C:\Users\jonathan\Downloads\setup_chrispc_free_anonymous_proxy_3_10.exe
|*| C:\Users\jonathan\Downloads\RACE 07 ot Akella\Race '07 v1.0 [ENGLISH] Fixed EXE\Race07.exe
------- Commandes
| Données de sauvegarde SP1 supprimées
------- Fichiers
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\+DCGXQdyEX+0icFgXntxNA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\0fkKSgteu0wYoFQ0DElCFg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\0VRytCccK_1wO2ezpjGITw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\1GqClAVerOypYWCg2L0EpA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\1RLb6L2K+7Vf8+G98SlhLA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\1yy8uMP7NOmIm47Oe_F3xQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\282Em2VWSPSZhb00LIIcxQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\2tNxV6f65gIjINW0O8sSTg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\4De4YbYWA0jF5UWHLU7JHQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\4djZu+SKel5wciLUhNtulA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\4Kt8230ooWJtntVQDBLHag==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\5WVM62SXn5MTFfICCtphUw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\6CAIe8lD4yo6+6bPyCWSDA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\6vfYFXgXQEVqbtA1oszJ+g==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\7jusf+J9MlbIK7xWHr0Q2A==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\98tF2oj3Y9_u2J5uszhBCg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\c+Ef3rYyEvvJ+_GaAQPiyA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\e3ULFZEQ67RGK+FCuCUY0A==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\fQZExgrL71fcbICBmZ2AJA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\h5IjAgXry_HW0e8k+NtDCA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\H67v8uzy8ynNK3p9RXEMvQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\HDDRNcz00sY5YSg8doz7Bg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\Ht4hWqEOVd6rnClvfpeIDw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\ID8riu0jfJSzLexMkhkXqA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\IlVxTvMk21a4MiQg5+V47A==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\i_5x+hP04xlmvwyT1Nwq_g==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\k18JA3CAMuFn86F2W90xmA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\KeP6TzJmFBglSKljhvHpUw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\LXztDVWDJb8zEOj2Nc5V7g==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\nbz4xRSPMwzwqlWSuMFyXA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\o5Xv_FeOAPn+f2jZx5Vq5w==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\oZ8oFtog_v3F+9I7oIaNWg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\p6KtwLcAoZCDQRuqv9uJlA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\PgwWiqHJF8BYh+OyMSnnFA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\qUYekXPXluHgrtdWBCFuAg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\QVyJbojBTX9IF2Bu+euHKQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\qZMcFAYb1_D0TNFraICnxQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\s0KpgnGJv7p57E9tWKxCQw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\sFueylUDO6OVwB4uuF1ggA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\SK3gMXdbdq_ldl6r6+An3w==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\tc5t6HetjmAnv68gtwDH7w==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\upxe80ESC9ZvugJf1dxC4g==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\VMDF_eOgaOobsP6_cb9ynw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\WlK+jUh4tqGRH9uV6kpJbg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\XfWU+x3a8AgDA1lUWAm_Eg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\xhBhMDqvU1rI8X_r1BXeJw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\xuQlfC12lgoBMEamK5eADQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\y4dQq_s+T+Mi3ACVEl1wXA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\YanO68LVIVUUjwj_pXbO1g==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\yOBvVko_XfkRdhBbZCjtKA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\YPW0pw89uOaHEYSDI0eiXA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\Z4U_YcuFTeqyV_bdnJpN9Q==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\zg3jfU33cAioyi_zw93ayA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\_EWzIheGBwUIaRnzP3QVaw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\startupcache\startupCache.4.little
| C:\Users\jonathan\AppData\Local\Temp\AdobeARM.log
| C:\Users\jonathan\AppData\Local\Temp\FXSAPIDebugLogFile.txt
| C:\Users\jonathan\AppData\Local\Temp\hrVlPmZd.exe.part
| C:\Users\jonathan\AppData\Local\Temp\ihQm6Kaf.exe.part
| C:\Users\jonathan\AppData\Local\Temp\jusched.log
| C:\Users\jonathan\AppData\Local\Temp\liste+des+engage+15-10-12.pdf
| C:\Users\jonathan\AppData\Local\Temp\mhe1p4Jh.exe.part
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20121017_103922487-Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-MSP0.txt
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20121017_103922487-MSI_vc_red.msi.txt
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20121017_103922487.html
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20121017_103903852-Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-MSP0.txt
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20121017_103903852-MSI_vc_red.msi.txt
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20121017_103903852.html
| C:\Users\jonathan\AppData\Local\Temp\nsi8BCB.tmp
| C:\Users\jonathan\AppData\Local\Temp\PDApp.log
| C:\Users\jonathan\AppData\Local\Temp\RlxSzU1t.exe.part
| C:\Users\jonathan\AppData\Local\Temp\Search.ico
| C:\Users\jonathan\AppData\Local\Temp\Setup Log 2012-10-16 #001.txt
| C:\Users\jonathan\AppData\Local\Temp\sEXrtVEd.exe.part
| C:\Users\jonathan\AppData\Local\Temp\TFRAD80.tmp
| C:\Users\jonathan\AppData\Local\Temp\TWAIN.LOG
| C:\Users\jonathan\AppData\Local\Temp\Twain001.Mtx
| C:\Users\jonathan\AppData\Local\Temp\Twunk001.MTX
| C:\Users\jonathan\AppData\Local\Temp\Twunk002.MTX
| C:\Users\jonathan\AppData\Local\Temp\Uninstall.ico
| C:\Users\jonathan\AppData\Local\Temp\~bd91D3.tmp
| C:\Users\jonathan\AppData\Local\Temp\~bd976F.tmp
| C:\Users\jonathan\AppData\Local\Temp\~bdB51B.tmp
| C:\Users\jonathan\AppData\Local\Temp\~DF5375D63D2C9441E8.TMP
| C:\Users\jonathan\AppData\Local\Temp\~DFB0EE5C6FB4988216.TMP
| C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\TEMPOR~1\desktop.ini
| C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
| C:\Windows\temp\lpksetup-20121017-155056-0.log
| C:\Windows\temp\~bd814F.tmp
| C:\Windows\temp\~bd995F.tmp
| C:\Windows\temp\~bdAC6.tmp
| C:\Windows\temp\~bdC2D2.tmp
| C:\Windows\temp\~bdEEA1.tmp
| C:\Windows\Prefetch\ADOBEARM.EXE-7105D3A2.pf
| C:\Windows\Prefetch\AERTSR64.EXE-F39C2310.pf
| C:\Windows\Prefetch\AgAppLaunch.db
| C:\Windows\Prefetch\AgCx_SC1.db
| C:\Windows\Prefetch\AgCx_SC1.db.trx
| C:\Windows\Prefetch\AgCx_SC4.db
| C:\Windows\Prefetch\AgGlFaultHistory.db
| C:\Windows\Prefetch\AgGlFgAppHistory.db
| C:\Windows\Prefetch\AgGlGlobalHistory.db
| C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1382284741-163664239-3392141310-1000.db
| C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1382284741-163664239-3392141310-1000.db
| C:\Windows\Prefetch\AgRobust.db
| C:\Windows\Prefetch\AIDA32.BIN-AC3C5538.pf
| C:\Windows\Prefetch\AIDA32.EXE-B8AE3C5D.pf
| C:\Windows\Prefetch\ATBROKER.EXE-2E15A492.pf
| C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf
| C:\Windows\Prefetch\BDAGENT.EXE-D444366C.pf
| C:\Windows\Prefetch\CCC.EXE-B637C9BF.pf
| C:\Windows\Prefetch\CLI.EXE-BB402402.pf
| C:\Windows\Prefetch\CLISTART.EXE-0F58A398.pf
| C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
| C:\Windows\Prefetch\CVHSVC.EXE-F0F061EE.pf
| C:\Windows\Prefetch\DEFMGR.EXE-30900847.pf
| C:\Windows\Prefetch\DIFX64.EXE-00695373.pf
| C:\Windows\Prefetch\DINOTIFY.EXE-35A869D6.pf
| C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf
| C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
| C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
| C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf
| C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf
| C:\Windows\Prefetch\DLLHOST.EXE-E7777CC4.pf
| C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf
| C:\Windows\Prefetch\DOWNLOADER.EXE-0954C326.pf
| C:\Windows\Prefetch\DRV64.EXE-E3BF9766.pf
| C:\Windows\Prefetch\DRV64.EXE-F3E56F13.pf
| C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf
| C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
| C:\Windows\Prefetch\DXWEBSETUP.EXE-C0BF3817.pf
| C:\Windows\Prefetch\DXWSETUP.EXE-18ED3310.pf
| C:\Windows\Prefetch\EVEREST-ULTIMATE_EVEREST_ULTI-D9308EB7.pf
| C:\Windows\Prefetch\EVEREST-ULTIMATE_EVEREST_ULTI-EBD7AF27.pf
| C:\Windows\Prefetch\EVEREST.EXE-EE82ED2A.pf
| C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
| C:\Windows\Prefetch\FIREFOX.EXE-18ACFCFF.pf
| C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_4_402_28-BD195051.pf
| C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf
| C:\Windows\Prefetch\GOOGLEUPDATE.EXE-935AA966.pf
| C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf
| C:\Windows\Prefetch\HECISERVER.EXE-27DA4210.pf
| C:\Windows\Prefetch\HPSA_SERVICE.EXE-AD6579F0.pf
| C:\Windows\Prefetch\HPSYSDRV.EXE-C93AA317.pf
| C:\Windows\Prefetch\HPWUSCHD2.EXE-DE9C9D03.pf
| C:\Windows\Prefetch\IATA_CD.EXE-ABA958F4.pf
| C:\Windows\Prefetch\IMAPP.EXE-3E2B42CA.pf
| C:\Windows\Prefetch\IMNOTFY.EXE-53DEA81D.pf
| C:\Windows\Prefetch\INCMAIL.EXE-F91AEC10.pf
| C:\Windows\Prefetch\INF_ALLOS_9.3.0.1021_PV.EXE-938410AC.pf
| C:\Windows\Prefetch\INSTALLUTIL.EXE-4B9F3C61.pf
| C:\Windows\Prefetch\INTELMEFWSERVICE.EXE-1AEA9A7F.pf
| C:\Windows\Prefetch\ISBEW64.EXE-2563689F.pf
| C:\Windows\Prefetch\ISBEW64.EXE-285D3F32.pf
| C:\Windows\Prefetch\ISBEW64.EXE-D7D40816.pf
| C:\Windows\Prefetch\JHI_SERVICE.EXE-6D19BDC1.pf
| C:\Windows\Prefetch\Layout.ini
| C:\Windows\Prefetch\LMS.EXE-8C70F87D.pf
| C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
| C:\Windows\Prefetch\MACONFSERVICE.EXE-96E7771B.pf
| C:\Windows\Prefetch\MBAMGUI.EXE-1CA97248.pf
| C:\Windows\Prefetch\MBAMSERVICE.EXE-B55DB80C.pf
| C:\Windows\Prefetch\MCSTUBUSER.EXE-C227BACB.pf
| C:\Windows\Prefetch\MDSCHED.EXE-349F1ED0.pf
| C:\Windows\Prefetch\MEI_ALLOS_8.1.0.1252_PV.EXE-BC5871F1.pf
| C:\Windows\Prefetch\MMC.EXE-E5EE3A89.pf
| C:\Windows\Prefetch\MMLOADDRV.EXE-4072A3B8.pf
| C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf
| C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
| C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf
| C:\Windows\Prefetch\MSIEXEC.EXE-E09A077A.pf
| C:\Windows\Prefetch\MYSTIFY.SCR-0667C0AF.pf
| C:\Windows\Prefetch\NGEN.EXE-3CFD6908.pf
| C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
| C:\Windows\Prefetch\OCCTPT4.3.1.EXE-4E2AFAC0.pf
| C:\Windows\Prefetch\PfSvPerfStats.bin
| C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-F1B02F03.pf
| C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-73BE9E78.pf
| C:\Windows\Prefetch\RAVBG64.EXE-44375395.pf
| C:\Windows\Prefetch\RAVCPL64.EXE-D6B4B613.pf
| C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf
| C:\Windows\Prefetch\RELPOST.EXE-D1F65AB5.pf
| C:\Windows\Prefetch\ROCKETDOCK.EXE-CC4B0B1B.pf
| C:\Windows\Prefetch\RTINSTALLER64.EXE-A5A8CDB4.pf
| C:\Windows\Prefetch\RTKNGUI64.EXE-211AE6DF.pf
| C:\Windows\Prefetch\RTLUPD64.EXE-353F2EF7.pf
| C:\Windows\Prefetch\RUNDLL32.EXE-02CC9EFF.pf
| C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf
| C:\Windows\Prefetch\RUNDLL32.EXE-A658638B.pf
| C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf
| C:\Windows\Prefetch\RUNONCE.EXE-0E293DD6.pf
| C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
| C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf
| C:\Windows\Prefetch\SDWINSEC.EXE-644A4D2D.pf
| C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
| C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf
| C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
| C:\Windows\Prefetch\SETUP.EXE-2399C267.pf
| C:\Windows\Prefetch\SETUP.EXE-34C3CFE4.pf
| C:\Windows\Prefetch\SETUP.EXE-5DBCA6C9.pf
| C:\Windows\Prefetch\SETUP.EXE-9F7E2CB4.pf
| C:\Windows\Prefetch\SETUP.EXE-B96CD595.pf
| C:\Windows\Prefetch\SETUP.EXE-C4BDB781.pf
| C:\Windows\Prefetch\SETUP.EXE-D404A8DF.pf
| C:\Windows\Prefetch\SFTLIST.EXE-83E2B9AC.pf
| C:\Windows\Prefetch\SPLWOW64.EXE-297C4568.pf
| C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf
| C:\Windows\Prefetch\SVCHOST.EXE-3AB35CA7.pf
| C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
| C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
| C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf
| C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-64B3993D.pf
| C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
| C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf
| C:\Windows\Prefetch\TEATIMER.EXE-BFF02B54.pf
| C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
| C:\Windows\Prefetch\UNS.EXE-E6E49771.pf
| C:\Windows\Prefetch\UPDATERSTARTUPUTILITY.EXE-E056967B.pf
| C:\Windows\Prefetch\UPDATESRV.EXE-35D4EC11.pf
| C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf
| C:\Windows\Prefetch\VCREDIST_X64.EXE-B117E931.pf
| C:\Windows\Prefetch\VCREDIST_X86.EXE-A2A840B5.pf
| C:\Windows\Prefetch\VISTA_WIN7_WIN8_R270(1).EXE-54C31BF7.pf
| C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
| C:\Windows\Prefetch\WERFAULT.EXE-37549B7E.pf
| C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf
| C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
| C:\Windows\Prefetch\WINRAR.EXE-94E7D80C.pf
| C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
| C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
| C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf
| C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf
| C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
| C:\Windows\Prefetch\XBOXSTAT.EXE-16DABDFB.pf
| C:\Windows\System32\LogFiles\Scm\042937cb-5476-4c2a-8480-c5e036578e2b
| C:\Windows\System32\LogFiles\Scm\044a6734-e90e-4f8f-b357-b2dc8ab3b5ec
| C:\Windows\System32\LogFiles\Scm\088482fa-65b8-4e17-9abf-1dcd48e8d373
| C:\Windows\System32\LogFiles\Scm\09f06bfe-a3c8-40e3-846a-6e6f4000c238
| C:\Windows\System32\LogFiles\Scm\1f7b7221-ae8f-44f3-ba82-f7d260f51964
| C:\Windows\System32\LogFiles\Scm\2470470f-2634-478e-b181-571e98a789bb
| C:\Windows\System32\LogFiles\Scm\28011108-68df-4c73-b91b-57427d501bba
| C:\Windows\System32\LogFiles\Scm\298cdadd-d48e-4112-be9e-e9ed547e2aee
| C:\Windows\System32\LogFiles\Scm\2dab9005-74e3-407f-860d-d935b340d7b9
| C:\Windows\System32\LogFiles\Scm\2f57269b-1e09-4e2d-ab1e-b0fdac7d279c
| C:\Windows\System32\LogFiles\Scm\35058198-90a3-4b6d-8717-ab5546e015a5
| C:\Windows\System32\LogFiles\Scm\35a742c1-2971-4943-a2e3-29ad462ffaac
| C:\Windows\System32\LogFiles\Scm\3acf76e4-f5df-431c-bea2-be70cf85ae6d
| C:\Windows\System32\LogFiles\Scm\448270b0-5154-498d-b24d-ae71e7db5927
| C:\Windows\System32\LogFiles\Scm\47536d45-eeec-4bdc-8183-a4dc1f8da9e4
| C:\Windows\System32\LogFiles\Scm\486d715e-6aa2-44cf-bc48-b6990cbb53c6
| C:\Windows\System32\LogFiles\Scm\4c8b01a2-11ff-4c41-848f-508ef4f00cf7
| C:\Windows\System32\LogFiles\Scm\4ed776a3-0ce3-4dfc-83c7-6be815de6774
| C:\Windows\System32\LogFiles\Scm\4ef9c94a-beb8-4886-8efb-6f8dc72de967
| C:\Windows\System32\LogFiles\Scm\53abc437-1b0b-41c8-bfa8-0949927b2cae
| C:\Windows\System32\LogFiles\Scm\55fdf64b-3c5a-49f4-9ec4-597b575ca285
| C:\Windows\System32\LogFiles\Scm\58d173d4-efe1-4b40-a09a-00ace4617bda
| C:\Windows\System32\LogFiles\Scm\5a40e926-9e86-4b89-9cfd-b12311724371
| C:\Windows\System32\LogFiles\Scm\5aad404a-5b17-4cfb-95b9-e79d5765deba
| C:\Windows\System32\LogFiles\Scm\5b42dd9c-5a26-4f27-bb95-34603f0997e5
| C:\Windows\System32\LogFiles\Scm\5c0aeeea-c154-45be-8499-bea5f11baff6
| C:\Windows\System32\LogFiles\Scm\5f5a18eb-dc73-4e45-a11c-b59043598412
| C:\Windows\System32\LogFiles\Scm\60c6872d-d8c5-4b88-8980-45d08f81447e
| C:\Windows\System32\LogFiles\Scm\613612ba-897d-44ce-8dc1-8fc283f9fd51
| C:\Windows\System32\LogFiles\Scm\66373db8-4a8d-49a8-88a9-7ac45a9257ae
| C:\Windows\System32\LogFiles\Scm\6738ba6e-ea75-4b6b-b8b8-71f0336dd8ef
| C:\Windows\System32\LogFiles\Scm\6a60187f-9bc5-4171-97f0-41c9b0b903a5
| C:\Windows\System32\LogFiles\Scm\72db7465-bc54-491b-a92a-4637a28c9bbf
| C:\Windows\System32\LogFiles\Scm\753c47ae-ec5e-44b3-95a9-2c8e553f0e39
| C:\Windows\System32\LogFiles\Scm\76028ab5-ac97-4f06-8327-7d5a47a19935
| C:\Windows\System32\LogFiles\Scm\7afcc0ca-7121-422a-ab45-b0e8d599ff08
| C:\Windows\System32\LogFiles\Scm\8019363d-bcad-4773-b90d-f17d42075cba
| C:\Windows\System32\LogFiles\Scm\81540b9f-b5bf-47eb-9c95-be195bf2c664
| C:\Windows\System32\LogFiles\Scm\834b2bc8-dafd-4d74-854d-17cf17cd4c48
| C:\Windows\System32\LogFiles\Scm\8d77a25d-fd6a-481a-b0d6-9678902cb9a5
| C:\Windows\System32\LogFiles\Scm\9435f817-fed2-454e-88cd-7f78fda62c48
| C:\Windows\System32\LogFiles\Scm\97d57fbc-b035-440c-88e7-9e676cd64057
| C:\Windows\System32\LogFiles\Scm\994c86ad-a929-4b2c-88a0-4e25a107a029
| C:\Windows\System32\LogFiles\Scm\9979cb83-103a-4105-9e5d-c74b0af6d198
| C:\Windows\System32\LogFiles\Scm\9ee88514-786b-4c6b-b761-ad00a3815399
| C:\Windows\System32\LogFiles\Scm\a35bb7a6-5f0c-4c9f-8450-2b3bed532d51
| C:\Windows\System32\LogFiles\Scm\a48cabbf-24c8-4b87-b00f-9261807c3b43
| C:\Windows\System32\LogFiles\Scm\a6af9377-77ce-47ab-ad7d-ec32cad0c82d
| C:\Windows\System32\LogFiles\Scm\a7c73732-9f11-4281-8d19-764d4ec9d94d
| C:\Windows\System32\LogFiles\Scm\abe81196-0aac-419a-993a-ca0f9fa7e738
| C:\Windows\System32\LogFiles\Scm\ac4e5acf-89f7-4220-ba21-81ee183975e2
| C:\Windows\System32\LogFiles\Scm\ac668097-4d6b-4093-ac14-014c09dbf820
| C:\Windows\System32\LogFiles\Scm\b0783751-afae-4bff-b02a-3c74bbadc98e
| C:\Windows\System32\LogFiles\Scm\b0cbab43-44fc-469b-a4ce-87426761fdce
| C:\Windows\System32\LogFiles\Scm\bb891099-3f04-45da-8dfa-066ab33b0f7d
| C:\Windows\System32\LogFiles\Scm\be669c13-8165-4536-96d0-6d6c39292aae
| C:\Windows\System32\LogFiles\Scm\c016366b-7126-46ca-b36b-592a3d95a60b
| C:\Windows\System32\LogFiles\Scm\c0f395f2-9715-4314-a840-2e6c417f6a32
| C:\Windows\System32\LogFiles\Scm\c52cb915-d09b-4e04-86c6-bd8c02355528
| C:\Windows\System32\LogFiles\Scm\c6429797-f491-4f5c-bd36-6ac08cf60d18
| C:\Windows\System32\LogFiles\Scm\ca4b8ff2-a4d2-4d88-a52e-3a5bdaf7f56e
| C:\Windows\System32\LogFiles\Scm\cb3d64bf-c0c9-45ff-bfb0-ff1a8f680186
| C:\Windows\System32\LogFiles\Scm\cee64558-e1a7-4d9d-80a7-2001912be5b5
| C:\Windows\System32\LogFiles\Scm\d0250f3f-6480-484f-b719-42f659ac64d5
| C:\Windows\System32\LogFiles\Scm\d2d3ba4d-b1c0-4009-be9d-b7d482e4c673
| C:\Windows\System32\LogFiles\Scm\d36a6395-30d2-442f-9bf2-e64100149394
| C:\Windows\System32\LogFiles\Scm\d7b6e81d-3cf4-432c-84d2-24213f4316e6
| C:\Windows\System32\LogFiles\Scm\da41de71-8431-42fb-9db0-eb64a961dead
| C:\Windows\System32\LogFiles\Scm\dd9f510c-95f4-499a-90c8-bac5bc372ff4
| C:\Windows\System32\LogFiles\Scm\e22a8667-f75b-4ba9-ba46-067ed4429de8
| C:\Windows\System32\LogFiles\Scm\e3163c33-301d-4730-a266-5518c5ed3967
| C:\Windows\System32\LogFiles\Scm\e8593985-a19b-4ad7-b60d-d1f5609e9dd2
| C:\Windows\System32\LogFiles\Scm\eaca24ff-236c-401d-a1e7-b3d5267b8a50
| C:\Windows\System32\LogFiles\Scm\eb02381f-d652-4b1c-894a-712498c62c51
| C:\Windows\System32\LogFiles\Scm\ee44f1bc-3a65-4249-bbac-f4deb17cdf61
| C:\Windows\System32\LogFiles\Scm\f2511bee-366d-49c8-bb06-d1d74aaae162
| C:\Windows\System32\LogFiles\Scm\fa2bc0a6-8d4b-458a-85c8-2b8c72487513
| C:\Windows\System32\LogFiles\Scm\fb3c354d-297a-4eb2-9b58-090f6361906b
| C:\Windows\System32\LogFiles\Scm\fdd56c73-f0d5-41b6-b767-6effd7966428
| C:\Windows\System32\LogFiles\Scm\SCM.EVM
| C:\Windows\System32\LogFiles\Scm\SCM.EVM.1
| C:\Windows\System32\LogFiles\Scm\SCM.EVM.2
| C:\Windows\System32\LogFiles\Scm\SCM.EVM.3
| C:\Windows\System32\LogFiles\Scm\SCM.EVM.4
| C:\Windows\Downloaded Program Files\avsniff.dll
| C:\Windows\Downloaded Program Files\avsniff.inf
| C:\Windows\Downloaded Program Files\avsniffdlgs.dll
| C:\Windows\Downloaded Program Files\CabSA.inf
| C:\Windows\Downloaded Program Files\catalog.dat
| C:\Windows\Downloaded Program Files\desktop.ini
| C:\Windows\Downloaded Program Files\ecbootil.vxd
| C:\Windows\Downloaded Program Files\ecmldr32.dll
| C:\Windows\Downloaded Program Files\ecmsvr32.dll
| C:\Windows\Downloaded Program Files\navapi.vxd
| C:\Windows\Downloaded Program Files\navapi32.dll
| C:\Windows\Downloaded Program Files\naveng32.dll
| C:\Windows\Downloaded Program Files\navex32a.dll
| C:\Windows\Downloaded Program Files\rufsi.dll
| C:\Windows\Downloaded Program Files\scrauth.dat
| C:\Windows\Downloaded Program Files\symaveng.cat
| C:\Windows\Downloaded Program Files\symaveng.inf
| C:\Windows\Downloaded Program Files\tcdefs.dat
| C:\Windows\Downloaded Program Files\tcscan7.dat
| C:\Windows\Downloaded Program Files\tcscan8.dat
| C:\Windows\Downloaded Program Files\tcscan9.dat
| C:\Windows\Downloaded Program Files\tinf.dat
| C:\Windows\Downloaded Program Files\tinfidx.dat
| C:\Windows\Downloaded Program Files\tinfl.dat
| C:\Windows\Downloaded Program Files\tscan1.dat
| C:\Windows\Downloaded Program Files\tscan1hd.dat
| C:\Windows\Downloaded Program Files\v.grd
| C:\Windows\Downloaded Program Files\v.sig
| C:\Windows\Downloaded Program Files\v1.sig
| C:\Windows\Downloaded Program Files\virscan.inf
| C:\Windows\Downloaded Program Files\virscan1.dat
| C:\Windows\Downloaded Program Files\virscan2.dat
| C:\Windows\Downloaded Program Files\virscan3.dat
| C:\Windows\Downloaded Program Files\virscan4.dat
| C:\Windows\Downloaded Program Files\virscan5.dat
| C:\Windows\Downloaded Program Files\virscan6.dat
| C:\Windows\Downloaded Program Files\virscan7.dat
| C:\Windows\Downloaded Program Files\virscan8.dat
| C:\Windows\Downloaded Program Files\virscan9.dat
| C:\Windows\Downloaded Program Files\virscant.dat
| C:\Windows\Downloaded Program Files\zdone.dat
| C:\Windows\SoftwareDistribution\Download\243163bf0db40854fe2c38a3293f15f9432c918e
| C:\Windows\SoftwareDistribution\Download\4529e7d60af20c6bc8694d8a57bee3386d026265
| C:\Windows\SoftwareDistribution\Download\4a08927ae0d06152a5b1fe91d90c633839a0247f
| C:\Windows\SoftwareDistribution\Download\8245713cfd2f2fb1ae4aae3c3297ac946de5fc3a
| C:\Windows\SoftwareDistribution\Download\99e8bd6c09d5f4985de3ca86e29823e992376913
| C:\Windows\SoftwareDistribution\Download\9b99b63ab2807a562e356d8b40f13b7d144b42fc
| C:\Windows\SoftwareDistribution\Download\c32277c1804faee9c28fe615ce355a46af0c795e
| C:\Windows\SoftwareDistribution\Download\ce35d584147d75dff24a9fb75eb571a42bfd6034
| C:\Windows\SoftwareDistribution\Download\d474e71b1252552eaffd1781cb999a4572d12de7
| C:\Windows\SoftwareDistribution\Download\d636b03d3557f33e6b92b51a894ee6875cf89991
| C:\Windows\SoftwareDistribution\Download\faeb024981e30d4cb4a721c539f58d52ff241178
| C:\Windows\SoftwareDistribution\DataStore\Logs\edb.chk
| C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log
| C:\Windows\SoftwareDistribution\DataStore\Logs\edb0008C.log
| C:\Windows\SoftwareDistribution\DataStore\Logs\edbres00001.jrs
| C:\Windows\SoftwareDistribution\DataStore\Logs\edbres00002.jrs
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_BFF3E82445C199812E8EC4CC74EA6FD4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\207B9FD92391B9B2A60A89B4C965D5DF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3130B1871A126520A8C47861EFE3ED4D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C3948BE6E525B8A8CEE9FAC91C9E392_5BEB6C6453DB87D996BDBC5D90D34AE1
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C3948BE6E525B8A8CEE9FAC91C9E392_652FAB956FD970290CE68A6C61ED6000
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4DD39726D4B55AC3B4119B35A893323C_109D983612043F6131CC62F7E16F02E2
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4DD39726D4B55AC3B4119B35A893323C_46CCCFB940A93F39A734F69EFCDD76E9
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\525B39202B00FC2CB492A52F5904BCC4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\570FB14ABC805C46708F32F92F10C3B4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AA3321A15A787985201D7A6820782F0_4E35DE6F4FCFB7BE2C045F6B5ED89FC8
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6B7AED56F69397028F35E77E6DD681FC
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7396C420A8E1BC1DA97F1AF0D10BAD21
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_4069BD6CA0A97DCB6D4110B1A16AB213
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_5442B1CAC753FE77C0664BB0A0BCD11E
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_58A75D3AF6B43E80AB845CA05C8B4D4C
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_62643C3D7610EB1451C92A91979C446D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_8102C2D9BECD09FCBB2BC1857DCCAD50
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_9F9BFC8B6A2458C04895FE7734305B2F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_D1C87655C8B2ADEEBD75AE3A885A9667
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_F08EE46315ADB8D0A692B6CEFEAB5DAA
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_F83C7FE3B4C0E08170A328B933ACE1EF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_D3DB95C0E7608ACC9AA10ACCCCEBBDF5
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\889847424549FBDB7D7C39B4F673A51B
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EDCF682921FE94F4A02A43CD1A28E6B
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_73E9BB9D60F879ECC43EB44CFB5C970E
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\955CAB6FF6A24D5820D50B5BA1CF79C7_0D0504E280D4BC90041F089A5D901106
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A1377F7115F1F126A15360369B165211
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B360E08E231C1F83EC47B8D294494BCD_838E85C4A57AA8724BC823D178E52D10
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B8CC409ACDBF2A2FE04C56F2875B1FD6
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD8A14C7C024625432CC03FE72E47EF0_409DEA81B7234F81C72B5F0F7668EA3F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD8A14C7C024625432CC03FE72E47EF0_B7F371B03858FD66603B77FF5E9331C7
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C554DCF706A5AAB8B360FAD227EAB9C7
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E7EC0C85688F4738F3BE49B104BA67
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0F063B6B88A2B8BFE21C3993A613447
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D41693DAFE5DEF0C36959FF1FCEF5C96
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D47DBD2F9E3365FBBE008D71FB06716F_835A2FD7EE5F1F37B7872C78D42A88BF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D725F3459E2275E9EA5871B92AD896D0
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DC2135CED98D8A4D7C0CEE202BB0B810
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2EF7F0FB7284B9ACFD4F65D02218479
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E48DDEA3BF68DF580551FA0F27950B54
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E7B158B31D45761A93C56C441E33DD68_892004AF7BB005B29B41BB95D0B8442D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F063BF7EF604434CBE00FF198F0D9B10
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F30B1DAC467EEB5A0EB57E5457CD952D_5FB0DDB3AA79F9EDA9226B63C372B406
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F4B372709D6C2AD766C34D274501DC76_516445E2D2E0044FF0510B085B354A0C
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F4B372709D6C2AD766C34D274501DC76_C08D897FBCD7D5D638FCD154D1404CBE
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F5DDD23C10ADFC584C14B5F413D80047_B6E937031D01EEBBBD0BCF0ED2C1A4FE
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F72943F1E01540BBACB5396C76DD6AAA
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F90F18257CBB4D84216AC1E1F3BB2C76
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_BFF3E82445C199812E8EC4CC74EA6FD4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\207B9FD92391B9B2A60A89B4C965D5DF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3130B1871A126520A8C47861EFE3ED4D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_5BEB6C6453DB87D996BDBC5D90D34AE1
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_652FAB956FD970290CE68A6C61ED6000
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4DD39726D4B55AC3B4119B35A893323C_109D983612043F6131CC62F7E16F02E2
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4DD39726D4B55AC3B4119B35A893323C_46CCCFB940A93F39A734F69EFCDD76E9
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\525B39202B00FC2CB492A52F5904BCC4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\570FB14ABC805C46708F32F92F10C3B4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AA3321A15A787985201D7A6820782F0_4E35DE6F4FCFB7BE2C045F6B5ED89FC8
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6B7AED56F69397028F35E77E6DD681FC
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7396C420A8E1BC1DA97F1AF0D10BAD21
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_4069BD6CA0A97DCB6D4110B1A16AB213
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_5442B1CAC753FE77C0664BB0A0BCD11E
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_58A75D3AF6B43E80AB845CA05C8B4D4C
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_62643C3D7610EB1451C92A91979C446D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_8102C2D9BECD09FCBB2BC1857DCCAD50
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_9F9BFC8B6A2458C04895FE7734305B2F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_D1C87655C8B2ADEEBD75AE3A885A9667
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_F08EE46315ADB8D0A692B6CEFEAB5DAA
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_F83C7FE3B4C0E08170A328B933ACE1EF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8890A77645B73478F5B1DED18ACBF795_D3DB95C0E7608ACC9AA10ACCCCEBBDF5
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\889847424549FBDB7D7C39B4F673A51B
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EDCF682921FE94F4A02A43CD1A28E6B
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_73E9BB9D60F879ECC43EB44CFB5C970E
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\955CAB6FF6A24D5820D50B5BA1CF79C7_0D0504E280D4BC90041F089A5D901106
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A1377F7115F1F126A15360369B165211
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B360E08E231C1F83EC47B8D294494BCD_838E85C4A57AA8724BC823D178E52D10
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B8CC409ACDBF2A2FE04C56F2875B1FD6
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD8A14C7C024625432CC03FE72E47EF0_409DEA81B7234F81C72B5F0F7668EA3F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD8A14C7C024625432CC03FE72E47EF0_B7F371B03858FD66603B77FF5E9331C7
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C554DCF706A5AAB8B360FAD227EAB9C7
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0F063B6B88A2B8BFE21C3993A613447
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D41693DAFE5DEF0C36959FF1FCEF5C96
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D47DBD2F9E3365FBBE008D71FB06716F_835A2FD7EE5F1F37B7872C78D42A88BF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D725F3459E2275E9EA5871B92AD896D0
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DC2135CED98D8A4D7C0CEE202BB0B810
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2EF7F0FB7284B9ACFD4F65D02218479
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E48DDEA3BF68DF580551FA0F27950B54
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7B158B31D45761A93C56C441E33DD68_892004AF7BB005B29B41BB95D0B8442D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F063BF7EF604434CBE00FF198F0D9B10
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F30B1DAC467EEB5A0EB57E5457CD952D_5FB0DDB3AA79F9EDA9226B63C372B406
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F4B372709D6C2AD766C34D274501DC76_516445E2D2E0044FF0510B085B354A0C
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F4B372709D6C2AD766C34D274501DC76_C08D897FBCD7D5D638FCD154D1404CBE
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F5DDD23C10ADFC584C14B5F413D80047_B6E937031D01EEBBBD0BCF0ED2C1A4FE
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F72943F1E01540BBACB5396C76DD6AAA
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F90F18257CBB4D84216AC1E1F3BB2C76
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601
| C:\Users\jonathan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\data_0
| C:\Users\jonathan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\data_1
| C:\Users\jonathan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\data_2
| C:\Users\jonathan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\data_3
| C:\Users\jonathan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\index
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\Ad-Report-CLEAN[1].txt.lnk
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\OS (C).lnk
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\ZHPDiag.txt.lnk
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Accessibility.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Annots.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Checkers.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_DVA.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_eBook.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_EScript.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_IA32.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_MakeAccessible.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Multimedia.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_PDDom.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.fra
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_ReadOutLoud.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_reflow.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_SaveAsRTF.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Search.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_SendMail.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Spelling.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Updater.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_weblink.FRA
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x00000000000002fb.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog.etl
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog_RunOnce.etl
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini
------- Dossiers
| C:\Users\jonathan\AppData\Local\Temp\acro_rd_dir
| C:\Users\jonathan\AppData\Local\Temp\Adobe
| C:\Users\jonathan\AppData\Local\Temp\IM
| C:\Users\jonathan\AppData\Local\Temp\ImInstaller
| C:\Users\jonathan\AppData\Local\Temp\Low
| C:\Users\jonathan\AppData\Local\Temp\MessengerCache
| C:\Users\jonathan\AppData\Local\Temp\nsy8BDC.tmp
| C:\Users\jonathan\AppData\Local\Temp\pftAB3E~tmp
| C:\Users\jonathan\AppData\Local\Temp\plugtmp
| C:\Users\jonathan\AppData\Local\Temp\WPDNSE
| C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\TEMPOR~1\Content.IE5
| C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\TEMPOR~1\Low
| C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\TEMPOR~1\Virtualized
| C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\Low
| C:\Windows\temp\bdcloud1
| C:\Windows\temp\bdcloud2
| C:\Windows\temp\bdcloud3
| C:\Windows\temp\bdcloud4
| C:\Windows\temp\PDFC
| C:\Windows\temp\tmp00003d7c
| C:\Windows\temp\tmp000048bd
| C:\Windows\temp\tmp00005309
| C:\Windows\temp\tmp00005e8b
| C:\Windows\temp\tmp00007243
| C:\Windows\Prefetch\ReadyBoot
| C:\Windows\SoftwareDistribution\Download\071741e3379d4324d5c6c3e7b5b64229
| C:\Windows\SoftwareDistribution\Download\20bef9980e8390eab8a4720ab1bc3fcd
| C:\Windows\SoftwareDistribution\Download\4e56bcfcee282b329bf19e17b87cc426
| C:\Windows\SoftwareDistribution\Download\5425efa3e92c9a944b8d58932958ef86
| C:\Windows\SoftwareDistribution\Download\5897ae6fd35f45f68727854f7b1c351f
| C:\Windows\SoftwareDistribution\Download\7ceb9f5ec2230e2456071d50251950c1
| C:\Windows\SoftwareDistribution\Download\7e3d057d74ed53035d2230de7858214b
| C:\Windows\SoftwareDistribution\Download\8bc6d879943fb1718924ceb00f627453
| C:\Windows\SoftwareDistribution\Download\8dc855a7e8bddc82e50feff1bc88dd3a
| C:\Windows\SoftwareDistribution\Download\968e06580b687df78cbd195b87455a3c
| C:\Windows\SoftwareDistribution\Download\aa6461df86644fd4d4a3a67161174812
| C:\Windows\SoftwareDistribution\Download\ad65f09d8b1893ca283175b0732ed3a1
| C:\Windows\SoftwareDistribution\Download\b2968b1a9f5050fe9c739a2682ef2477
| C:\Windows\SoftwareDistribution\Download\cc5d42ca6525ddbc83959194ef35c159
| C:\Windows\SoftwareDistribution\Download\cc96f140dc856fe7daa50b4711dbe11f
| C:\Windows\SoftwareDistribution\Download\d15ded8bfcbfdb16b91c1ef257f53514
| C:\Windows\SoftwareDistribution\Download\e88ee0ef970acca984f3aff3817bea85
| C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client
| C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Cookies\Low
| C:\ProgramData\NortonInstaller\Logs
| C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_0_f2bf2faebb16863c52b8bf3e67385e4c693ebbb_cab_152110c2
| C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_4096_512413fa493a552655cb658faff48fdb1287ee_cab_12fd0943
| C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_4096_9117c7566366c2169aa514f10301b50c9ab286d_cab_15896f74
| C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_Microsoft_ace0ef66f2537d0b636c4bfe0d72ee85951e66d_cab_0655ec03
| C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_Microsoft_d1a45ecabf92c4b4c3a9b20b76e28b9b58e97c0_cab_0665b808
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_WDFME.exe_9b317b191bfb52994f8eb62b618947bcafd112f7_05e8d74b
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_14d0ceb4
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.6.7600.256_d657698cc2203130accf771c18dbe77b92e59fa7_19c7d548
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.6.7600.256_f60d217b0ef5821ea0713c8e66188b7dbc489d_12889f1c
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_HostProblem_63d243f86ffd9b4f48349d5d4e79443953e03edb_076d1728
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_HostProblem_63d243f86ffd9b4f48349d5d4e79443953e03edb_1558aea6
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft_6f40523062edfe966f8ca4d255d7fbc3e228e1bf_0f7fee54
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft_7e24963e478127d8bf1ee82664f0299ee9b8cbc_0ac75f6e
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft_ace0ef66f2537d0b636c4bfe0d72ee85951e66d_16264105
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft_ace0ef66f2537d0b636c4bfe0d72ee85951e66d_1ac0fee7
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3IBDW9GL
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6CR8ER0X
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UNLT2H9X
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6XKZJWW
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_FlashPlayerPlugi_2d56e5a8b2f9f6254d963ca02f26cda8a13b_1aac8364
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_FlashPlayerPlugi_5dbbf95794afd112addec85663ef75f3ed7a1c0_086cca22
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_FlashPlayerPlugi_806945839ba276f680677bacea346eb742ca312_0fd8b3b8
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_FlashPlayerPlugi_806945839ba276f680677bacea346eb742ca312_117816b0
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_googleearth.exe_374d5efb690bd70f7eae250512cf098134ba237_15c1e58d
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_iexplore.exe_645a96fb434fbe14ca377082a119cb3a71cbc4_1be9cb1b
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_iexplore.exe_91d233eaeb1055e51d984baa40fe91385226abdc_0e720a2f
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_IncMail.exe_b05cd6c9e03311f84481938473b854411ca32cf_1b97903f
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_make_self_npdrm._b8822b1f5cabd85dd1e2298e33c6dc380806ce8_093e9443
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_make_self_npdrm._b8822b1f5cabd85dd1e2298e33c6dc380806ce8_1b35f23b
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_make_self_npdrm._b8822b1f5cabd85dd1e2298e33c6dc380806ce8_1bc55763
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_msnmsgr.exe_5e1aa53c1e46823fce4b93e251d1b4c13b2a9c_103fa039
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_msnmsgr.exe_a19e7e45669761b2d14c7bc84c2c18526dc056_11509dcb
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_PCCompanion.exe_fc5460bba1bf0ec6ff2fffeb4cbc25dfde_1775647c
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_ps3 autofix.exe_81dde50a5f8b6286985e1a14cb183268477a29_0593e494
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_PS3 Autofix.vsho_b29243b59b319c7c4bb7c43828f5532d158d6_068dfe2d
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor.exe_dd1fc4b798fa751dcbc7b32751080c5c4cd717b_14812ae6
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor2.exe_cf705f7ce9df58d3f8fe9137c8487f2464387675_1f30735e
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor2.exe_fdc223632e4e3d17f364db6db28dc9617e94a33_1279c084
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor2.exe_fdc223632e4e3d17f364db6db28dc9617e94a33_1b0b2484
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor2.exe_fdc223632e4e3d17f364db6db28dc9617e94a33_1bf00f01
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor2.exe_fdc223632e4e3d17f364db6db28dc9617e94a33_1c0af2bb
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_RSCenter2012.exe_f6d149eb9a5a8ce18b662af9ee4e3914886ac837_180195db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_RSCenter2012.exe_f6d149eb9a5a8ce18b662af9ee4e3914886ac837_19e2337e
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_RSCenter2012.exe_f8ed7112acc08932d843c4661c17087b895c58b_0b75eb68
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rundll32.exe_She_528d511e3f3afaafd3382fb5f14e0e0ae6a7587_13a9151d
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rundll32.exe_She_528d511e3f3afaafd3382fb5f14e0e0ae6a7587_14893e5e
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rundll32.exe_She_528d511e3f3afaafd3382fb5f14e0e0ae6a7587_1bfaa02c
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_Startme.exe_da51eed2a7ce4901592357fb5e36516afbf8
------- Informations logiciel
| Lancement : 17/10/2012 | 16:11:07
| Mis à jour : 03 / 10 / 2012
| Infos : https://www.security-helpzone.com/
| Scanné : 0
| Nettoyé : 1
------- Informations système
| jonathan (Admin)
| Windows 7 Home Premium (x64) Service Pack 1
| Intel(R) Core(TM) i5-2400S CPU @ 2.50GHz
| RAM 4.2 GO - 54%
------- Options [Nettoyage]
|X| Tuer tous les processus
|X| Logiciels
|X| Démarrage
|X| Registre
|X| Services
|X| Tâches
|x| Installeurs
|x| Mozilla Firefox
------- Processus
| atiesrxx.exe
| atieclxx.exe
| spoolsv.exe
| armsvc.exe
| ezSharedSvcHost.exe
| HPClientServices.exe
| HPDrvMntSvc.exe
| Jhi_service.exe
| mbamscheduler.exe
| pdfsvc.exe
| RadeonProSupport.exe
| sftvsa.exe
| tmInstall.exe
| WDDMService.exe
| WDFME.exe
| WDSC.exe
| taskhost.exe
| hpsysdrv.exe
| XBoxStat.exe
| RocketDock.exe
| TeaTimer.exe
| hpwuschd2.exe
| jusched.exe
| MOM.exe
| WLIDSVC.EXE
| HPAuto.exe
| WLIDSVCM.EXE
| SDWinSec.exe
| unsecapp.exe
| CVHSVC.EXE
| SearchIndexer.exe
| SearchProtocolHost.exe
| WUDFHost.exe
| IAStorIcon.exe
| HPSA_Service.exe
| IAStorDataMgrSvc.exe
| LMS.exe
| mbamgui.exe
| UNS.exe
| firefox.exe
| SearchFilterHost.exe
| taskhost.exe
| explorer.exe
------- Mozilla Firefox
|$| Mozilla Firefox est apte à être optimisé
------- Logiciels
|@| Ad-Remover par C_XX
|@| Polar Bowler
|@| Jewel Quest Solitaire
|@| Slingo Deluxe
|@| Virtual Villagers - The Secret City
|@| Cake Mania
|@| Bejeweled 2 Deluxe
|@| Chuzzle Deluxe
|@| Fishdom
|@| Update Installer for WildTangent Games App
|@| HiJackThis
|@| WildTangent Games App (HP Games)
|@| Spybot - Search & Destroy
------- Démarrage
|#| [Sidebar] : [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
|#| [Sidebar] : [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
------- Registre
| ContigFileAllocSize : "" -> "512"
| DisableAutoUpdate : "" -> "1"
| OptimizeComplete : "" -> "N"
| Enable : "" -> "N"
| HungAppTimeout : "" -> "2500"
| WaitToKillAppTimeout : "" -> "2500"
| MenuShowDelay : "400" -> "0"
| LowLevelHooksTimeout : "" -> "1000"
| AutoEndTasks : "" -> "1"
| SmoothScroll : "" -> "0x00000000"
| WaitToKillServiceTimeout : "12000" -> "0"
| Psched : "" -> "0"
| NoBestEffortLimit : "" -> "0"
| NoAutoRebootWithLoggedOnUsers : "" -> "1"
| NtfsDisable8dot3NameCreation : "2" -> "1"
| AlwaysUnloadDll : "" -> "1"
| EnableAutoLayout : "" -> "1"
| DisablePagingExecutive : "0" -> "1"
| LargeSystemCache : "0" -> "1"
| LastAccess : "7" -> "0"
| SizReqBuf : "" -> "65535"
------- Services
|M| Modules de génération de clés IKE et AuthIP - (IKEEXT)
|D| Télécopie - (Fax)
|D| GamesAppService - (GamesAppService)
|D| Windows Search - (WSearch)
|D| WebClient - (WebClient)
|D| Client DNS - (Dnscache)
|D| Stratégie de retrait de la carte à puce - (SCPolicySvc)
|D| Téléphonie - (TapiSrv)
|D| Service de rapport d'erreurs Windows - (WerSvc)
|D| Ouverture de session secondaire - (seclogon)
|D| Carte à puce - (SCardSvr)
|D| Gestion des clés et des certificats d'intégrité - (hkmsvc)
|D| Registre à distance - (RemoteRegistry)
|D| Service Panneau de saisie Tablet PC - (TabletInputService)
|D| Propagation du certificat - (CertPropSvc)
|D| Groupement de mise en réseau de pairs - (p2psvc)
|D| Client de suivi de lien distribué - (TrkWks)
|D| Interruption SNMP - (SNMPTRAP)
|D| Agent de protection d'accès réseau - (napagent)
|D| Gestionnaire d'identité réseau homologue - (p2pimsvc)
|D| Service Énumérateur d'appareil mobile - (WPDBusEnum)
------- Tâches planifiées
|&| Adobe Flash Player Updater.job
|&| GoogleUpdateTaskMachineCore.job
|&| GoogleUpdateTaskMachineUA.job
|&| GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000Core.job
|&| GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000UA.job
|&| HPCeeScheduleForJOHN-HP$.job
|&| HPCeeScheduleForjonathan.job
------- Installeurs
|*| C:\Users\jonathan\Desktop\DepannageRSRBR2012.exe
|*| C:\Users\jonathan\Desktop\four tout\Norton 2011 I.S v18.5.0.125 + [ 88 yr ] Crack\NIS-TW-30-18-5-0-125-FR.exe
|*| C:\Users\jonathan\Desktop\hd tv\data\proxy\privoxy.exe
|*| C:\Users\jonathan\Desktop\hd tv\data\rtmpdump\rtmpgw.exe
|*| C:\Users\jonathan\Desktop\PS3\ebootFIX.exe
|*| C:\Users\jonathan\Desktop\PS3\ebootMOD.exe
|*| C:\Users\jonathan\Desktop\PS3\elf_builder.exe
|*| C:\Users\jonathan\Desktop\PS3\make_self.exe
|*| C:\Users\jonathan\Desktop\PS3\make_self_npdrm.exe
|*| C:\Users\jonathan\Desktop\PS3\package_finalize.exe
|*| C:\Users\jonathan\Desktop\PS3\psn_package_npdrm.exe
|*| C:\Users\jonathan\Desktop\PS3\readself.exe
|*| C:\Users\jonathan\Desktop\PS3\self_rebuilder.exe
|*| C:\Users\jonathan\Desktop\PS3\unself.exe
|*| C:\Users\jonathan\Documents\MapSource_6163.exe
|*| C:\Users\jonathan\Downloads\Install_Pack_Group_R.exe
|*| C:\Users\jonathan\Downloads\Install_Pack_N4_S2000_2.exe
|*| C:\Users\jonathan\Downloads\Install_Pack_R3.exe
|*| C:\Users\jonathan\Downloads\jxpiinstall.exe
|*| C:\Users\jonathan\Downloads\Patch F1RTS 2012 V2.3(1).exe
|*| C:\Users\jonathan\Downloads\rFactor2_Build49_Setup(1).exe
|*| C:\Users\jonathan\Downloads\setup_chrispc_free_anonymous_proxy_3_10.exe
|*| C:\Users\jonathan\Downloads\RACE 07 ot Akella\Race '07 v1.0 [ENGLISH] Fixed EXE\Race07.exe
------- Commandes
| Données de sauvegarde SP1 supprimées
------- Fichiers
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\+DCGXQdyEX+0icFgXntxNA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\0fkKSgteu0wYoFQ0DElCFg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\0VRytCccK_1wO2ezpjGITw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\1GqClAVerOypYWCg2L0EpA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\1RLb6L2K+7Vf8+G98SlhLA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\1yy8uMP7NOmIm47Oe_F3xQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\282Em2VWSPSZhb00LIIcxQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\2tNxV6f65gIjINW0O8sSTg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\4De4YbYWA0jF5UWHLU7JHQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\4djZu+SKel5wciLUhNtulA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\4Kt8230ooWJtntVQDBLHag==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\5WVM62SXn5MTFfICCtphUw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\6CAIe8lD4yo6+6bPyCWSDA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\6vfYFXgXQEVqbtA1oszJ+g==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\7jusf+J9MlbIK7xWHr0Q2A==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\98tF2oj3Y9_u2J5uszhBCg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\c+Ef3rYyEvvJ+_GaAQPiyA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\e3ULFZEQ67RGK+FCuCUY0A==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\fQZExgrL71fcbICBmZ2AJA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\h5IjAgXry_HW0e8k+NtDCA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\H67v8uzy8ynNK3p9RXEMvQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\HDDRNcz00sY5YSg8doz7Bg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\Ht4hWqEOVd6rnClvfpeIDw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\ID8riu0jfJSzLexMkhkXqA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\IlVxTvMk21a4MiQg5+V47A==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\i_5x+hP04xlmvwyT1Nwq_g==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\k18JA3CAMuFn86F2W90xmA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\KeP6TzJmFBglSKljhvHpUw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\LXztDVWDJb8zEOj2Nc5V7g==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\nbz4xRSPMwzwqlWSuMFyXA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\o5Xv_FeOAPn+f2jZx5Vq5w==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\oZ8oFtog_v3F+9I7oIaNWg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\p6KtwLcAoZCDQRuqv9uJlA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\PgwWiqHJF8BYh+OyMSnnFA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\qUYekXPXluHgrtdWBCFuAg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\QVyJbojBTX9IF2Bu+euHKQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\qZMcFAYb1_D0TNFraICnxQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\s0KpgnGJv7p57E9tWKxCQw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\sFueylUDO6OVwB4uuF1ggA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\SK3gMXdbdq_ldl6r6+An3w==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\tc5t6HetjmAnv68gtwDH7w==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\upxe80ESC9ZvugJf1dxC4g==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\VMDF_eOgaOobsP6_cb9ynw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\WlK+jUh4tqGRH9uV6kpJbg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\XfWU+x3a8AgDA1lUWAm_Eg==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\xhBhMDqvU1rI8X_r1BXeJw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\xuQlfC12lgoBMEamK5eADQ==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\y4dQq_s+T+Mi3ACVEl1wXA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\YanO68LVIVUUjwj_pXbO1g==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\yOBvVko_XfkRdhBbZCjtKA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\YPW0pw89uOaHEYSDI0eiXA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\Z4U_YcuFTeqyV_bdnJpN9Q==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\zg3jfU33cAioyi_zw93ayA==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\jumpListCache\_EWzIheGBwUIaRnzP3QVaw==.ico
| C:\Users\jonathan\AppData\Local\Mozilla\Firefox\Profiles\fh98qhyi.default\startupcache\startupCache.4.little
| C:\Users\jonathan\AppData\Local\Temp\AdobeARM.log
| C:\Users\jonathan\AppData\Local\Temp\FXSAPIDebugLogFile.txt
| C:\Users\jonathan\AppData\Local\Temp\hrVlPmZd.exe.part
| C:\Users\jonathan\AppData\Local\Temp\ihQm6Kaf.exe.part
| C:\Users\jonathan\AppData\Local\Temp\jusched.log
| C:\Users\jonathan\AppData\Local\Temp\liste+des+engage+15-10-12.pdf
| C:\Users\jonathan\AppData\Local\Temp\mhe1p4Jh.exe.part
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20121017_103922487-Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-MSP0.txt
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20121017_103922487-MSI_vc_red.msi.txt
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20121017_103922487.html
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20121017_103903852-Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-MSP0.txt
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20121017_103903852-MSI_vc_red.msi.txt
| C:\Users\jonathan\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20121017_103903852.html
| C:\Users\jonathan\AppData\Local\Temp\nsi8BCB.tmp
| C:\Users\jonathan\AppData\Local\Temp\PDApp.log
| C:\Users\jonathan\AppData\Local\Temp\RlxSzU1t.exe.part
| C:\Users\jonathan\AppData\Local\Temp\Search.ico
| C:\Users\jonathan\AppData\Local\Temp\Setup Log 2012-10-16 #001.txt
| C:\Users\jonathan\AppData\Local\Temp\sEXrtVEd.exe.part
| C:\Users\jonathan\AppData\Local\Temp\TFRAD80.tmp
| C:\Users\jonathan\AppData\Local\Temp\TWAIN.LOG
| C:\Users\jonathan\AppData\Local\Temp\Twain001.Mtx
| C:\Users\jonathan\AppData\Local\Temp\Twunk001.MTX
| C:\Users\jonathan\AppData\Local\Temp\Twunk002.MTX
| C:\Users\jonathan\AppData\Local\Temp\Uninstall.ico
| C:\Users\jonathan\AppData\Local\Temp\~bd91D3.tmp
| C:\Users\jonathan\AppData\Local\Temp\~bd976F.tmp
| C:\Users\jonathan\AppData\Local\Temp\~bdB51B.tmp
| C:\Users\jonathan\AppData\Local\Temp\~DF5375D63D2C9441E8.TMP
| C:\Users\jonathan\AppData\Local\Temp\~DFB0EE5C6FB4988216.TMP
| C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\TEMPOR~1\desktop.ini
| C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
| C:\Windows\temp\lpksetup-20121017-155056-0.log
| C:\Windows\temp\~bd814F.tmp
| C:\Windows\temp\~bd995F.tmp
| C:\Windows\temp\~bdAC6.tmp
| C:\Windows\temp\~bdC2D2.tmp
| C:\Windows\temp\~bdEEA1.tmp
| C:\Windows\Prefetch\ADOBEARM.EXE-7105D3A2.pf
| C:\Windows\Prefetch\AERTSR64.EXE-F39C2310.pf
| C:\Windows\Prefetch\AgAppLaunch.db
| C:\Windows\Prefetch\AgCx_SC1.db
| C:\Windows\Prefetch\AgCx_SC1.db.trx
| C:\Windows\Prefetch\AgCx_SC4.db
| C:\Windows\Prefetch\AgGlFaultHistory.db
| C:\Windows\Prefetch\AgGlFgAppHistory.db
| C:\Windows\Prefetch\AgGlGlobalHistory.db
| C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1382284741-163664239-3392141310-1000.db
| C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1382284741-163664239-3392141310-1000.db
| C:\Windows\Prefetch\AgRobust.db
| C:\Windows\Prefetch\AIDA32.BIN-AC3C5538.pf
| C:\Windows\Prefetch\AIDA32.EXE-B8AE3C5D.pf
| C:\Windows\Prefetch\ATBROKER.EXE-2E15A492.pf
| C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf
| C:\Windows\Prefetch\BDAGENT.EXE-D444366C.pf
| C:\Windows\Prefetch\CCC.EXE-B637C9BF.pf
| C:\Windows\Prefetch\CLI.EXE-BB402402.pf
| C:\Windows\Prefetch\CLISTART.EXE-0F58A398.pf
| C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
| C:\Windows\Prefetch\CVHSVC.EXE-F0F061EE.pf
| C:\Windows\Prefetch\DEFMGR.EXE-30900847.pf
| C:\Windows\Prefetch\DIFX64.EXE-00695373.pf
| C:\Windows\Prefetch\DINOTIFY.EXE-35A869D6.pf
| C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf
| C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
| C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
| C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf
| C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf
| C:\Windows\Prefetch\DLLHOST.EXE-E7777CC4.pf
| C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf
| C:\Windows\Prefetch\DOWNLOADER.EXE-0954C326.pf
| C:\Windows\Prefetch\DRV64.EXE-E3BF9766.pf
| C:\Windows\Prefetch\DRV64.EXE-F3E56F13.pf
| C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf
| C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
| C:\Windows\Prefetch\DXWEBSETUP.EXE-C0BF3817.pf
| C:\Windows\Prefetch\DXWSETUP.EXE-18ED3310.pf
| C:\Windows\Prefetch\EVEREST-ULTIMATE_EVEREST_ULTI-D9308EB7.pf
| C:\Windows\Prefetch\EVEREST-ULTIMATE_EVEREST_ULTI-EBD7AF27.pf
| C:\Windows\Prefetch\EVEREST.EXE-EE82ED2A.pf
| C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
| C:\Windows\Prefetch\FIREFOX.EXE-18ACFCFF.pf
| C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_4_402_28-BD195051.pf
| C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf
| C:\Windows\Prefetch\GOOGLEUPDATE.EXE-935AA966.pf
| C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf
| C:\Windows\Prefetch\HECISERVER.EXE-27DA4210.pf
| C:\Windows\Prefetch\HPSA_SERVICE.EXE-AD6579F0.pf
| C:\Windows\Prefetch\HPSYSDRV.EXE-C93AA317.pf
| C:\Windows\Prefetch\HPWUSCHD2.EXE-DE9C9D03.pf
| C:\Windows\Prefetch\IATA_CD.EXE-ABA958F4.pf
| C:\Windows\Prefetch\IMAPP.EXE-3E2B42CA.pf
| C:\Windows\Prefetch\IMNOTFY.EXE-53DEA81D.pf
| C:\Windows\Prefetch\INCMAIL.EXE-F91AEC10.pf
| C:\Windows\Prefetch\INF_ALLOS_9.3.0.1021_PV.EXE-938410AC.pf
| C:\Windows\Prefetch\INSTALLUTIL.EXE-4B9F3C61.pf
| C:\Windows\Prefetch\INTELMEFWSERVICE.EXE-1AEA9A7F.pf
| C:\Windows\Prefetch\ISBEW64.EXE-2563689F.pf
| C:\Windows\Prefetch\ISBEW64.EXE-285D3F32.pf
| C:\Windows\Prefetch\ISBEW64.EXE-D7D40816.pf
| C:\Windows\Prefetch\JHI_SERVICE.EXE-6D19BDC1.pf
| C:\Windows\Prefetch\Layout.ini
| C:\Windows\Prefetch\LMS.EXE-8C70F87D.pf
| C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
| C:\Windows\Prefetch\MACONFSERVICE.EXE-96E7771B.pf
| C:\Windows\Prefetch\MBAMGUI.EXE-1CA97248.pf
| C:\Windows\Prefetch\MBAMSERVICE.EXE-B55DB80C.pf
| C:\Windows\Prefetch\MCSTUBUSER.EXE-C227BACB.pf
| C:\Windows\Prefetch\MDSCHED.EXE-349F1ED0.pf
| C:\Windows\Prefetch\MEI_ALLOS_8.1.0.1252_PV.EXE-BC5871F1.pf
| C:\Windows\Prefetch\MMC.EXE-E5EE3A89.pf
| C:\Windows\Prefetch\MMLOADDRV.EXE-4072A3B8.pf
| C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf
| C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
| C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf
| C:\Windows\Prefetch\MSIEXEC.EXE-E09A077A.pf
| C:\Windows\Prefetch\MYSTIFY.SCR-0667C0AF.pf
| C:\Windows\Prefetch\NGEN.EXE-3CFD6908.pf
| C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
| C:\Windows\Prefetch\OCCTPT4.3.1.EXE-4E2AFAC0.pf
| C:\Windows\Prefetch\PfSvPerfStats.bin
| C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-F1B02F03.pf
| C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-73BE9E78.pf
| C:\Windows\Prefetch\RAVBG64.EXE-44375395.pf
| C:\Windows\Prefetch\RAVCPL64.EXE-D6B4B613.pf
| C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf
| C:\Windows\Prefetch\RELPOST.EXE-D1F65AB5.pf
| C:\Windows\Prefetch\ROCKETDOCK.EXE-CC4B0B1B.pf
| C:\Windows\Prefetch\RTINSTALLER64.EXE-A5A8CDB4.pf
| C:\Windows\Prefetch\RTKNGUI64.EXE-211AE6DF.pf
| C:\Windows\Prefetch\RTLUPD64.EXE-353F2EF7.pf
| C:\Windows\Prefetch\RUNDLL32.EXE-02CC9EFF.pf
| C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf
| C:\Windows\Prefetch\RUNDLL32.EXE-A658638B.pf
| C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf
| C:\Windows\Prefetch\RUNONCE.EXE-0E293DD6.pf
| C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
| C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf
| C:\Windows\Prefetch\SDWINSEC.EXE-644A4D2D.pf
| C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
| C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf
| C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
| C:\Windows\Prefetch\SETUP.EXE-2399C267.pf
| C:\Windows\Prefetch\SETUP.EXE-34C3CFE4.pf
| C:\Windows\Prefetch\SETUP.EXE-5DBCA6C9.pf
| C:\Windows\Prefetch\SETUP.EXE-9F7E2CB4.pf
| C:\Windows\Prefetch\SETUP.EXE-B96CD595.pf
| C:\Windows\Prefetch\SETUP.EXE-C4BDB781.pf
| C:\Windows\Prefetch\SETUP.EXE-D404A8DF.pf
| C:\Windows\Prefetch\SFTLIST.EXE-83E2B9AC.pf
| C:\Windows\Prefetch\SPLWOW64.EXE-297C4568.pf
| C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf
| C:\Windows\Prefetch\SVCHOST.EXE-3AB35CA7.pf
| C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
| C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
| C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf
| C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-64B3993D.pf
| C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
| C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf
| C:\Windows\Prefetch\TEATIMER.EXE-BFF02B54.pf
| C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
| C:\Windows\Prefetch\UNS.EXE-E6E49771.pf
| C:\Windows\Prefetch\UPDATERSTARTUPUTILITY.EXE-E056967B.pf
| C:\Windows\Prefetch\UPDATESRV.EXE-35D4EC11.pf
| C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf
| C:\Windows\Prefetch\VCREDIST_X64.EXE-B117E931.pf
| C:\Windows\Prefetch\VCREDIST_X86.EXE-A2A840B5.pf
| C:\Windows\Prefetch\VISTA_WIN7_WIN8_R270(1).EXE-54C31BF7.pf
| C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
| C:\Windows\Prefetch\WERFAULT.EXE-37549B7E.pf
| C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf
| C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
| C:\Windows\Prefetch\WINRAR.EXE-94E7D80C.pf
| C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
| C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
| C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf
| C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf
| C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
| C:\Windows\Prefetch\XBOXSTAT.EXE-16DABDFB.pf
| C:\Windows\System32\LogFiles\Scm\042937cb-5476-4c2a-8480-c5e036578e2b
| C:\Windows\System32\LogFiles\Scm\044a6734-e90e-4f8f-b357-b2dc8ab3b5ec
| C:\Windows\System32\LogFiles\Scm\088482fa-65b8-4e17-9abf-1dcd48e8d373
| C:\Windows\System32\LogFiles\Scm\09f06bfe-a3c8-40e3-846a-6e6f4000c238
| C:\Windows\System32\LogFiles\Scm\1f7b7221-ae8f-44f3-ba82-f7d260f51964
| C:\Windows\System32\LogFiles\Scm\2470470f-2634-478e-b181-571e98a789bb
| C:\Windows\System32\LogFiles\Scm\28011108-68df-4c73-b91b-57427d501bba
| C:\Windows\System32\LogFiles\Scm\298cdadd-d48e-4112-be9e-e9ed547e2aee
| C:\Windows\System32\LogFiles\Scm\2dab9005-74e3-407f-860d-d935b340d7b9
| C:\Windows\System32\LogFiles\Scm\2f57269b-1e09-4e2d-ab1e-b0fdac7d279c
| C:\Windows\System32\LogFiles\Scm\35058198-90a3-4b6d-8717-ab5546e015a5
| C:\Windows\System32\LogFiles\Scm\35a742c1-2971-4943-a2e3-29ad462ffaac
| C:\Windows\System32\LogFiles\Scm\3acf76e4-f5df-431c-bea2-be70cf85ae6d
| C:\Windows\System32\LogFiles\Scm\448270b0-5154-498d-b24d-ae71e7db5927
| C:\Windows\System32\LogFiles\Scm\47536d45-eeec-4bdc-8183-a4dc1f8da9e4
| C:\Windows\System32\LogFiles\Scm\486d715e-6aa2-44cf-bc48-b6990cbb53c6
| C:\Windows\System32\LogFiles\Scm\4c8b01a2-11ff-4c41-848f-508ef4f00cf7
| C:\Windows\System32\LogFiles\Scm\4ed776a3-0ce3-4dfc-83c7-6be815de6774
| C:\Windows\System32\LogFiles\Scm\4ef9c94a-beb8-4886-8efb-6f8dc72de967
| C:\Windows\System32\LogFiles\Scm\53abc437-1b0b-41c8-bfa8-0949927b2cae
| C:\Windows\System32\LogFiles\Scm\55fdf64b-3c5a-49f4-9ec4-597b575ca285
| C:\Windows\System32\LogFiles\Scm\58d173d4-efe1-4b40-a09a-00ace4617bda
| C:\Windows\System32\LogFiles\Scm\5a40e926-9e86-4b89-9cfd-b12311724371
| C:\Windows\System32\LogFiles\Scm\5aad404a-5b17-4cfb-95b9-e79d5765deba
| C:\Windows\System32\LogFiles\Scm\5b42dd9c-5a26-4f27-bb95-34603f0997e5
| C:\Windows\System32\LogFiles\Scm\5c0aeeea-c154-45be-8499-bea5f11baff6
| C:\Windows\System32\LogFiles\Scm\5f5a18eb-dc73-4e45-a11c-b59043598412
| C:\Windows\System32\LogFiles\Scm\60c6872d-d8c5-4b88-8980-45d08f81447e
| C:\Windows\System32\LogFiles\Scm\613612ba-897d-44ce-8dc1-8fc283f9fd51
| C:\Windows\System32\LogFiles\Scm\66373db8-4a8d-49a8-88a9-7ac45a9257ae
| C:\Windows\System32\LogFiles\Scm\6738ba6e-ea75-4b6b-b8b8-71f0336dd8ef
| C:\Windows\System32\LogFiles\Scm\6a60187f-9bc5-4171-97f0-41c9b0b903a5
| C:\Windows\System32\LogFiles\Scm\72db7465-bc54-491b-a92a-4637a28c9bbf
| C:\Windows\System32\LogFiles\Scm\753c47ae-ec5e-44b3-95a9-2c8e553f0e39
| C:\Windows\System32\LogFiles\Scm\76028ab5-ac97-4f06-8327-7d5a47a19935
| C:\Windows\System32\LogFiles\Scm\7afcc0ca-7121-422a-ab45-b0e8d599ff08
| C:\Windows\System32\LogFiles\Scm\8019363d-bcad-4773-b90d-f17d42075cba
| C:\Windows\System32\LogFiles\Scm\81540b9f-b5bf-47eb-9c95-be195bf2c664
| C:\Windows\System32\LogFiles\Scm\834b2bc8-dafd-4d74-854d-17cf17cd4c48
| C:\Windows\System32\LogFiles\Scm\8d77a25d-fd6a-481a-b0d6-9678902cb9a5
| C:\Windows\System32\LogFiles\Scm\9435f817-fed2-454e-88cd-7f78fda62c48
| C:\Windows\System32\LogFiles\Scm\97d57fbc-b035-440c-88e7-9e676cd64057
| C:\Windows\System32\LogFiles\Scm\994c86ad-a929-4b2c-88a0-4e25a107a029
| C:\Windows\System32\LogFiles\Scm\9979cb83-103a-4105-9e5d-c74b0af6d198
| C:\Windows\System32\LogFiles\Scm\9ee88514-786b-4c6b-b761-ad00a3815399
| C:\Windows\System32\LogFiles\Scm\a35bb7a6-5f0c-4c9f-8450-2b3bed532d51
| C:\Windows\System32\LogFiles\Scm\a48cabbf-24c8-4b87-b00f-9261807c3b43
| C:\Windows\System32\LogFiles\Scm\a6af9377-77ce-47ab-ad7d-ec32cad0c82d
| C:\Windows\System32\LogFiles\Scm\a7c73732-9f11-4281-8d19-764d4ec9d94d
| C:\Windows\System32\LogFiles\Scm\abe81196-0aac-419a-993a-ca0f9fa7e738
| C:\Windows\System32\LogFiles\Scm\ac4e5acf-89f7-4220-ba21-81ee183975e2
| C:\Windows\System32\LogFiles\Scm\ac668097-4d6b-4093-ac14-014c09dbf820
| C:\Windows\System32\LogFiles\Scm\b0783751-afae-4bff-b02a-3c74bbadc98e
| C:\Windows\System32\LogFiles\Scm\b0cbab43-44fc-469b-a4ce-87426761fdce
| C:\Windows\System32\LogFiles\Scm\bb891099-3f04-45da-8dfa-066ab33b0f7d
| C:\Windows\System32\LogFiles\Scm\be669c13-8165-4536-96d0-6d6c39292aae
| C:\Windows\System32\LogFiles\Scm\c016366b-7126-46ca-b36b-592a3d95a60b
| C:\Windows\System32\LogFiles\Scm\c0f395f2-9715-4314-a840-2e6c417f6a32
| C:\Windows\System32\LogFiles\Scm\c52cb915-d09b-4e04-86c6-bd8c02355528
| C:\Windows\System32\LogFiles\Scm\c6429797-f491-4f5c-bd36-6ac08cf60d18
| C:\Windows\System32\LogFiles\Scm\ca4b8ff2-a4d2-4d88-a52e-3a5bdaf7f56e
| C:\Windows\System32\LogFiles\Scm\cb3d64bf-c0c9-45ff-bfb0-ff1a8f680186
| C:\Windows\System32\LogFiles\Scm\cee64558-e1a7-4d9d-80a7-2001912be5b5
| C:\Windows\System32\LogFiles\Scm\d0250f3f-6480-484f-b719-42f659ac64d5
| C:\Windows\System32\LogFiles\Scm\d2d3ba4d-b1c0-4009-be9d-b7d482e4c673
| C:\Windows\System32\LogFiles\Scm\d36a6395-30d2-442f-9bf2-e64100149394
| C:\Windows\System32\LogFiles\Scm\d7b6e81d-3cf4-432c-84d2-24213f4316e6
| C:\Windows\System32\LogFiles\Scm\da41de71-8431-42fb-9db0-eb64a961dead
| C:\Windows\System32\LogFiles\Scm\dd9f510c-95f4-499a-90c8-bac5bc372ff4
| C:\Windows\System32\LogFiles\Scm\e22a8667-f75b-4ba9-ba46-067ed4429de8
| C:\Windows\System32\LogFiles\Scm\e3163c33-301d-4730-a266-5518c5ed3967
| C:\Windows\System32\LogFiles\Scm\e8593985-a19b-4ad7-b60d-d1f5609e9dd2
| C:\Windows\System32\LogFiles\Scm\eaca24ff-236c-401d-a1e7-b3d5267b8a50
| C:\Windows\System32\LogFiles\Scm\eb02381f-d652-4b1c-894a-712498c62c51
| C:\Windows\System32\LogFiles\Scm\ee44f1bc-3a65-4249-bbac-f4deb17cdf61
| C:\Windows\System32\LogFiles\Scm\f2511bee-366d-49c8-bb06-d1d74aaae162
| C:\Windows\System32\LogFiles\Scm\fa2bc0a6-8d4b-458a-85c8-2b8c72487513
| C:\Windows\System32\LogFiles\Scm\fb3c354d-297a-4eb2-9b58-090f6361906b
| C:\Windows\System32\LogFiles\Scm\fdd56c73-f0d5-41b6-b767-6effd7966428
| C:\Windows\System32\LogFiles\Scm\SCM.EVM
| C:\Windows\System32\LogFiles\Scm\SCM.EVM.1
| C:\Windows\System32\LogFiles\Scm\SCM.EVM.2
| C:\Windows\System32\LogFiles\Scm\SCM.EVM.3
| C:\Windows\System32\LogFiles\Scm\SCM.EVM.4
| C:\Windows\Downloaded Program Files\avsniff.dll
| C:\Windows\Downloaded Program Files\avsniff.inf
| C:\Windows\Downloaded Program Files\avsniffdlgs.dll
| C:\Windows\Downloaded Program Files\CabSA.inf
| C:\Windows\Downloaded Program Files\catalog.dat
| C:\Windows\Downloaded Program Files\desktop.ini
| C:\Windows\Downloaded Program Files\ecbootil.vxd
| C:\Windows\Downloaded Program Files\ecmldr32.dll
| C:\Windows\Downloaded Program Files\ecmsvr32.dll
| C:\Windows\Downloaded Program Files\navapi.vxd
| C:\Windows\Downloaded Program Files\navapi32.dll
| C:\Windows\Downloaded Program Files\naveng32.dll
| C:\Windows\Downloaded Program Files\navex32a.dll
| C:\Windows\Downloaded Program Files\rufsi.dll
| C:\Windows\Downloaded Program Files\scrauth.dat
| C:\Windows\Downloaded Program Files\symaveng.cat
| C:\Windows\Downloaded Program Files\symaveng.inf
| C:\Windows\Downloaded Program Files\tcdefs.dat
| C:\Windows\Downloaded Program Files\tcscan7.dat
| C:\Windows\Downloaded Program Files\tcscan8.dat
| C:\Windows\Downloaded Program Files\tcscan9.dat
| C:\Windows\Downloaded Program Files\tinf.dat
| C:\Windows\Downloaded Program Files\tinfidx.dat
| C:\Windows\Downloaded Program Files\tinfl.dat
| C:\Windows\Downloaded Program Files\tscan1.dat
| C:\Windows\Downloaded Program Files\tscan1hd.dat
| C:\Windows\Downloaded Program Files\v.grd
| C:\Windows\Downloaded Program Files\v.sig
| C:\Windows\Downloaded Program Files\v1.sig
| C:\Windows\Downloaded Program Files\virscan.inf
| C:\Windows\Downloaded Program Files\virscan1.dat
| C:\Windows\Downloaded Program Files\virscan2.dat
| C:\Windows\Downloaded Program Files\virscan3.dat
| C:\Windows\Downloaded Program Files\virscan4.dat
| C:\Windows\Downloaded Program Files\virscan5.dat
| C:\Windows\Downloaded Program Files\virscan6.dat
| C:\Windows\Downloaded Program Files\virscan7.dat
| C:\Windows\Downloaded Program Files\virscan8.dat
| C:\Windows\Downloaded Program Files\virscan9.dat
| C:\Windows\Downloaded Program Files\virscant.dat
| C:\Windows\Downloaded Program Files\zdone.dat
| C:\Windows\SoftwareDistribution\Download\243163bf0db40854fe2c38a3293f15f9432c918e
| C:\Windows\SoftwareDistribution\Download\4529e7d60af20c6bc8694d8a57bee3386d026265
| C:\Windows\SoftwareDistribution\Download\4a08927ae0d06152a5b1fe91d90c633839a0247f
| C:\Windows\SoftwareDistribution\Download\8245713cfd2f2fb1ae4aae3c3297ac946de5fc3a
| C:\Windows\SoftwareDistribution\Download\99e8bd6c09d5f4985de3ca86e29823e992376913
| C:\Windows\SoftwareDistribution\Download\9b99b63ab2807a562e356d8b40f13b7d144b42fc
| C:\Windows\SoftwareDistribution\Download\c32277c1804faee9c28fe615ce355a46af0c795e
| C:\Windows\SoftwareDistribution\Download\ce35d584147d75dff24a9fb75eb571a42bfd6034
| C:\Windows\SoftwareDistribution\Download\d474e71b1252552eaffd1781cb999a4572d12de7
| C:\Windows\SoftwareDistribution\Download\d636b03d3557f33e6b92b51a894ee6875cf89991
| C:\Windows\SoftwareDistribution\Download\faeb024981e30d4cb4a721c539f58d52ff241178
| C:\Windows\SoftwareDistribution\DataStore\Logs\edb.chk
| C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log
| C:\Windows\SoftwareDistribution\DataStore\Logs\edb0008C.log
| C:\Windows\SoftwareDistribution\DataStore\Logs\edbres00001.jrs
| C:\Windows\SoftwareDistribution\DataStore\Logs\edbres00002.jrs
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\130ADF60D1B7B3CF82CC6CA82D961601_BFF3E82445C199812E8EC4CC74EA6FD4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\207B9FD92391B9B2A60A89B4C965D5DF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3130B1871A126520A8C47861EFE3ED4D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C3948BE6E525B8A8CEE9FAC91C9E392_5BEB6C6453DB87D996BDBC5D90D34AE1
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C3948BE6E525B8A8CEE9FAC91C9E392_652FAB956FD970290CE68A6C61ED6000
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4DD39726D4B55AC3B4119B35A893323C_109D983612043F6131CC62F7E16F02E2
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4DD39726D4B55AC3B4119B35A893323C_46CCCFB940A93F39A734F69EFCDD76E9
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\525B39202B00FC2CB492A52F5904BCC4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\570FB14ABC805C46708F32F92F10C3B4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AA3321A15A787985201D7A6820782F0_4E35DE6F4FCFB7BE2C045F6B5ED89FC8
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6B7AED56F69397028F35E77E6DD681FC
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7396C420A8E1BC1DA97F1AF0D10BAD21
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_4069BD6CA0A97DCB6D4110B1A16AB213
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_5442B1CAC753FE77C0664BB0A0BCD11E
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_58A75D3AF6B43E80AB845CA05C8B4D4C
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_62643C3D7610EB1451C92A91979C446D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_8102C2D9BECD09FCBB2BC1857DCCAD50
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_9F9BFC8B6A2458C04895FE7734305B2F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_D1C87655C8B2ADEEBD75AE3A885A9667
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_F08EE46315ADB8D0A692B6CEFEAB5DAA
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_F83C7FE3B4C0E08170A328B933ACE1EF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_D3DB95C0E7608ACC9AA10ACCCCEBBDF5
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\889847424549FBDB7D7C39B4F673A51B
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EDCF682921FE94F4A02A43CD1A28E6B
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\91ECFED5143F7F4F4576655D8EFAB51C_73E9BB9D60F879ECC43EB44CFB5C970E
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\955CAB6FF6A24D5820D50B5BA1CF79C7_0D0504E280D4BC90041F089A5D901106
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A1377F7115F1F126A15360369B165211
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B360E08E231C1F83EC47B8D294494BCD_838E85C4A57AA8724BC823D178E52D10
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B8CC409ACDBF2A2FE04C56F2875B1FD6
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD8A14C7C024625432CC03FE72E47EF0_409DEA81B7234F81C72B5F0F7668EA3F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD8A14C7C024625432CC03FE72E47EF0_B7F371B03858FD66603B77FF5E9331C7
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C554DCF706A5AAB8B360FAD227EAB9C7
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E7EC0C85688F4738F3BE49B104BA67
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0F063B6B88A2B8BFE21C3993A613447
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D41693DAFE5DEF0C36959FF1FCEF5C96
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D47DBD2F9E3365FBBE008D71FB06716F_835A2FD7EE5F1F37B7872C78D42A88BF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D725F3459E2275E9EA5871B92AD896D0
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DC2135CED98D8A4D7C0CEE202BB0B810
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2EF7F0FB7284B9ACFD4F65D02218479
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E48DDEA3BF68DF580551FA0F27950B54
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E7B158B31D45761A93C56C441E33DD68_892004AF7BB005B29B41BB95D0B8442D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F063BF7EF604434CBE00FF198F0D9B10
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F30B1DAC467EEB5A0EB57E5457CD952D_5FB0DDB3AA79F9EDA9226B63C372B406
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F4B372709D6C2AD766C34D274501DC76_516445E2D2E0044FF0510B085B354A0C
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F4B372709D6C2AD766C34D274501DC76_C08D897FBCD7D5D638FCD154D1404CBE
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F5DDD23C10ADFC584C14B5F413D80047_B6E937031D01EEBBBD0BCF0ED2C1A4FE
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F72943F1E01540BBACB5396C76DD6AAA
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F90F18257CBB4D84216AC1E1F3BB2C76
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\130ADF60D1B7B3CF82CC6CA82D961601_BFF3E82445C199812E8EC4CC74EA6FD4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\207B9FD92391B9B2A60A89B4C965D5DF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3130B1871A126520A8C47861EFE3ED4D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_5BEB6C6453DB87D996BDBC5D90D34AE1
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C3948BE6E525B8A8CEE9FAC91C9E392_652FAB956FD970290CE68A6C61ED6000
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4DD39726D4B55AC3B4119B35A893323C_109D983612043F6131CC62F7E16F02E2
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4DD39726D4B55AC3B4119B35A893323C_46CCCFB940A93F39A734F69EFCDD76E9
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\525B39202B00FC2CB492A52F5904BCC4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\570FB14ABC805C46708F32F92F10C3B4
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AA3321A15A787985201D7A6820782F0_4E35DE6F4FCFB7BE2C045F6B5ED89FC8
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6B7AED56F69397028F35E77E6DD681FC
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7396C420A8E1BC1DA97F1AF0D10BAD21
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_4069BD6CA0A97DCB6D4110B1A16AB213
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_5442B1CAC753FE77C0664BB0A0BCD11E
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_58A75D3AF6B43E80AB845CA05C8B4D4C
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_62643C3D7610EB1451C92A91979C446D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_8102C2D9BECD09FCBB2BC1857DCCAD50
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_9F9BFC8B6A2458C04895FE7734305B2F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_D1C87655C8B2ADEEBD75AE3A885A9667
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_F08EE46315ADB8D0A692B6CEFEAB5DAA
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7B8944BA8AD0EFDF0E01A43EF62BECD0_F83C7FE3B4C0E08170A328B933ACE1EF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8890A77645B73478F5B1DED18ACBF795_D3DB95C0E7608ACC9AA10ACCCCEBBDF5
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\889847424549FBDB7D7C39B4F673A51B
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EDCF682921FE94F4A02A43CD1A28E6B
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\91ECFED5143F7F4F4576655D8EFAB51C_73E9BB9D60F879ECC43EB44CFB5C970E
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\955CAB6FF6A24D5820D50B5BA1CF79C7_0D0504E280D4BC90041F089A5D901106
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A1377F7115F1F126A15360369B165211
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B360E08E231C1F83EC47B8D294494BCD_838E85C4A57AA8724BC823D178E52D10
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B8CC409ACDBF2A2FE04C56F2875B1FD6
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD8A14C7C024625432CC03FE72E47EF0_409DEA81B7234F81C72B5F0F7668EA3F
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD8A14C7C024625432CC03FE72E47EF0_B7F371B03858FD66603B77FF5E9331C7
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C554DCF706A5AAB8B360FAD227EAB9C7
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E7EC0C85688F4738F3BE49B104BA67
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0F063B6B88A2B8BFE21C3993A613447
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D41693DAFE5DEF0C36959FF1FCEF5C96
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D47DBD2F9E3365FBBE008D71FB06716F_835A2FD7EE5F1F37B7872C78D42A88BF
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D725F3459E2275E9EA5871B92AD896D0
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DC2135CED98D8A4D7C0CEE202BB0B810
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2EF7F0FB7284B9ACFD4F65D02218479
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E48DDEA3BF68DF580551FA0F27950B54
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E7B158B31D45761A93C56C441E33DD68_892004AF7BB005B29B41BB95D0B8442D
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F063BF7EF604434CBE00FF198F0D9B10
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F30B1DAC467EEB5A0EB57E5457CD952D_5FB0DDB3AA79F9EDA9226B63C372B406
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F4B372709D6C2AD766C34D274501DC76_516445E2D2E0044FF0510B085B354A0C
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F4B372709D6C2AD766C34D274501DC76_C08D897FBCD7D5D638FCD154D1404CBE
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F5DDD23C10ADFC584C14B5F413D80047_B6E937031D01EEBBBD0BCF0ED2C1A4FE
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F72943F1E01540BBACB5396C76DD6AAA
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F90F18257CBB4D84216AC1E1F3BB2C76
| C:\Users\jonathan\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601
| C:\Users\jonathan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\data_0
| C:\Users\jonathan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\data_1
| C:\Users\jonathan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\data_2
| C:\Users\jonathan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\data_3
| C:\Users\jonathan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\index
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\Ad-Report-CLEAN[1].txt.lnk
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\OS (C).lnk
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\ZHPDiag.txt.lnk
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Accessibility.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Annots.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Checkers.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_DVA.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_eBook.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_EScript.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_IA32.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_MakeAccessible.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Multimedia.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_PDDom.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.fra
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_ReadOutLoud.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_reflow.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_SaveAsRTF.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Search.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_SendMail.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Spelling.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_Updater.FRA
| C:\Users\jonathan\AppData\Local\\Adobe\Acrobat\10.0\Cache\RdLang_weblink.FRA
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x00000000000002fb.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog.etl
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog_RunOnce.etl
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini
------- Dossiers
| C:\Users\jonathan\AppData\Local\Temp\acro_rd_dir
| C:\Users\jonathan\AppData\Local\Temp\Adobe
| C:\Users\jonathan\AppData\Local\Temp\IM
| C:\Users\jonathan\AppData\Local\Temp\ImInstaller
| C:\Users\jonathan\AppData\Local\Temp\Low
| C:\Users\jonathan\AppData\Local\Temp\MessengerCache
| C:\Users\jonathan\AppData\Local\Temp\nsy8BDC.tmp
| C:\Users\jonathan\AppData\Local\Temp\pftAB3E~tmp
| C:\Users\jonathan\AppData\Local\Temp\plugtmp
| C:\Users\jonathan\AppData\Local\Temp\WPDNSE
| C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\TEMPOR~1\Content.IE5
| C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\TEMPOR~1\Low
| C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\TEMPOR~1\Virtualized
| C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\Low
| C:\Windows\temp\bdcloud1
| C:\Windows\temp\bdcloud2
| C:\Windows\temp\bdcloud3
| C:\Windows\temp\bdcloud4
| C:\Windows\temp\PDFC
| C:\Windows\temp\tmp00003d7c
| C:\Windows\temp\tmp000048bd
| C:\Windows\temp\tmp00005309
| C:\Windows\temp\tmp00005e8b
| C:\Windows\temp\tmp00007243
| C:\Windows\Prefetch\ReadyBoot
| C:\Windows\SoftwareDistribution\Download\071741e3379d4324d5c6c3e7b5b64229
| C:\Windows\SoftwareDistribution\Download\20bef9980e8390eab8a4720ab1bc3fcd
| C:\Windows\SoftwareDistribution\Download\4e56bcfcee282b329bf19e17b87cc426
| C:\Windows\SoftwareDistribution\Download\5425efa3e92c9a944b8d58932958ef86
| C:\Windows\SoftwareDistribution\Download\5897ae6fd35f45f68727854f7b1c351f
| C:\Windows\SoftwareDistribution\Download\7ceb9f5ec2230e2456071d50251950c1
| C:\Windows\SoftwareDistribution\Download\7e3d057d74ed53035d2230de7858214b
| C:\Windows\SoftwareDistribution\Download\8bc6d879943fb1718924ceb00f627453
| C:\Windows\SoftwareDistribution\Download\8dc855a7e8bddc82e50feff1bc88dd3a
| C:\Windows\SoftwareDistribution\Download\968e06580b687df78cbd195b87455a3c
| C:\Windows\SoftwareDistribution\Download\aa6461df86644fd4d4a3a67161174812
| C:\Windows\SoftwareDistribution\Download\ad65f09d8b1893ca283175b0732ed3a1
| C:\Windows\SoftwareDistribution\Download\b2968b1a9f5050fe9c739a2682ef2477
| C:\Windows\SoftwareDistribution\Download\cc5d42ca6525ddbc83959194ef35c159
| C:\Windows\SoftwareDistribution\Download\cc96f140dc856fe7daa50b4711dbe11f
| C:\Windows\SoftwareDistribution\Download\d15ded8bfcbfdb16b91c1ef257f53514
| C:\Windows\SoftwareDistribution\Download\e88ee0ef970acca984f3aff3817bea85
| C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client
| C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations
| C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Cookies\Low
| C:\ProgramData\NortonInstaller\Logs
| C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_0_f2bf2faebb16863c52b8bf3e67385e4c693ebbb_cab_152110c2
| C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_4096_512413fa493a552655cb658faff48fdb1287ee_cab_12fd0943
| C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_4096_9117c7566366c2169aa514f10301b50c9ab286d_cab_15896f74
| C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_Microsoft_ace0ef66f2537d0b636c4bfe0d72ee85951e66d_cab_0655ec03
| C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_Microsoft_d1a45ecabf92c4b4c3a9b20b76e28b9b58e97c0_cab_0665b808
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_WDFME.exe_9b317b191bfb52994f8eb62b618947bcafd112f7_05e8d74b
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_14d0ceb4
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.6.7600.256_d657698cc2203130accf771c18dbe77b92e59fa7_19c7d548
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.6.7600.256_f60d217b0ef5821ea0713c8e66188b7dbc489d_12889f1c
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_HostProblem_63d243f86ffd9b4f48349d5d4e79443953e03edb_076d1728
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_HostProblem_63d243f86ffd9b4f48349d5d4e79443953e03edb_1558aea6
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft_6f40523062edfe966f8ca4d255d7fbc3e228e1bf_0f7fee54
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft_7e24963e478127d8bf1ee82664f0299ee9b8cbc_0ac75f6e
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft_ace0ef66f2537d0b636c4bfe0d72ee85951e66d_16264105
| C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft_ace0ef66f2537d0b636c4bfe0d72ee85951e66d_1ac0fee7
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3IBDW9GL
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6CR8ER0X
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UNLT2H9X
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6XKZJWW
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_FlashPlayerPlugi_2d56e5a8b2f9f6254d963ca02f26cda8a13b_1aac8364
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_FlashPlayerPlugi_5dbbf95794afd112addec85663ef75f3ed7a1c0_086cca22
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_FlashPlayerPlugi_806945839ba276f680677bacea346eb742ca312_0fd8b3b8
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_FlashPlayerPlugi_806945839ba276f680677bacea346eb742ca312_117816b0
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_googleearth.exe_374d5efb690bd70f7eae250512cf098134ba237_15c1e58d
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_iexplore.exe_645a96fb434fbe14ca377082a119cb3a71cbc4_1be9cb1b
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_iexplore.exe_91d233eaeb1055e51d984baa40fe91385226abdc_0e720a2f
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_IncMail.exe_b05cd6c9e03311f84481938473b854411ca32cf_1b97903f
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_make_self_npdrm._b8822b1f5cabd85dd1e2298e33c6dc380806ce8_093e9443
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_make_self_npdrm._b8822b1f5cabd85dd1e2298e33c6dc380806ce8_1b35f23b
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_make_self_npdrm._b8822b1f5cabd85dd1e2298e33c6dc380806ce8_1bc55763
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_msnmsgr.exe_5e1aa53c1e46823fce4b93e251d1b4c13b2a9c_103fa039
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_msnmsgr.exe_a19e7e45669761b2d14c7bc84c2c18526dc056_11509dcb
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_PCCompanion.exe_fc5460bba1bf0ec6ff2fffeb4cbc25dfde_1775647c
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_ps3 autofix.exe_81dde50a5f8b6286985e1a14cb183268477a29_0593e494
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_PS3 Autofix.vsho_b29243b59b319c7c4bb7c43828f5532d158d6_068dfe2d
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor.exe_dd1fc4b798fa751dcbc7b32751080c5c4cd717b_14812ae6
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor2.exe_cf705f7ce9df58d3f8fe9137c8487f2464387675_1f30735e
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor2.exe_fdc223632e4e3d17f364db6db28dc9617e94a33_1279c084
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor2.exe_fdc223632e4e3d17f364db6db28dc9617e94a33_1b0b2484
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor2.exe_fdc223632e4e3d17f364db6db28dc9617e94a33_1bf00f01
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rFactor2.exe_fdc223632e4e3d17f364db6db28dc9617e94a33_1c0af2bb
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_RSCenter2012.exe_f6d149eb9a5a8ce18b662af9ee4e3914886ac837_180195db
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_RSCenter2012.exe_f6d149eb9a5a8ce18b662af9ee4e3914886ac837_19e2337e
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_RSCenter2012.exe_f8ed7112acc08932d843c4661c17087b895c58b_0b75eb68
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rundll32.exe_She_528d511e3f3afaafd3382fb5f14e0e0ae6a7587_13a9151d
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rundll32.exe_She_528d511e3f3afaafd3382fb5f14e0e0ae6a7587_14893e5e
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_rundll32.exe_She_528d511e3f3afaafd3382fb5f14e0e0ae6a7587_1bfaa02c
| C:\Users\jonathan\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_Startme.exe_da51eed2a7ce4901592357fb5e36516afbf8
nouveau zhdiag:
Rapport de ZHPDiag v1.31.28 par Nicolas Coolman, Update du 30/09/2012
Run by jonathan at 17/10/2012 16:17:38
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
UAC :
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 17.0 v17.0 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4076 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 584 GB (80%) free of 724 GB
---\\ Logged in mode
~ Computer Name: JOHN-HP
~ User Name: jonathan
~ All Users Names: jonathan, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\jonathan\AppData\Roaming\
~ %Desktop% : C:\Users\jonathan\Desktop\
~ %Favorites% : C:\Users\jonathan\Favorites\
~ %LocalAppData% : C:\Users\jonathan\AppData\Local\
~ %StartMenu% : C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 584 Go of 724 Go)
D:\ CD-ROM drive (Not Inserted)
G:\ Hard drive, Flash drive, Thumb drive (Free 183 Go of 207 Go)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
~ UAC deactivate by user
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.3D165C53E40236A68B7102D1A622D4E0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/08/2012 - 11:21:18.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/20
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 1/570
~ Mon Bureau (My Desktop) : 4/16206
~ Menu demarrer (Programs) : 1/63
~ Scan Hidden Files in 00mn 15s
---\\ Processus lancés
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.2512]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe [495616] [PID.2732]
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480] [PID.2776]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576] [PID.1836]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.2688]
[MD5.872FB2A8A857016767919626A308E6A0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [916960] [PID.1576]
[MD5.55352DCD71D774DF45181CB51128EA5E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16864] [PID.2736]
[MD5.3A93E2D1CD533B894B834DB23DB044A6] - (.Adobe Systems, Inc. - Adobe Flash Player 11.4 r402.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe [1807800] [PID.2520]
[MD5.883B2E1341E5BE906A7507308A6636DF] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.2004]
[MD5.41D0F8FD52CA4B98D21F9D137F0F5FF9] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3769856] [PID.3236]
[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.]
[MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [94264] [PID.]
[MD5.3C4002D339491AF73D663FFC7F6E5ECB] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760] [PID.]
[MD5.0DCF16B1449811EFA47AB52CAC84093C] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [399432] [PID.]
[MD5.9C1D7006D7EC85BE953C56570BB7B30E] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448] [PID.]
[MD5.6C8F17953C07F88364307FC7811C5184] - (.Mr. John aka japamd - RadeonPro Support Service.) -- C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [12800] [PID.]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.]
[MD5.DD017DEB8A60085559E94089801BCCB1] - (.Pas de propriétaire - WD File Management Engine.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1060352] [PID.]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.]
~ Scan Processes Running in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.fr/?gws_rd=ssl
G0 - GCSP: Preference [User Data\Default] https://www.google.fr/?gws_rd=ssl
G1 - GCS: Preference [User Data\Default] https://www.google.com
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\prefs.js
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win64 # 6.0.3.0.) -- C:\Program Files\ma-config.com\x64\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\jonathan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\jonathan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8118
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 03s
~ Nombre de lignes (Lines number): 15263
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Clé orpheline
O2 - BHO: (no name) [64Bits] - {53707962-6F74-2D53-2644-206D7942484F} Clé orpheline
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: (no name) [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline
O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline
~ Scan BHO in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [XboxStat] . (.Microsoft Corporation - XBoxStat.exe.) -- C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [BDAgent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1382284741-163664239-3392141310-1000\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-1382284741-163664239-3392141310-1000\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recuperar Saves PSP.lnk . (.WuEpE.) -- C:\Program Files (x86)\Recuperar Saves Corruptos PSP\Recuperar_Saves.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\AD-R.lnk . (...) -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\AIDA32.lnk . (...) -- C:\Program Files (x86)\AIDA32 - Personal System Information\aida32.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\ChrisPC Free Anonymous Proxy.lnk . (.Chris P.C. srl.) -- C:\Program Files (x86)\ChrisPC Free Anonymous Proxy\ChrisPC Proxy.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\Contrôle des Setups.lnk . (.rallyesim.fr.) -- G:\SCi Games\Richard Burns Rally\ControleSetups.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\Donner votre avis.lnk - Clé orpheline
O4 - Global Startup: C:\Users\jonathan\Desktop\EVEREST Ultimate Edition.lnk . (.Lavalys, Inc..) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\PC Inspector File Recovery.lnk . (...) -- C:\Program Files (x86)\Convar\PC Inspector File Recovery\Filerecovery.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\Recuperar Saves PSP.lnk . (.WuEpE.) -- C:\Program Files (x86)\Recuperar Saves Corruptos PSP\Recuperar_Saves.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\Security-HelpZone - Astuces, Tutoriels et aide pour votre pc !.lnk - Clé orpheline
O4 - Global Startup: C:\Users\jonathan\Desktop\Slowin' Cleaner.lnk . (...) -- C:\Program Files (x86)\Slowin Cleaner\Slowin Cleaner.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\Update Service.lnk . (...) -- C:\Program Files (x86)\Sony Ericsson\Update Service\Update Service.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk . (.Chris P.C. srl.) -- C:\Program Files (x86)\ChrisPC Free Anonymous Proxy\ChrisPC Proxy.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk . (.www.motioninjoy.com.) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk . (.IncrediMail, Ltd..) -- C:\Program Files (x86)\IncrediMail\bin\IncMail.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
~ Scan Global Startup in 00mn 12s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{055530A5-6C40-4B0E-89F4-BE1FB1C6BE4B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F6AA02F-A518-4F39-8173-3552B7D11AB3}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{704C3674-9C0F-4CF6-8CDA-26FE3C805754}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{055530A5-6C40-4B0E-89F4-BE1FB1C6BE4B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5F6AA02F-A518-4F39-8173-3552B7D11AB3}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{704C3674-9C0F-4CF6-8CDA-26FE3C805754}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{055530A5-6C40-4B0E-89F4-BE1FB1C6BE4B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5F6AA02F-A518-4F39-8173-3552B7D11AB3}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{704C3674-9C0F-4CF6-8CDA-26FE3C805754}: DhcpNameServer = 192.168.42.129
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) . (.Hewlett-Packard - HP Usage Improvement Tracking.) - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) . (.Hewlett-Packard Company - HP Client Services.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Technologie de stockage Intel(R) Rapid (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: RadeonPro Support Service (RadeonPro Support Service) . (.Mr. John aka japamd - RadeonPro Support Service.) - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Thrustmaster Device Driver Installer (tmInstall) . (.Thrustmaster® - Thrustmaster® Install Service.) - C:\Program Files\Thrustmaster\T500 RS Racing wheel\drivers\amd64\tmInstall.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: BitDefender Desktop Update Service (UPDATESRV) . (.Bitdefender - Bitdefender Update Service.) - C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) . (.Bitdefender - Bitdefender Security Service.) - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
O23 - Service: WDDMService (WDDMService) . (.WDC - WD Drive Manager Service.) - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) . (.Pas de propriétaire - WD File Management Engine.) - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) . (.Pas de propriétaire - WD Shadow Copy.) - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForJOHN-HP$.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForjonathan.job
[MD5.44C00A385CA9DBC1D5CF3781F8C26AEA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-john-HP-jonathan] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.)
[MD5.BE66B026CF488C87B4D0EA9E616FFA4A] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000Core] (.Google Inc..) -- C:\Users\jonathan\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000UA] (.Google Inc..) -- C:\Users\jonathan\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForJOHN-HP$] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForjonathan] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.24A63F38DF514E6774A850A0710760A4] [APT] [ServicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
[MD5.E92EC370410F8639AD11AC0854CB2304] [APT] [{0097A34C-67FF-4452-B56A-9A5F628DA932}] (.rallyesim.fr.) -- G:\SCI Games\Richard Burns Rally\ControleSetups.exe
[MD5.DBBC3255ED48E4036CC428ECC60DEB21] [APT] [{1C501A35-9198-4FF6-998A-74F496486DCD}] (.RallyeSim.) -- G:\SCI Games\Richard Burns Rally\SETUP_MANAGER2.exe
[MD5.00000000000000000000000000000000] [APT] [{2160D07E-2CD5-476C-A012-F9DA0DE52FAD}] (...) -- C:\Users\jonathan\Downloads\MapInstall_3144.exe (.not file.)
[MD5.C3B9306CB35F32C0E218CBE79FD8D635] [APT] [{42FBA6ED-118D-479F-B318-5DA736C828C2}] (...) -- G:\SCI Games\Richard Burns Rally\richardburnsrally.exe
[MD5.E92EC370410F8639AD11AC0854CB2304] [APT] [{4F081BAB-D1D0-4ECA-A813-29C68CDC1B96}] (.rallyesim.fr.) -- G:\SCI Games\Richard Burns Rally\ControleSetups.exe
[MD5.00000000000000000000000000000000] [APT] [{51E6A928-B216-4886-A829-A3B443663E85}] (...) -- F:\setup.exe (.not file.)
[MD5.CAFB55AA463C6DF8802122838D50D2BB] [APT] [{6FADDF0D-B374-49D2-9720-2436EA69C544}] (.InstallShield Software Corporation.) -- C:\Program Files (x86)\InstallShield Installation Information\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}\setup.exe
[MD5.A911D0D323079D22833DA43D3D0BF803] [APT] [{722006F6-A5DD-4846-AD1B-898B60CD3C71}] (.www.motioninjoy.com.) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
[MD5.00000000000000000000000000000000] [APT] [{A3D8D183-FD4F-4CFC-9B32-454A795C762F}] (...) -- C:\Users\jonathan\Downloads\B2CAppSetup.exe (.not file.)
[MD5.E92EC370410F8639AD11AC0854CB2304] [APT] [{C03D1142-66CD-4588-A0EC-BF6D94894754}] (.rallyesim.fr.) -- G:\SCI Games\Richard Burns Rally\ControleSetups.exe
[MD5.DBBC3255ED48E4036CC428ECC60DEB21] [APT] [{C2C24E83-E961-4D64-8E4B-7EEC216DAC59}] (.RallyeSim.) -- G:\SCi Games\Richard Burns Rally\SETUP_MANAGER2.exe
[MD5.E92EC370410F8639AD11AC0854CB2304] [APT] [{D1941459-48FD-444F-82B9-796CE86C0100}] (.rallyesim.fr.) -- G:\SCI Games\Richard Burns Rally\ControleSetups.exe
[MD5.00000000000000000000000000000000] [APT] [{D83014FA-7E07-406E-9C51-BEB61F7FE18B}] (...) -- J:\Online\RACE07Setup.exe (.not file.)
[MD5.E92EC370410F8639AD11AC0854CB2304] [APT] [{EAC8FD53-5B98-4E57-803D-B6F6A8974124}] (.rallyesim.fr.) -- G:\SCi Games\Richard Burns Rally\ControleSetups.exe
[MD5.00000000000000000000000000000000] [APT] [{F5B555D1-69C2-4268-A6DE-1878E59E8649}] (...) -- C:\Users\jonathan\Downloads\MapSource_6156.exe (.not file.)
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
[MD5.1DB8C2220EFDBA97F671F46F6A8DE51E] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
[MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.A87F567F053191361B617D7908F8E062] [APT] [Update Check] (.Hewlett-Packard.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe
[MD5.00000000000000000000000000000000] [APT] [ControleSetups] (...) -- G:\Sci games\ControleSetups.exe (.not file.)
~ Scan Scheduled Task in 00mn 03s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BdfNdisf) . (.BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) - c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
O41 - Driver: (bdfwfpf) . (.BitDefender LLC - BitDefender Firewall WFP Filter Driver.) - C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
O41 - Driver: (BDVEDISK) . (.BitDefender - FileVault Disk Driver.) - C:\Windows\System32\DRIVERS\bdvedisk.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AIDA32 v3.93 - (.Tamas Miklos.) [HKLM][64Bits] -- AIDA32_is1
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {119B2F5A-2A06-DB96-FF28-992EC2A10BDF}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {81D00339-968D-15D1-3499-8431658E896F}
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {D77162FE-B7B2-8E1E-D80D-89DE6217DF13}
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E6F5D8BE-0B00-6DD9-18F9-D4045798FCBE}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Agatha Christie - Peril at End House - (.WildTangent.) [HKLM][64Bits] -- WT089362
O42 - Logiciel: BangBang Manager - (.RallyeSim.) [HKLM][64Bits] -- BangBang Manager_is1
O42 - Logiciel: Barcelone 2012 - (.Pas de propriétaire.) [HKCU][64Bits] -- Barcelone 2012
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT089453
O42 - Logiciel: Big Rig Europe - (.WildTangent.) [HKLM][64Bits] -- WT089497
O42 - Logiciel: Bill2's Process Manager (Désinstallation uniquement) - (.Bill2 Software.) [HKLM][64Bits] -- Bill2's Process Manager
O42 - Logiciel: Bitdefender Internet Security 2012 - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender
O42 - Logiciel: Bitdefender Internet Security 2012 - (.Bitdefender.) [HKLM][64Bits] -- {2AB9289D-6432-4CC0-8869-A195C3F0CFCC}
O42 - Logiciel: Blasterball 3 - (.WildTangent.) [HKLM][64Bits] -- WT089308
O42 - Logiciel: Bounce Symphony - (.WildTangent.) [HKLM][64Bits] -- WT087330
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Cake Mania - (.WildTangent.) [HKLM][64Bits] -- WT089359
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}
O42 - Logiciel: ChrisPC Free Anonymous Proxy 3.10 - (.Chris P.C. srl.) [HKLM][64Bits] -- {6006089C-84B5-4F18-8113-D96792AED0DE}_is1
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT089454
O42 - Logiciel: Circuit de Malaisie 2012 - (.Pas de propriétaire.) [HKCU][64Bits] -- Circuit de Malaisie 2012
O42 - Logiciel: Crazy Chicken Kart 2 - (.WildTangent.) [HKLM][64Bits] -- WT089492
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT087536
O42 - Logiciel: EVEREST Ultimate Edition v5.50 - (.Lavalys, Inc..) [HKLM][64Bits] -- EVEREST Ultimate Edition_is1
O42 - Logiciel: Endurance Series by EnduRacers - Service Pack 2 - (.Pas de propriétaire.) [HKCU][64Bits] -- Endurance Series by EnduRacers - Service Pack 2
O42 - Logiciel: Endurance Series by EnduRacers - rF1 FULL - (.Pas de propriétaire.) [HKCU][64Bits] -- Endurance Series by EnduRacers - rF1 FULL
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WT087361
O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WT089328
O42 - Logiciel: FileZilla Client 3.5.3 - (.FileZilla Project.) [HKLM][64Bits] -- FileZilla Client
O42 - Logiciel: Fishdom - (.WildTangent.) [HKLM][64Bits] -- WT089493
O42 - Logiciel: Fraps - (.Pas de propriétaire.) [HKLM][64Bits] -- Fraps
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Game Booster - (.IObit.) [HKLM][64Bits] -- Game Booster_is1
O42 - Logiciel: Garmin City Navigator Europe NT 2013.10 Update - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {EC28FA6E-E38D-4F72-80EF-1FBE66B05668}
O42 - Logiciel: Garmin Lifetime Updater - (.Garmin.) [HKLM][64Bits] -- {0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}
O42 - Logiciel: GetDataBack for FAT - (.Runtime Software.) [HKLM][64Bits] -- {2EEEC858-21F8-419B-8FE2-820621BFFCD7}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Auto - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
O42 - Logiciel: HP Client Services - (.Hewlett-Packard.) [HKLM][64Bits] -- {2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP Product Detection - (.HP.) [HKLM][64Bits] -- {4F38594F-2C4A-4C42-B2C4-505E225F6F80}
O42 - Logiciel: HP Setup - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {210A03F5-B2ED-4947-B27E-516F50CBB292}
O42 - Logiciel: HP Vision Hardware Diagnostics - (.Hewlett-Packard.) [HKLM][64Bits] -- {D79A02E9-6713-4335-9668-AAC7474C0C0E}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.2.0 - (.Hewlett-Packard.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM][64Bits] -- {5E97F3BD-CDDC-4188-9D98-532E14FABB5D}
O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM][64Bits] -- IncrediMail
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: JDownloader 0.9 - (.AppWork GmbH.) [HKLM][64Bits] -- 5513-1208-7298-9440
O42 - Logiciel: Java 7 Update 7 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217007FF}
O42 - Logiciel: JavaFX 2.1.0 - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-210328764D10}
O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM][64Bits] -- WT087490
O42 - Logiciel: K-Lite Codec Pack 7.6.0 (Full) - (.Pas de propriétaire.) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: LG SP USB Driver - (.LG Electronics.) [HKLM][64Bits] -- {E2AE8456-CCFE-46C0-8629-71CC507660FC}
O42 - Logiciel: LG USB WML Modem Driver - (.LG Electronics.) [HKLM][64Bits] -- {FBA0CA60-8BF2-4381-B819-74F020E165A9}
O42 - Logiciel: LG United Mobile Driver - (.LG Electronics.) [HKLM][64Bits] -- {2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}
O42 - Logiciel: Logitech Gaming Software 5.10 - (.Logitech.) [HKLM][64Bits] -- {1444D2EE-C7AD-44A8-844F-2634B49353D1}
O42 - Logiciel: MOD F1 2012 RACING TEAM SIMULATION V2.0 - (.Pas de propriétaire.) [HKCU][64Bits] -- MOD F1 2012 RACING TEAM SIMULATION V2.0
O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {0FFD920B-16AB-4424-8945-17F8EB9ED5D3}
O42 - Logiciel: Mah Jong Medley - (.WildTangent.) [HKLM][64Bits] -- WT087393
O42 - Logiciel: Malwarebytes Anti-Malware ÃØè¹ 1.65.0.1400 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft .NET Framework 4 Extended
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}
O42 - Logiciel: Microsoft Office Starter 2010 - Français - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140011-0066-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.Click2Run
O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-006D-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {071c9b48-7c32-4621-a0ac-3f809523288f}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D8E6291-B0D5-35EC-8441-6616F567A0F7}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 - (.Microsoft Corporation.) [HKLM][64Bits] -- {ee7581ca-826d-4a8d-a932-e743dd4ee44a}
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 - (.Microsoft Corporation.) [HKLM][64Bits] -- {FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}
O42 - Logiciel: Microsoft Windows SDK for Windows 7 (7.1) - (.Microsoft Corporation.) [HKLM][64Bits] -- SDKSetup_7.1.7600.0.30514
O42 - Logiciel: Microsoft Xbox 360 Accessories 1.2 - (.Microsoft.) [HKLM][64Bits] -- {45CD67FD-3218-4207-A0A2-BC41245189E3}
O42 - Logiciel: Microsoft_VC80_ATL_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {925D058B-564A-443A-B4B2-7E90C6432E55}
O42 - Logiciel: Microsoft_VC80_CRT_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
O42 - Logiciel: Microsoft_VC80_MFCLOC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {1E9FC118-651D-4934-97BE-E53CAE5C7D45}
O42 - Logiciel: Microsoft_VC80_MFC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
O42 - Logiciel: Microsoft_VC90_ATL_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {8557397C-A42D-486F-97B3-A2CBC2372593}
O42 - Logiciel: Microsoft_VC90_CRT_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
O42 - Logiciel: Microsoft_VC90_MFC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
O42 - Logiciel: MiniTool Partition Wizard Home Edition 7.5 - (.MiniTool Solution Ltd..) [HKLM][64Bits] -- {05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1
O42 - Logiciel: MoTeC i2 Pro - (.MoTeC.) [HKLM][64Bits] -- {D416059B-C21B-4405-ACC0-010C481E0FDA}
O42 - Logiciel: Mod VFR F1 2012 - (.Pas de propriétaire.) [HKCU][64Bits] -- Mod VFR F1 2012
O42 - Logiciel: MotioninJoy ds3 driver version 0.6.0003 - (.www.motioninjoy.com.) [HKLM][64Bits] -- {330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1
O42 - Logiciel: Mozilla Firefox 17.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 17.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: MusicStation - (.Hewlett-Packard.) [HKLM][64Bits] -- MusicStationNetstaller
O42 - Logiciel: NVIDIA Photoshop Plug-ins - (.Pas de propriétaire.) [HKLM][64Bits] -- {23F79416-CAD1-41BF-99A3-040F6C814AAA}
O42 - Logiciel: NVIDIA Photoshop Plug-ins 64 bit - (.Pas de propriétaire.) [HKLM][64Bits] -- {5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}
O42 - Logiciel: Namco All-Stars PAC-MAN - (.WildTangent.) [HKLM][64Bits] -- WT089484
O42 - Logiciel: PDF Complete Special Edition - (.PDF Complete, Inc.) [HKLM][64Bits] -- PDF Complete
O42 - Logiciel: Patch circuit du canada - (.Pas de propriétaire.) [HKCU][64Bits] -- Patch circuit du canada
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT087394
O42 - Logiciel: Photo Notifier and Animation Creator - (.Nom de votre société.) [HKLM][64Bits] -- {6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}
O42 - Logiciel: PlayClaw - (.Sytexis Software.) [HKLM][64Bits] -- PlayClaw
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT087396
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerQuest PartitionMagic 8.0 Demo - (.PowerQuest.) [HKLM][64Bits] --
Rapport de ZHPDiag v1.31.28 par Nicolas Coolman, Update du 30/09/2012
Run by jonathan at 17/10/2012 16:17:38
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
UAC :
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 17.0 v17.0 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4076 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 584 GB (80%) free of 724 GB
---\\ Logged in mode
~ Computer Name: JOHN-HP
~ User Name: jonathan
~ All Users Names: jonathan, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\jonathan\AppData\Roaming\
~ %Desktop% : C:\Users\jonathan\Desktop\
~ %Favorites% : C:\Users\jonathan\Favorites\
~ %LocalAppData% : C:\Users\jonathan\AppData\Local\
~ %StartMenu% : C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 584 Go of 724 Go)
D:\ CD-ROM drive (Not Inserted)
G:\ Hard drive, Flash drive, Thumb drive (Free 183 Go of 207 Go)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
~ UAC deactivate by user
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.3D165C53E40236A68B7102D1A622D4E0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/08/2012 - 11:21:18.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/20
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 1/570
~ Mon Bureau (My Desktop) : 4/16206
~ Menu demarrer (Programs) : 1/63
~ Scan Hidden Files in 00mn 15s
---\\ Processus lancés
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.2512]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe [495616] [PID.2732]
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480] [PID.2776]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576] [PID.1836]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.2688]
[MD5.872FB2A8A857016767919626A308E6A0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [916960] [PID.1576]
[MD5.55352DCD71D774DF45181CB51128EA5E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16864] [PID.2736]
[MD5.3A93E2D1CD533B894B834DB23DB044A6] - (.Adobe Systems, Inc. - Adobe Flash Player 11.4 r402.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe [1807800] [PID.2520]
[MD5.883B2E1341E5BE906A7507308A6636DF] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.2004]
[MD5.41D0F8FD52CA4B98D21F9D137F0F5FF9] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3769856] [PID.3236]
[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.]
[MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [94264] [PID.]
[MD5.3C4002D339491AF73D663FFC7F6E5ECB] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760] [PID.]
[MD5.0DCF16B1449811EFA47AB52CAC84093C] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [399432] [PID.]
[MD5.9C1D7006D7EC85BE953C56570BB7B30E] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448] [PID.]
[MD5.6C8F17953C07F88364307FC7811C5184] - (.Mr. John aka japamd - RadeonPro Support Service.) -- C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [12800] [PID.]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.]
[MD5.DD017DEB8A60085559E94089801BCCB1] - (.Pas de propriétaire - WD File Management Engine.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1060352] [PID.]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.]
~ Scan Processes Running in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\jonathan\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.fr/?gws_rd=ssl
G0 - GCSP: Preference [User Data\Default] https://www.google.fr/?gws_rd=ssl
G1 - GCS: Preference [User Data\Default] https://www.google.com
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\fh98qhyi.default\prefs.js
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [jonathan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win64 # 6.0.3.0.) -- C:\Program Files\ma-config.com\x64\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\jonathan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\jonathan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8118
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 03s
~ Nombre de lignes (Lines number): 15263
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Clé orpheline
O2 - BHO: (no name) [64Bits] - {53707962-6F74-2D53-2644-206D7942484F} Clé orpheline
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: (no name) [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline
O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline
~ Scan BHO in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [XboxStat] . (.Microsoft Corporation - XBoxStat.exe.) -- C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [BDAgent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1382284741-163664239-3392141310-1000\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-1382284741-163664239-3392141310-1000\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recuperar Saves PSP.lnk . (.WuEpE.) -- C:\Program Files (x86)\Recuperar Saves Corruptos PSP\Recuperar_Saves.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\AD-R.lnk . (...) -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\AIDA32.lnk . (...) -- C:\Program Files (x86)\AIDA32 - Personal System Information\aida32.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\ChrisPC Free Anonymous Proxy.lnk . (.Chris P.C. srl.) -- C:\Program Files (x86)\ChrisPC Free Anonymous Proxy\ChrisPC Proxy.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\Contrôle des Setups.lnk . (.rallyesim.fr.) -- G:\SCi Games\Richard Burns Rally\ControleSetups.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\Donner votre avis.lnk - Clé orpheline
O4 - Global Startup: C:\Users\jonathan\Desktop\EVEREST Ultimate Edition.lnk . (.Lavalys, Inc..) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\PC Inspector File Recovery.lnk . (...) -- C:\Program Files (x86)\Convar\PC Inspector File Recovery\Filerecovery.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\Recuperar Saves PSP.lnk . (.WuEpE.) -- C:\Program Files (x86)\Recuperar Saves Corruptos PSP\Recuperar_Saves.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\Security-HelpZone - Astuces, Tutoriels et aide pour votre pc !.lnk - Clé orpheline
O4 - Global Startup: C:\Users\jonathan\Desktop\Slowin' Cleaner.lnk . (...) -- C:\Program Files (x86)\Slowin Cleaner\Slowin Cleaner.exe
O4 - Global Startup: C:\Users\jonathan\Desktop\Update Service.lnk . (...) -- C:\Program Files (x86)\Sony Ericsson\Update Service\Update Service.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk . (.Chris P.C. srl.) -- C:\Program Files (x86)\ChrisPC Free Anonymous Proxy\ChrisPC Proxy.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk . (.www.motioninjoy.com.) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk . (.IncrediMail, Ltd..) -- C:\Program Files (x86)\IncrediMail\bin\IncMail.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\jonathan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
~ Scan Global Startup in 00mn 12s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{055530A5-6C40-4B0E-89F4-BE1FB1C6BE4B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F6AA02F-A518-4F39-8173-3552B7D11AB3}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{704C3674-9C0F-4CF6-8CDA-26FE3C805754}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{055530A5-6C40-4B0E-89F4-BE1FB1C6BE4B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5F6AA02F-A518-4F39-8173-3552B7D11AB3}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{704C3674-9C0F-4CF6-8CDA-26FE3C805754}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{055530A5-6C40-4B0E-89F4-BE1FB1C6BE4B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5F6AA02F-A518-4F39-8173-3552B7D11AB3}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{704C3674-9C0F-4CF6-8CDA-26FE3C805754}: DhcpNameServer = 192.168.42.129
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) . (.Hewlett-Packard - HP Usage Improvement Tracking.) - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) . (.Hewlett-Packard Company - HP Client Services.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Technologie de stockage Intel(R) Rapid (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: RadeonPro Support Service (RadeonPro Support Service) . (.Mr. John aka japamd - RadeonPro Support Service.) - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Thrustmaster Device Driver Installer (tmInstall) . (.Thrustmaster® - Thrustmaster® Install Service.) - C:\Program Files\Thrustmaster\T500 RS Racing wheel\drivers\amd64\tmInstall.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: BitDefender Desktop Update Service (UPDATESRV) . (.Bitdefender - Bitdefender Update Service.) - C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) . (.Bitdefender - Bitdefender Security Service.) - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
O23 - Service: WDDMService (WDDMService) . (.WDC - WD Drive Manager Service.) - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) . (.Pas de propriétaire - WD File Management Engine.) - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) . (.Pas de propriétaire - WD Shadow Copy.) - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForJOHN-HP$.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForjonathan.job
[MD5.44C00A385CA9DBC1D5CF3781F8C26AEA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-john-HP-jonathan] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.)
[MD5.BE66B026CF488C87B4D0EA9E616FFA4A] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000Core] (.Google Inc..) -- C:\Users\jonathan\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1382284741-163664239-3392141310-1000UA] (.Google Inc..) -- C:\Users\jonathan\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForJOHN-HP$] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForjonathan] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.24A63F38DF514E6774A850A0710760A4] [APT] [ServicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
[MD5.E92EC370410F8639AD11AC0854CB2304] [APT] [{0097A34C-67FF-4452-B56A-9A5F628DA932}] (.rallyesim.fr.) -- G:\SCI Games\Richard Burns Rally\ControleSetups.exe
[MD5.DBBC3255ED48E4036CC428ECC60DEB21] [APT] [{1C501A35-9198-4FF6-998A-74F496486DCD}] (.RallyeSim.) -- G:\SCI Games\Richard Burns Rally\SETUP_MANAGER2.exe
[MD5.00000000000000000000000000000000] [APT] [{2160D07E-2CD5-476C-A012-F9DA0DE52FAD}] (...) -- C:\Users\jonathan\Downloads\MapInstall_3144.exe (.not file.)
[MD5.C3B9306CB35F32C0E218CBE79FD8D635] [APT] [{42FBA6ED-118D-479F-B318-5DA736C828C2}] (...) -- G:\SCI Games\Richard Burns Rally\richardburnsrally.exe
[MD5.E92EC370410F8639AD11AC0854CB2304] [APT] [{4F081BAB-D1D0-4ECA-A813-29C68CDC1B96}] (.rallyesim.fr.) -- G:\SCI Games\Richard Burns Rally\ControleSetups.exe
[MD5.00000000000000000000000000000000] [APT] [{51E6A928-B216-4886-A829-A3B443663E85}] (...) -- F:\setup.exe (.not file.)
[MD5.CAFB55AA463C6DF8802122838D50D2BB] [APT] [{6FADDF0D-B374-49D2-9720-2436EA69C544}] (.InstallShield Software Corporation.) -- C:\Program Files (x86)\InstallShield Installation Information\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}\setup.exe
[MD5.A911D0D323079D22833DA43D3D0BF803] [APT] [{722006F6-A5DD-4846-AD1B-898B60CD3C71}] (.www.motioninjoy.com.) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
[MD5.00000000000000000000000000000000] [APT] [{A3D8D183-FD4F-4CFC-9B32-454A795C762F}] (...) -- C:\Users\jonathan\Downloads\B2CAppSetup.exe (.not file.)
[MD5.E92EC370410F8639AD11AC0854CB2304] [APT] [{C03D1142-66CD-4588-A0EC-BF6D94894754}] (.rallyesim.fr.) -- G:\SCI Games\Richard Burns Rally\ControleSetups.exe
[MD5.DBBC3255ED48E4036CC428ECC60DEB21] [APT] [{C2C24E83-E961-4D64-8E4B-7EEC216DAC59}] (.RallyeSim.) -- G:\SCi Games\Richard Burns Rally\SETUP_MANAGER2.exe
[MD5.E92EC370410F8639AD11AC0854CB2304] [APT] [{D1941459-48FD-444F-82B9-796CE86C0100}] (.rallyesim.fr.) -- G:\SCI Games\Richard Burns Rally\ControleSetups.exe
[MD5.00000000000000000000000000000000] [APT] [{D83014FA-7E07-406E-9C51-BEB61F7FE18B}] (...) -- J:\Online\RACE07Setup.exe (.not file.)
[MD5.E92EC370410F8639AD11AC0854CB2304] [APT] [{EAC8FD53-5B98-4E57-803D-B6F6A8974124}] (.rallyesim.fr.) -- G:\SCi Games\Richard Burns Rally\ControleSetups.exe
[MD5.00000000000000000000000000000000] [APT] [{F5B555D1-69C2-4268-A6DE-1878E59E8649}] (...) -- C:\Users\jonathan\Downloads\MapSource_6156.exe (.not file.)
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
[MD5.1DB8C2220EFDBA97F671F46F6A8DE51E] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
[MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.A87F567F053191361B617D7908F8E062] [APT] [Update Check] (.Hewlett-Packard.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe
[MD5.00000000000000000000000000000000] [APT] [ControleSetups] (...) -- G:\Sci games\ControleSetups.exe (.not file.)
~ Scan Scheduled Task in 00mn 03s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BdfNdisf) . (.BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) - c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
O41 - Driver: (bdfwfpf) . (.BitDefender LLC - BitDefender Firewall WFP Filter Driver.) - C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
O41 - Driver: (BDVEDISK) . (.BitDefender - FileVault Disk Driver.) - C:\Windows\System32\DRIVERS\bdvedisk.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AIDA32 v3.93 - (.Tamas Miklos.) [HKLM][64Bits] -- AIDA32_is1
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {119B2F5A-2A06-DB96-FF28-992EC2A10BDF}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {81D00339-968D-15D1-3499-8431658E896F}
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {D77162FE-B7B2-8E1E-D80D-89DE6217DF13}
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E6F5D8BE-0B00-6DD9-18F9-D4045798FCBE}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Agatha Christie - Peril at End House - (.WildTangent.) [HKLM][64Bits] -- WT089362
O42 - Logiciel: BangBang Manager - (.RallyeSim.) [HKLM][64Bits] -- BangBang Manager_is1
O42 - Logiciel: Barcelone 2012 - (.Pas de propriétaire.) [HKCU][64Bits] -- Barcelone 2012
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT089453
O42 - Logiciel: Big Rig Europe - (.WildTangent.) [HKLM][64Bits] -- WT089497
O42 - Logiciel: Bill2's Process Manager (Désinstallation uniquement) - (.Bill2 Software.) [HKLM][64Bits] -- Bill2's Process Manager
O42 - Logiciel: Bitdefender Internet Security 2012 - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender
O42 - Logiciel: Bitdefender Internet Security 2012 - (.Bitdefender.) [HKLM][64Bits] -- {2AB9289D-6432-4CC0-8869-A195C3F0CFCC}
O42 - Logiciel: Blasterball 3 - (.WildTangent.) [HKLM][64Bits] -- WT089308
O42 - Logiciel: Bounce Symphony - (.WildTangent.) [HKLM][64Bits] -- WT087330
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Cake Mania - (.WildTangent.) [HKLM][64Bits] -- WT089359
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}
O42 - Logiciel: ChrisPC Free Anonymous Proxy 3.10 - (.Chris P.C. srl.) [HKLM][64Bits] -- {6006089C-84B5-4F18-8113-D96792AED0DE}_is1
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT089454
O42 - Logiciel: Circuit de Malaisie 2012 - (.Pas de propriétaire.) [HKCU][64Bits] -- Circuit de Malaisie 2012
O42 - Logiciel: Crazy Chicken Kart 2 - (.WildTangent.) [HKLM][64Bits] -- WT089492
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT087536
O42 - Logiciel: EVEREST Ultimate Edition v5.50 - (.Lavalys, Inc..) [HKLM][64Bits] -- EVEREST Ultimate Edition_is1
O42 - Logiciel: Endurance Series by EnduRacers - Service Pack 2 - (.Pas de propriétaire.) [HKCU][64Bits] -- Endurance Series by EnduRacers - Service Pack 2
O42 - Logiciel: Endurance Series by EnduRacers - rF1 FULL - (.Pas de propriétaire.) [HKCU][64Bits] -- Endurance Series by EnduRacers - rF1 FULL
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WT087361
O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WT089328
O42 - Logiciel: FileZilla Client 3.5.3 - (.FileZilla Project.) [HKLM][64Bits] -- FileZilla Client
O42 - Logiciel: Fishdom - (.WildTangent.) [HKLM][64Bits] -- WT089493
O42 - Logiciel: Fraps - (.Pas de propriétaire.) [HKLM][64Bits] -- Fraps
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Game Booster - (.IObit.) [HKLM][64Bits] -- Game Booster_is1
O42 - Logiciel: Garmin City Navigator Europe NT 2013.10 Update - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {EC28FA6E-E38D-4F72-80EF-1FBE66B05668}
O42 - Logiciel: Garmin Lifetime Updater - (.Garmin.) [HKLM][64Bits] -- {0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}
O42 - Logiciel: GetDataBack for FAT - (.Runtime Software.) [HKLM][64Bits] -- {2EEEC858-21F8-419B-8FE2-820621BFFCD7}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Auto - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
O42 - Logiciel: HP Client Services - (.Hewlett-Packard.) [HKLM][64Bits] -- {2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP Product Detection - (.HP.) [HKLM][64Bits] -- {4F38594F-2C4A-4C42-B2C4-505E225F6F80}
O42 - Logiciel: HP Setup - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {210A03F5-B2ED-4947-B27E-516F50CBB292}
O42 - Logiciel: HP Vision Hardware Diagnostics - (.Hewlett-Packard.) [HKLM][64Bits] -- {D79A02E9-6713-4335-9668-AAC7474C0C0E}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.2.0 - (.Hewlett-Packard.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM][64Bits] -- {5E97F3BD-CDDC-4188-9D98-532E14FABB5D}
O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM][64Bits] -- IncrediMail
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
O42 - Logiciel: JDownloader 0.9 - (.AppWork GmbH.) [HKLM][64Bits] -- 5513-1208-7298-9440
O42 - Logiciel: Java 7 Update 7 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217007FF}
O42 - Logiciel: JavaFX 2.1.0 - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-210328764D10}
O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM][64Bits] -- WT087490
O42 - Logiciel: K-Lite Codec Pack 7.6.0 (Full) - (.Pas de propriétaire.) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: LG SP USB Driver - (.LG Electronics.) [HKLM][64Bits] -- {E2AE8456-CCFE-46C0-8629-71CC507660FC}
O42 - Logiciel: LG USB WML Modem Driver - (.LG Electronics.) [HKLM][64Bits] -- {FBA0CA60-8BF2-4381-B819-74F020E165A9}
O42 - Logiciel: LG United Mobile Driver - (.LG Electronics.) [HKLM][64Bits] -- {2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}
O42 - Logiciel: Logitech Gaming Software 5.10 - (.Logitech.) [HKLM][64Bits] -- {1444D2EE-C7AD-44A8-844F-2634B49353D1}
O42 - Logiciel: MOD F1 2012 RACING TEAM SIMULATION V2.0 - (.Pas de propriétaire.) [HKCU][64Bits] -- MOD F1 2012 RACING TEAM SIMULATION V2.0
O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {0FFD920B-16AB-4424-8945-17F8EB9ED5D3}
O42 - Logiciel: Mah Jong Medley - (.WildTangent.) [HKLM][64Bits] -- WT087393
O42 - Logiciel: Malwarebytes Anti-Malware ÃØè¹ 1.65.0.1400 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft .NET Framework 4 Extended
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}
O42 - Logiciel: Microsoft Office Starter 2010 - Français - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140011-0066-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.Click2Run
O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-006D-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {071c9b48-7c32-4621-a0ac-3f809523288f}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D8E6291-B0D5-35EC-8441-6616F567A0F7}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 - (.Microsoft Corporation.) [HKLM][64Bits] -- {ee7581ca-826d-4a8d-a932-e743dd4ee44a}
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 - (.Microsoft Corporation.) [HKLM][64Bits] -- {FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}
O42 - Logiciel: Microsoft Windows SDK for Windows 7 (7.1) - (.Microsoft Corporation.) [HKLM][64Bits] -- SDKSetup_7.1.7600.0.30514
O42 - Logiciel: Microsoft Xbox 360 Accessories 1.2 - (.Microsoft.) [HKLM][64Bits] -- {45CD67FD-3218-4207-A0A2-BC41245189E3}
O42 - Logiciel: Microsoft_VC80_ATL_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {925D058B-564A-443A-B4B2-7E90C6432E55}
O42 - Logiciel: Microsoft_VC80_CRT_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
O42 - Logiciel: Microsoft_VC80_MFCLOC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {1E9FC118-651D-4934-97BE-E53CAE5C7D45}
O42 - Logiciel: Microsoft_VC80_MFC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
O42 - Logiciel: Microsoft_VC90_ATL_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {8557397C-A42D-486F-97B3-A2CBC2372593}
O42 - Logiciel: Microsoft_VC90_CRT_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
O42 - Logiciel: Microsoft_VC90_MFC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
O42 - Logiciel: MiniTool Partition Wizard Home Edition 7.5 - (.MiniTool Solution Ltd..) [HKLM][64Bits] -- {05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1
O42 - Logiciel: MoTeC i2 Pro - (.MoTeC.) [HKLM][64Bits] -- {D416059B-C21B-4405-ACC0-010C481E0FDA}
O42 - Logiciel: Mod VFR F1 2012 - (.Pas de propriétaire.) [HKCU][64Bits] -- Mod VFR F1 2012
O42 - Logiciel: MotioninJoy ds3 driver version 0.6.0003 - (.www.motioninjoy.com.) [HKLM][64Bits] -- {330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1
O42 - Logiciel: Mozilla Firefox 17.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 17.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: MusicStation - (.Hewlett-Packard.) [HKLM][64Bits] -- MusicStationNetstaller
O42 - Logiciel: NVIDIA Photoshop Plug-ins - (.Pas de propriétaire.) [HKLM][64Bits] -- {23F79416-CAD1-41BF-99A3-040F6C814AAA}
O42 - Logiciel: NVIDIA Photoshop Plug-ins 64 bit - (.Pas de propriétaire.) [HKLM][64Bits] -- {5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}
O42 - Logiciel: Namco All-Stars PAC-MAN - (.WildTangent.) [HKLM][64Bits] -- WT089484
O42 - Logiciel: PDF Complete Special Edition - (.PDF Complete, Inc.) [HKLM][64Bits] -- PDF Complete
O42 - Logiciel: Patch circuit du canada - (.Pas de propriétaire.) [HKCU][64Bits] -- Patch circuit du canada
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT087394
O42 - Logiciel: Photo Notifier and Animation Creator - (.Nom de votre société.) [HKLM][64Bits] -- {6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}
O42 - Logiciel: PlayClaw - (.Sytexis Software.) [HKLM][64Bits] -- PlayClaw
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT087396
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerQuest PartitionMagic 8.0 Demo - (.PowerQuest.) [HKLM][64Bits] --
salut
ton rapport n'est pas complet, tu dois le transmettre comme le message n°2 (le lien https://www.cjoint.com/
@+
ton rapport n'est pas complet, tu dois le transmettre comme le message n°2 (le lien https://www.cjoint.com/
@+
Je te prépare ZHP.
▶ Ferme et enregistre tout ce qu'il y a d'ouvert sur le pc.
▶ Dans l'onglet "Script", copie-colle avec le bouton "coller le script", ce texte ci-dessous :
|$| Mozilla Firefox est apte à être optimisé
|@| Ad-Remover par C_XX
|@| Polar Bowler
|@| Jewel Quest Solitaire
|@| Slingo Deluxe
|@| Virtual Villagers - The Secret City
|@| Cake Mania
|@| Bejeweled 2 Deluxe
|@| Chuzzle Deluxe
|@| Fishdom
|@| Update Installer for WildTangent Games App
|@| HiJackThis
|@| WildTangent Games App (HP Games)
|@| Spybot - Search & Destroy
|*| C:\Users\jonathan\Desktop\four tout\Norton 2011 I.S v18.5.0.125 + [ 88 yr ] Crack\NIS-TW-30-18-5-0-125-FR.exe
|M| Modules de génération de clés IKE et AuthIP - (IKEEXT)
|D| Télécopie - (Fax)
|D| GamesAppService - (GamesAppService)
|D| Windows Search - (WSearch)
|D| WebClient - (WebClient)
|D| Client DNS - (Dnscache)
|D| Stratégie de retrait de la carte à puce - (SCPolicySvc)
|D| Téléphonie - (TapiSrv)
|D| Service de rapport d'erreurs Windows - (WerSvc)
|D| Ouverture de session secondaire - (seclogon)
|D| Carte à puce - (SCardSvr)
|D| Gestion des clés et des certificats d'intégrité - (hkmsvc)
|D| Registre à distance - (RemoteRegistry)
|D| Service Panneau de saisie Tablet PC - (TabletInputService)
|D| Propagation du certificat - (CertPropSvc)
|D| Groupement de mise en réseau de pairs - (p2psvc)
|D| Client de suivi de lien distribué - (TrkWks)
|D| Interruption SNMP - (SNMPTRAP)
|D| Agent de protection d'accès réseau - (napagent)
|D| Gestionnaire d'identité réseau homologue - (p2pimsvc)
|D| Service Énumérateur d'appareil mobile - (WPDBusEnum)
Reg::
▶ Une fois l'opération terminée, tu dois avoir un rapport "Slowin_Cleaner_[Script][x].txt" sur ton bureau.
▶ Copie/colle le contenu du rapport sur le forum.
▶ Ferme et enregistre tout ce qu'il y a d'ouvert sur le pc.
▶ Dans l'onglet "Script", copie-colle avec le bouton "coller le script", ce texte ci-dessous :
|$| Mozilla Firefox est apte à être optimisé
|@| Ad-Remover par C_XX
|@| Polar Bowler
|@| Jewel Quest Solitaire
|@| Slingo Deluxe
|@| Virtual Villagers - The Secret City
|@| Cake Mania
|@| Bejeweled 2 Deluxe
|@| Chuzzle Deluxe
|@| Fishdom
|@| Update Installer for WildTangent Games App
|@| HiJackThis
|@| WildTangent Games App (HP Games)
|@| Spybot - Search & Destroy
|*| C:\Users\jonathan\Desktop\four tout\Norton 2011 I.S v18.5.0.125 + [ 88 yr ] Crack\NIS-TW-30-18-5-0-125-FR.exe
|M| Modules de génération de clés IKE et AuthIP - (IKEEXT)
|D| Télécopie - (Fax)
|D| GamesAppService - (GamesAppService)
|D| Windows Search - (WSearch)
|D| WebClient - (WebClient)
|D| Client DNS - (Dnscache)
|D| Stratégie de retrait de la carte à puce - (SCPolicySvc)
|D| Téléphonie - (TapiSrv)
|D| Service de rapport d'erreurs Windows - (WerSvc)
|D| Ouverture de session secondaire - (seclogon)
|D| Carte à puce - (SCardSvr)
|D| Gestion des clés et des certificats d'intégrité - (hkmsvc)
|D| Registre à distance - (RemoteRegistry)
|D| Service Panneau de saisie Tablet PC - (TabletInputService)
|D| Propagation du certificat - (CertPropSvc)
|D| Groupement de mise en réseau de pairs - (p2psvc)
|D| Client de suivi de lien distribué - (TrkWks)
|D| Interruption SNMP - (SNMPTRAP)
|D| Agent de protection d'accès réseau - (napagent)
|D| Gestionnaire d'identité réseau homologue - (p2pimsvc)
|D| Service Énumérateur d'appareil mobile - (WPDBusEnum)
Reg::
▶ Une fois l'opération terminée, tu dois avoir un rapport "Slowin_Cleaner_[Script][x].txt" sur ton bureau.
▶ Copie/colle le contenu du rapport sur le forum.
j'ai pas compris je colle le script ou ?
dans l'onglet script de slow cleaner puis je clique sur scripter ?
dans l'onglet script de slow cleaner puis je clique sur scripter ?
#####| Slowin' Cleaner (TM) 1.2 © Saachaa * [Script] |#####
* Date: [17/10/2012]
* Time: [17:33:24]
Firefox: O.K
Uninstalled: Polar Bowler O.K
Uninstalled: Jewel Quest Solitaire O.K
Uninstalled: Slingo Deluxe O.K
Uninstalled: Virtual Villagers - The Secret City O.K
Uninstalled: Cake Mania O.K
Uninstalled: Bejeweled 2 Deluxe O.K
Uninstalled: Chuzzle Deluxe O.K
Uninstalled: Fishdom O.K
Uninstalled: HiJackThis O.K
Uninstalled: WildTangent Games App (HP Games) O.K
Uninstalled: Spybot - Search & Destroy O.K
Service Set Manual: IKEEXT O.K
Service Set Disable: Fax O.K
Service: GamesAppService :: Error
Service Set Disable: WSearch O.K
Service Set Disable: WebClient O.K
Service Set Disable: Dnscache O.K
Service Set Disable: SCPolicySvc O.K
Service Set Disable: TapiSrv O.K
Service Set Disable: WerSvc O.K
Service Set Disable: seclogon O.K
Service Set Disable: SCardSvr O.K
Service Set Disable: hkmsvc O.K
Service Set Disable: RemoteRegistry O.K
Service Set Disable: TabletInputService O.K
Service Set Disable: CertPropSvc O.K
Service Set Disable: p2psvc O.K
Service Set Disable: TrkWks O.K
Service Set Disable: SNMPTRAP O.K
Service Set Disable: napagent O.K
Service Set Disable: p2pimsvc O.K
Service Set Disable: WPDBusEnum O.K
Registry: O.K
#####| E-O-F [C:\Program Files (x86)\Slowin Cleaner\Reports\Slowin_Cleaner_[Script][2].txt] |#####
* Date: [17/10/2012]
* Time: [17:33:24]
Firefox: O.K
Uninstalled: Polar Bowler O.K
Uninstalled: Jewel Quest Solitaire O.K
Uninstalled: Slingo Deluxe O.K
Uninstalled: Virtual Villagers - The Secret City O.K
Uninstalled: Cake Mania O.K
Uninstalled: Bejeweled 2 Deluxe O.K
Uninstalled: Chuzzle Deluxe O.K
Uninstalled: Fishdom O.K
Uninstalled: HiJackThis O.K
Uninstalled: WildTangent Games App (HP Games) O.K
Uninstalled: Spybot - Search & Destroy O.K
Service Set Manual: IKEEXT O.K
Service Set Disable: Fax O.K
Service: GamesAppService :: Error
Service Set Disable: WSearch O.K
Service Set Disable: WebClient O.K
Service Set Disable: Dnscache O.K
Service Set Disable: SCPolicySvc O.K
Service Set Disable: TapiSrv O.K
Service Set Disable: WerSvc O.K
Service Set Disable: seclogon O.K
Service Set Disable: SCardSvr O.K
Service Set Disable: hkmsvc O.K
Service Set Disable: RemoteRegistry O.K
Service Set Disable: TabletInputService O.K
Service Set Disable: CertPropSvc O.K
Service Set Disable: p2psvc O.K
Service Set Disable: TrkWks O.K
Service Set Disable: SNMPTRAP O.K
Service Set Disable: napagent O.K
Service Set Disable: p2pimsvc O.K
Service Set Disable: WPDBusEnum O.K
Registry: O.K
#####| E-O-F [C:\Program Files (x86)\Slowin Cleaner\Reports\Slowin_Cleaner_[Script][2].txt] |#####
