Mon PC fige au bout de quinze minutes [Résolu/Fermé]

Signaler
Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014
-
Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014
-
bsr.
voila j ai prèté mon pc 2 jours , et je le récupère flinguer ...
bref en clair il se fige au bout de 15/20 min ..j arrive plu a installer Google chrome il est mou .Et je peux plu jouer sur Facebook par exemple merci pour votre aide ...

25 réponses


Salut,

Pour voir :)

- Télécharge OTL sur ton bureau.

- Fais un double clic sur l'icône pour le lancer.

Vérifie que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.

- Quand la fenêtre apparaît, coche la case "Tous les utilisateurs"

- Sous Processus, Modules, Services, Pilotes, Registre: standard, Registre: approfondi coche "Tous".

- Coche également les cases "Recherche Lop" et "Recherche Purity".

- Dans la partie Personnalisation, colle ceci :


HKCU\Software
HKCU\Software\AppDataLow /s
HKLM\Software
HKCU\Software\Microsoft\Command Processor /s
HKLM\Software\Microsoft\Command Processor /s
HKLM\Software\Microsoft\Windows\CurrentVersion\RunMRU /s
HKLM\System\CurrentControlSet\Control\Session Manager\AppcertDlls /s
%Homedrive%\*
%Homedrive%\*.
%Homedrive%\Recycler\*.exe /s
%Homedrive%\Recycler\*.scr /s
%Homedrive%\Recycler\*.pif /s
%Homedrive%\Recycler\*.vb* /s
%Homedrive%\$Recycle.bin\*.exe /s
%Homedrive%\$Recycle.bin\*.scr /s
%Homedrive%\$Recycle.bin\*.pif /s
%Homedrive%\$Recycle.bin\*.vb* /s
%Userprofile%\*
%Userprofile%\*.
%Allusersprofile%\*
%Allusersprofile%\*.
%LocalAppData%\*
%LocalAppData%\*.
%Userprofile%\Local Settings\*
%Userprofile%\Local Settings\*.
%Userprofile%\Local Settings\Application Data\*
%Userprofile%\Local Settings\Application Data\*.
%Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*
%Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*.
%Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*
%Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*.
%programFiles%\*
%programFiles%\*.
%programfiles%\Google\Desktop\*.
%ProgramFiles%\Common Files\*.
%ProgramFiles(X86)%\Common Files\*.
%Systemroot%\Installer\*.
%Systemroot%\Temp\*.exe /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\system32\*.in*
%systemroot%\PSS\* /s
%systemroot%\Tasks\*
%systemroot%\Tasks\*.
%systemroot%\system32\Tasks\*
%systemroot%\system32\Tasks\*.
%systemroot%\syswow64\Tasks\*
%systemroot%\syswow64\Tasks\*.
%systemroot%\system32\drivers\*.sy* /lockedfiles
%systemroot%\system32\config\*.exe /s
%Systemroot%\ServiceProfiles\*.exe /s
%systemroot%\system32\*.sys
dir %Homedrive%\* /S /A:L /C
msconfig
activex
/md5start
explorer.exe
winlogon.exe
wininit.exe
volsnap.sys
atapi.sys
ndis.sys
cdrom.sys
i8042prt.sys
iastor.sys
tdx.sys
netbt.sys
afd.sys
/md5stop
netsvcs
safebootminimal
safebootnetwork
CREATERESTOREPOINT



- Clique sur le bouton Analyse. L'analyse ne va pas durer longtemps.

- Quand l'analyse est terminée, deux fenêtres du Bloc-notes vont s'ouvrir. >OTL.Txt et Extras.Txt. Ces fichiers sont sauvegardés au même endroit que OTL.

- Héberge les rapports OTL.Txt et Extras.Txt présent sur ton bureau sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

Aide :

- Comment utiliser Cjoint ?

- Tutoriel OTL
Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014

marque Lenovo WINDOWS 8
Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014

OTL logfile created on: 17/08/2014 22:11:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\stephanie\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\E9XQYW9Z
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16519)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,84 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 59,11% Memory free
7,34 Gb Paging File | 5,79 Gb Available in Paging File | 78,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,48 Gb Total Space | 402,95 Gb Free Space | 89,25% Space Free | Partition Type: NTFS

Computer Name: STEPH | User Name: stephanie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014/08/17 22:10:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\stephanie\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\E9XQYW9Z\OTL.exe
PRC - [2014/08/16 10:21:22 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/08/16 10:19:58 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/06/23 16:58:24 | 000,773,032 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\ToastNotifications\ToastNotifications.exe
PRC - [2014/05/13 23:13:58 | 003,681,688 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2013/07/20 12:32:48 | 000,738,032 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
PRC - [2013/07/20 12:32:48 | 000,140,016 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
PRC - [2013/04/19 11:50:12 | 000,463,352 | ---- | M] () -- C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
PRC - [2013/04/19 11:50:06 | 000,014,328 | ---- | M] () -- C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
PRC - [2013/04/18 07:32:00 | 001,696,040 | ---- | M] (Lenovo) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2013/04/15 19:15:52 | 000,594,936 | ---- | M] (Lenovo Corporation) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2013/04/11 15:00:38 | 000,937,976 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
PRC - [2013/03/25 17:56:58 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2013/02/06 07:34:54 | 001,628,664 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
PRC - [2012/09/07 01:46:50 | 002,777,296 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
PRC - [2012/08/31 04:44:14 | 004,622,184 | ---- | M] () -- C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
PRC - [2012/08/30 10:43:54 | 000,548,864 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera\VM331STI.EXE
PRC - [2012/07/17 11:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 11:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 11:10:24 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/07/17 11:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/08/16 10:20:17 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/08/16 10:20:05 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013/07/20 12:32:48 | 000,033,520 | ---- | M] () -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
MOD - [2013/04/19 11:50:06 | 000,014,328 | ---- | M] () -- C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
MOD - [2012/08/31 04:44:14 | 004,622,184 | ---- | M] () -- C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
MOD - [2012/08/31 04:44:02 | 000,900,456 | ---- | M] () -- C:\Program Files\Lenovo Fingerprint Reader\x86\DataManager.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2014/06/18 10:01:52 | 000,024,560 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2013/07/20 12:32:48 | 000,140,016 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe -- (FastbootService)
SRV - [2013/04/19 11:50:12 | 000,463,352 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe -- (LocationTaskManager)
SRV - [2013/04/18 07:32:00 | 001,696,040 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2013/03/25 17:56:58 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/11/06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/09/07 01:47:08 | 001,148,664 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2012/08/26 17:52:30 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/17 11:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 11:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 11:10:24 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/07/17 11:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.msn.com/fr-fr/?pc=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=AVASDF&PC=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=AV01
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=AVASDF&PC=AV01
IE - HKLM\..\SearchScopes\{D45F967B-5391-4E5B-9322-451FC9FD9039}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57972;https=127.0.0.1:57972

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57972;https=127.0.0.1:57972

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-569921305-2512820466-4064363804-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = https://www.lenovo.com/fr/fr/ [binary data]
IE - HKU\S-1-5-21-569921305-2512820466-4064363804-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.msn.com/fr-fr/?pc=AV01
IE - HKU\S-1-5-21-569921305-2512820466-4064363804-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=AVASDF&PC=AV01
IE - HKU\S-1-5-21-569921305-2512820466-4064363804-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-569921305-2512820466-4064363804-1001\..\SearchScopes,DefaultScope = {5F407C68-E55C-4D06-AB13-F236181F4E56}
IE - HKU\S-1-5-21-569921305-2512820466-4064363804-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-569921305-2512820466-4064363804-1001\..\SearchScopes\{5F407C68-E55C-4D06-AB13-F236181F4E56}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
IE - HKU\S-1-5-21-569921305-2512820466-4064363804-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@authentec.com/ffwloplugin: C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUpx64: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/08/16 10:20:56 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
CHR - Extension: Google Wallet = C:\Users\stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/07/26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2 - BHO: (no name) - {11111111-1111-1111-1111-110611171187} - No CLSID value found.
O2 - BHO: (TrueSuite Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {B4C9E90C-1CAD-63D8-03A0-B3992A3F73F8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE (Vimicro)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe (Lenovo)
O4 - HKLM..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe (Intel Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07FED29B-D686-4EE7-AD65-4FCC9C8245CA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF8CB26A-F16C-485B-BCA2-C7172BF7F9D7}: DhcpNameServer = 172.168.127.2
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3A8403F3-90B5-35DC-8926-EB9B907209F9} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014/08/17 21:20:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/08/17 20:52:31 | 000,000,000 | ---D | C] -- C:\b60022ddeb55daf1c57a1affe77051
[2014/08/17 20:52:31 | 000,000,000 | ---D | C] -- \b60022ddeb55daf1c57a1affe77051
[2014/08/17 20:28:07 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Tvsukernel
[2014/08/17 19:49:37 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/08/17 19:48:08 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/17 19:48:08 | 000,000,000 | ---D | C] -- \AdwCleaner
[2014/08/17 18:43:19 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Apps
[2014/08/17 18:43:18 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Deployment
[2014/08/17 18:37:43 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\CrashDumps
[2014/08/16 19:36:35 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\LSC
[2014/08/16 19:35:12 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Adobe
[2014/08/16 19:34:45 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Roaming\LSC
[2014/08/16 12:20:49 | 000,692,568 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/08/16 12:20:49 | 000,078,168 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/08/16 10:49:05 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2014/08/16 10:42:18 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Roaming\Spyware Terminator
[2014/08/16 10:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2014/08/16 10:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2014/08/16 10:42:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2014/08/16 10:37:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/08/16 10:37:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/08/16 10:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/08/16 10:36:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2014/08/16 10:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/08/16 10:20:22 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/08/16 10:18:51 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Roaming\ap_logs
[2014/08/16 10:14:30 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Roaming\AVAST Software
[2014/08/16 10:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/08/16 10:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/08/16 10:01:27 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Programs
[2014/08/16 10:01:16 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Google
[2014/08/16 10:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/08/16 09:53:18 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/08/16 09:49:12 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Roaming\Nitro PDF
[2014/08/15 21:17:35 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2014/08/15 21:17:23 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/08/15 21:17:18 | 008,857,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/08/15 21:17:16 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/08/15 21:17:16 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll
[2014/08/15 21:17:04 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2014/08/15 21:16:51 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll
[2014/08/15 21:16:51 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll
[2014/08/15 21:16:44 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2014/08/15 21:16:43 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2014/08/15 21:16:40 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014/08/15 03:39:33 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrobj.dll
[2014/08/15 03:39:33 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014/08/15 03:39:33 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cscript.exe
[2014/08/15 03:38:31 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2014/08/15 03:38:29 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\objsel.dll
[2014/08/15 03:38:27 | 000,961,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2014/08/15 03:38:26 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dimsroam.dll
[2014/08/14 21:45:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/08/14 21:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel(R) Update Manager
[2014/08/14 20:59:05 | 000,000,000 | ---D | C] -- C:\Windows.old
[2014/08/14 20:59:05 | 000,000,000 | ---D | C] -- \Windows.old
[2014/08/14 20:42:23 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
[2014/08/14 20:42:23 | 000,000,000 | ---D | C] -- \$WINDOWS.~BT
[2014/08/14 20:41:36 | 000,000,000 | -H-D | C] -- C:\$SysReset
[2014/08/14 20:41:36 | 000,000,000 | -H-D | C] -- \$SysReset
[2014/08/14 20:22:47 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Diagnostics
[2014/08/14 20:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Solutions for Small Business
[2014/08/14 20:10:15 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Broadcom
[2014/08/14 20:10:14 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Roaming\Lenovo
[2014/08/14 20:09:25 | 000,000,000 | R--D | C] -- C:\Users\stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/08/14 20:09:25 | 000,000,000 | R--D | C] -- C:\Users\stephanie\Searches
[2014/08/14 20:09:25 | 000,000,000 | R--D | C] -- C:\Users\stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/08/14 20:09:24 | 000,000,000 | -H-D | C] -- C:\Users\stephanie\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/08/14 20:08:19 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Roaming\Adobe
[2014/08/14 20:07:37 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Roaming\Synaptics
[2014/08/14 20:06:17 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Absolute_Software
[2014/08/14 20:06:03 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\AuthenTec
[2014/08/14 20:05:19 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\VirtualStore
[2014/08/14 20:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Vault
[2014/08/14 20:05:09 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Packages
[2014/08/14 20:02:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2014/08/14 20:02:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2014/08/14 20:02:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Voisinage réseau
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Voisinage d'impression
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\AppData\Local\Temporary Internet Files
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\SendTo
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Recent
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Modèles
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Documents\Mes vidéos
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Documents\Mes images
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Mes documents
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Menu Démarrer
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Documents\Ma musique
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Local Settings
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\AppData\Local\Historique
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Cookies
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\Application Data
[2014/08/14 20:01:15 | 000,000,000 | -HSD | C] -- C:\Users\stephanie\AppData\Local\Application Data
[2014/08/14 20:01:14 | 000,000,000 | --SD | C] -- C:\Users\stephanie\AppData\Roaming\Microsoft
[2014/08/14 20:01:14 | 000,000,000 | R--D | C] -- C:\Users\stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/08/14 20:01:14 | 000,000,000 | R--D | C] -- C:\Users\stephanie\Favorites
[2014/08/14 20:01:14 | 000,000,000 | R--D | C] -- C:\Users\stephanie\Documents
[2014/08/14 20:01:14 | 000,000,000 | R--D | C] -- C:\Users\stephanie\Desktop
[2014/08/14 20:01:14 | 000,000,000 | R--D | C] -- C:\Users\stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/08/14 20:01:14 | 000,000,000 | R--D | C] -- C:\Users\stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/08/14 20:01:14 | 000,000,000 | -H-D | C] -- C:\Users\stephanie\AppData
[2014/08/14 20:01:14 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Temp
[2014/08/14 20:01:14 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Local\Microsoft
[2014/08/14 20:01:14 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/08/14 20:01:14 | 000,000,000 | ---D | C] -- C:\Users\stephanie\AppData\Roaming\Macromedia
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Users\stephanie\AppData\Local\*.tmp files -> C:\Users\stephanie\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014/08/17 22:11:08 | 000,000,193 | ---- | M] () -- C:\Users\stephanie\AppData\Local\RegisteredPackageInformation.xml
[2014/08/17 22:10:22 | 629,145,600 | -HS- | M] () -- C:\WINDOWS\lenovo_fastboot.img
[2014/08/17 22:09:55 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/08/17 22:07:46 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/08/17 22:07:44 | 3300,261,888 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/17 20:52:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\wusa.lock
[2014/08/17 20:44:32 | 000,002,895 | ---- | M] () -- C:\Users\stephanie\AppData\Roaming\AbsoluteReminder.xml
[2014/08/17 20:12:57 | 000,076,976 | ---- | M] () -- C:\Users\stephanie\AppData\Roaming\LoJackSetup.exe
[2014/08/17 19:50:34 | 000,000,976 | ---- | M] () -- C:\Users\stephanie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/08/16 19:42:23 | 000,001,962 | ---- | M] () -- C:\Users\Public\Desktop\Lenovo Solution Center.lnk
[2014/08/16 10:42:15 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2014/08/16 10:36:59 | 000,000,793 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/08/16 10:21:26 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/08/16 10:20:23 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/08/16 10:01:33 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/08/14 20:02:19 | 000,017,148 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/08/14 20:02:18 | 000,017,148 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Users\stephanie\AppData\Local\*.tmp files -> C:\Users\stephanie\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/08/17 20:52:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\wusa.lock
[2014/08/17 20:21:14 | 000,002,092 | ---- | C] () -- C:\Users\stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
[2014/08/17 20:12:56 | 000,076,976 | ---- | C] () -- C:\Users\stephanie\AppData\Roaming\LoJackSetup.exe
[2014/08/16 19:42:23 | 000,001,962 | ---- | C] () -- C:\Users\Public\Desktop\Lenovo Solution Center.lnk
[2014/08/16 10:42:15 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2014/08/16 10:36:59 | 000,000,793 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/08/16 10:14:03 | 000,001,977 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/08/16 10:01:33 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/08/14 20:19:19 | 000,000,976 | ---- | C] () -- C:\Users\stephanie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/08/14 20:08:19 | 000,000,982 | ---- | C] () -- C:\Users\stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/08/14 20:06:16 | 000,000,193 | ---- | C] () -- C:\Users\stephanie\AppData\Local\RegisteredPackageInformation.xml
[2014/08/14 20:06:09 | 000,002,895 | ---- | C] () -- C:\Users\stephanie\AppData\Roaming\AbsoluteReminder.xml
[2014/08/14 20:01:14 | 000,001,599 | ---- | C] () -- C:\Users\stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LenovoToast.lnk
[2014/08/14 20:01:14 | 000,000,352 | ---- | C] () -- C:\Users\stephanie\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/08/14 20:01:14 | 000,000,334 | ---- | C] () -- C:\Users\stephanie\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/08/14 20:01:05 | 000,017,148 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/08/14 20:01:05 | 000,017,148 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013/07/20 12:19:02 | 000,598,780 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2013/07/20 12:18:57 | 000,755,048 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
[2013/07/20 12:18:57 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/07/20 12:18:49 | 000,001,676 | ---- | C] () -- C:\WINDOWS\vm331Rmv.ini
[2013/07/20 12:18:49 | 000,001,676 | ---- | C] () -- C:\WINDOWS\SysWow64\vm331Rmv.ini
[2013/07/20 12:03:56 | 3300,261,888 | -HS- | C] () -- \hiberfil.sys
[2013/07/20 11:59:23 | 268,435,456 | -HS- | C] () -- \swapfile.sys
[2013/03/26 00:01:42 | 000,008,192 | RHS- | C] () -- \BOOTSECT.BAK
[2013/03/25 23:10:34 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012/07/26 10:18:43 | 000,398,156 | RHS- | C] () -- \bootmgr
[2012/07/26 10:18:43 | 000,000,001 | -HS- | C] () -- \BOOTNXT

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2013/07/20 12:35:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2013/07/20 12:30:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\LSC
[2013/07/20 12:36:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nitro PDF
[2013/07/20 12:21:26 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Synaptics
[2014/08/16 10:18:51 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Roaming\ap_logs
[2014/08/16 10:14:30 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Roaming\AVAST Software
[2014/08/14 20:10:14 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Roaming\Lenovo
[2014/08/17 20:13:42 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Roaming\LSC
[2014/08/17 22:11:19 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Roaming\Nitro PDF
[2014/08/16 10:42:18 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Roaming\Spyware Terminator
[2014/08/14 20:07:37 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Roaming\Synaptics

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< >[/color]
[2012/07/26 09:22:10 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#A23BEC]< HKCU\Software >[/color]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\AuthenTec]

[HKEY_CURRENT_USER\Software\AVAST Software]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\InstallCore]

[HKEY_CURRENT_USER\Software\Intel]

[HKEY_CURRENT_USER\Software\JavaSoft]

[HKEY_CURRENT_USER\Software\Lenovo]

[HKEY_CURRENT_USER\Software\Licenses]

[HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\Mine]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\NITRO]

[HKEY_CURRENT_USER\Software\Norton]

[HKEY_CURRENT_USER\Software\Piriform]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\Realtek]

[HKEY_CURRENT_USER\Software\RegisteredApplications]

[HKEY_CURRENT_USER\Software\Spyware Terminator]

[HKEY_CURRENT_USER\Software\Synaptics]

[HKEY_CURRENT_USER\Software\Widcomm]

[HKEY_CURRENT_USER\Software\Wow6432Node]

[HKEY_CURRENT_USER\Software\Classes]

[color=#A23BEC]< HKCU\Software\AppDataLow /s >[/color]
[HKEY_CURRENT_USER\Software\AppDataLow\Software]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\JavaSoft]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\JavaSoft\DeploymentProperties]
"deployment.modified.timestamp" = 1405792979919
"deployment.version" = 8
"deployment.browser.path" = C:\WINDOWS\system32\OpenWith.exe -- [2012/07/26 05:50:01 | 000,088,200 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\RepService]
"i" = AC21382A-FAD0-4067-AC75-C581EF17EC7C [binary data]
"B" = 50.000000 [binary data]
"A" = .cpl,.exe,.dll,.ocx,.sys,.scr,.drv [Binary data over 200 bytes]
"E" = 1 [binary data]
"BB" = 1.000000 [binary data]
"AA" = .cpl,.exe,.dll,.ocx,.sys,.scr,.drv [Binary data over 200 bytes]
"MM" = 0.050000 [binary data]

[color=#A23BEC]< HKLM\Software >[/color]

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\AdwCleaner]

[HKEY_LOCAL_MACHINE\Software\AuthenTec]

[HKEY_LOCAL_MACHINE\Software\AVAST Software]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\IBM]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\istartsurfSoftware]

[HKEY_LOCAL_MACHINE\Software\JavaSoft]

[HKEY_LOCAL_MACHINE\Software\JreMetrics]

[HKEY_LOCAL_MACHINE\Software\Khronos]

[HKEY_LOCAL_MACHINE\Software\Lenovo]

[HKEY_LOCAL_MACHINE\Software\LFL]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\Nitro]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\Realtek]

[HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.]

[HKEY_LOCAL_MACHINE\Software\Sharpcast]

[HKEY_LOCAL_MACHINE\Software\Symantec]

[HKEY_LOCAL_MACHINE\Software\Vimicro]

[HKEY_LOCAL_MACHINE\Software\ZSMC]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[color=#A23BEC]< HKCU\Software\Microsoft\Command Processor /s >[/color]
"PathCompletionChar" = 9
"EnableExtensions" = 1
"CompletionChar" = 9
"DefaultColor" = 0

[color=#A23BEC]< HKLM\Software\Microsoft\Command Processor /s >[/color]
"PathCompletionChar" = 64
"EnableExtensions" = 1
"CompletionChar" = 64
"DefaultColor" = 0

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\RunMRU /s >[/color]

[color=#A23BEC]< HKLM\System\CurrentControlSet\Control\Session Manager\AppcertDlls /s >[/color]

[color=#A23BEC]< %Homedrive%\* >[/color]
[2012/07/26 05:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
[2012/06/02 16:30:55 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2013/03/26 00:01:42 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014/08/17 22:07:44 | 3300,261,888 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/17 22:07:44 | 3758,096,384 | -HS- | M] () -- C:\pagefile.sys
[2013/07/20 12:15:05 | 000,002,381 | ---- | M] () -- C:\RHDSetup.log
[2014/08/17 22:07:46 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[color=#A23BEC]< %Homedrive%\*. >[/color]
[2014/08/16 09:50:21 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2014/08/15 03:00:29 | 000,000,000 | -H-D | M] -- C:\$SysReset
[2014/08/14 20:42:24 | 000,000,000 | ---D | M] -- C:\$WINDOWS.~BT
[2014/08/17 19:50:46 | 000,000,000 | ---D | M] -- C:\AdwCleaner
[2013/11/04 21:13:12 | 000,000,000 | ---D | M] -- C:\AuthLog
[2014/08/17 20:52:31 | 000,000,000 | ---D | M] -- C:\b60022ddeb55daf1c57a1affe77051
[2013/03/25 23:21:03 | 000,000,000 | -HSD | M] -- C:\Boot
[2012/07/26 09:22:08 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2014/03/15 12:25:12 | 000,000,000 | ---D | M] -- C:\DRIVERS
[2013/07/20 12:11:05 | 000,000,000 | ---D | M] -- C:\Intel
[2013/07/20 05:39:23 | 000,000,000 | ---D | M] -- C:\mfg
[2012/07/26 09:33:46 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2014/08/16 10:36:52 | 000,000,000 | ---D | M] -- C:\Program Files
[2014/08/17 20:18:40 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2014/08/17 19:50:17 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013/12/01 19:07:15 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013/11/11 22:13:32 | 000,000,000 | ---D | M] -- C:\sources
[2014/08/17 21:54:28 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2014/08/14 20:01:14 | 000,000,000 | R--D | M] -- C:\Users
[2013/07/20 12:29:22 | 000,000,000 | ---D | M] -- C:\WBF 3.4
[2014/08/17 21:20:25 | 000,000,000 | ---D | M] -- C:\Windows
[2014/08/15 03:28:44 | 000,000,000 | ---D | M] -- C:\Windows.old

[color=#A23BEC]< %Homedrive%\Recycler\*.exe /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.scr /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.pif /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.vb* /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.exe /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.scr /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.pif /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.vb* /s >[/color]

[color=#A23BEC]< %Userprofile%\* >[/color]
[2014/08/17 20:06:06 | 002,621,440 | -HS- | M] () -- C:\Users\stephanie\NTUSER.DAT
[2014/08/14 20:01:15 | 000,208,896 | -HS- | M] () -- C:\Users\stephanie\ntuser.dat.LOG1
[2014/08/14 20:01:15 | 000,000,000 | -HS- | M] () -- C:\Users\stephanie\ntuser.dat.LOG2
[2014/08/14 20:01:16 | 000,065,536 | -HS- | M] () -- C:\Users\stephanie\NTUSER.DAT{97e1de87-d6fa-11e1-be62-94c0340a1222}.TM.blf
[2014/08/14 20:01:16 | 000,524,288 | -HS- | M] () -- C:\Users\stephanie\NTUSER.DAT{97e1de87-d6fa-11e1-be62-94c0340a1222}.TMContainer00000000000000000001.regtrans-ms
[2014/08/14 20:01:16 | 000,524,288 | -HS- | M] () -- C:\Users\stephanie\NTUSER.DAT{97e1de87-d6fa-11e1-be62-94c0340a1222}.TMContainer00000000000000000002.regtrans-ms
[2014/08/14 20:05:00 | 000,000,020 | -HS- | M] () -- C:\Users\stephanie\ntuser.ini

[color=#A23BEC]< %Userprofile%\*. >[/color]
[2014/08/14 20:02:19 | 000,000,000 | -H-D | M] -- C:\Users\stephanie\AppData
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\Application Data
[2014/08/17 20:08:42 | 000,000,000 | R--D | M] -- C:\Users\stephanie\Contacts
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\Cookies
[2014/08/17 22:10:45 | 000,000,000 | R--D | M] -- C:\Users\stephanie\Desktop
[2014/08/17 20:08:43 | 000,000,000 | R--D | M] -- C:\Users\stephanie\Documents
[2014/08/17 22:10:45 | 000,000,000 | R--D | M] -- C:\Users\stephanie\Downloads
[2014/08/17 20:08:42 | 000,000,000 | R--D | M] -- C:\Users\stephanie\Favorites
[2014/08/17 20:08:43 | 000,000,000 | R--D | M] -- C:\Users\stephanie\Links
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\Local Settings
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\Menu Démarrer
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\Mes documents
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\Modèles
[2014/08/17 20:08:42 | 000,000,000 | R--D | M] -- C:\Users\stephanie\Music
[2014/08/17 20:08:42 | 000,000,000 | R--D | M] -- C:\Users\stephanie\Pictures
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\Recent
[2014/08/17 20:08:43 | 000,000,000 | R--D | M] -- C:\Users\stephanie\Saved Games
[2014/08/17 20:08:43 | 000,000,000 | R--D | M] -- C:\Users\stephanie\Searches
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\SendTo
[2014/08/13 09:58:37 | 000,000,000 | R--D | M] -- C:\Users\stephanie\SkyDrive
[2014/02/20 19:53:08 | 000,000,000 | R--D | M] -- C:\Users\stephanie\SkyDrive.old
[2014/08/17 20:08:42 | 000,000,000 | R--D | M] -- C:\Users\stephanie\Videos
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\Voisinage d'impression
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\Voisinage réseau

[color=#A23BEC]< %Allusersprofile%\* >[/color]
[2014/08/16 10:01:33 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol

[color=#A23BEC]< %Allusersprofile%\*. >[/color]
[2013/07/20 12:30:33 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2013/07/20 12:11:22 | 000,000,000 | ---D | M] -- C:\ProgramData\AmUStor
[2012/07/26 09:22:08 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2014/08/16 10:10:59 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2014/08/14 20:02:35 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2012/07/26 09:22:08 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2012/07/26 09:22:08 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2013/07/20 12:33:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel
[2014/08/14 21:44:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel(R) Update Manager
[2014/08/17 20:22:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Lenovo
[2014/08/14 20:02:35 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2014/08/16 11:11:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft
[2014/08/14 20:02:35 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2013/07/20 12:34:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Nitro
[2013/07/20 12:34:59 | 000,000,000 | ---D | M] -- C:\ProgramData\NoiseSuppressionTips
[2014/08/16 10:27:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Norton
[2013/07/20 12:35:23 | 000,000,000 | ---D | M] -- C:\ProgramData\NortonInstaller
[2013/03/25 23:03:49 | 000,000,000 | ---D | M] -- C:\ProgramData\PRICache
[2013/03/26 15:17:17 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/08/16 13:06:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Spyware Terminator
[2012/07/26 09:22:08 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2014/08/16 10:36:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2012/07/26 09:22:08 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2014/08/17 19:54:25 | 000,083,692 | -H-- | M] () -- C:\Users\stephanie\AppData\Local\IconCache.db
[2014/08/17 22:11:08 | 000,000,193 | ---- | M] () -- C:\Users\stephanie\AppData\Local\RegisteredPackageInformation.xml
[1 C:\Users\stephanie\AppData\Local\*.tmp files -> C:\Users\stephanie\AppData\Local\*.tmp -> ]

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2014/08/14 20:06:17 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Absolute_Software
[2014/08/16 19:35:12 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Adobe
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\AppData\Local\Application Data
[2014/08/17 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Apps
[2014/08/16 10:30:04 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\AuthenTec
[2014/08/14 20:10:15 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Broadcom
[2014/08/17 20:43:00 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\CrashDumps
[2014/08/17 20:12:22 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Deployment
[2014/08/14 20:22:47 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Diagnostics
[2014/08/16 10:02:46 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Google
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\AppData\Local\Historique
[2014/08/16 19:42:29 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\LSC
[2014/08/17 19:46:30 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Microsoft
[2014/08/14 20:17:20 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Packages
[2014/08/16 10:01:27 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Programs
[2014/08/17 22:10:41 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Temp
[2014/08/14 20:01:15 | 000,000,000 | -HSD | M] -- C:\Users\stephanie\AppData\Local\Temporary Internet Files
[2014/08/17 20:28:07 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Tvsukernel
[2014/08/14 20:05:19 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\VirtualStore

[color=#A23BEC]< %Userprofile%\Local Settings\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\*. >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\*. >[/color]

[color=#A23BEC]< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*. >[/color]
[2014/08/17 20:43:16 | 000,000,000 | ---D | M] -- C:\Users\stephanie\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\3YP73S36

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*. >[/color]
[2014/08/17 20:43:16 | 000,000,000 | ---D | M] -- C:\Users\stephanie\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\3YP73S36

[color=#A23BEC]< %programFiles%\* >[/color]
[2012/07/26 10:11:35 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#A23BEC]< %programFiles%\*. >[/color]
[2013/07/20 12:35:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Absolute Software
[2013/07/20 12:30:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2013/07/20 12:11:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AmIcoSingLun
[2014/08/16 10:37:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2014/08/17 20:26:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2014/08/17 18:43:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GUM40B8.tmp
[2013/07/20 12:36:21 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/08/14 21:44:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2014/08/16 12:16:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2014/08/17 20:20:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lenovo
[2013/07/20 12:37:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/07/26 10:12:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2013/03/25 23:07:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2013/07/20 12:34:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nitro
[2013/07/20 12:16:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2013/03/25 23:07:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2014/08/16 13:04:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spyware Terminator
[2013/07/20 12:32:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SugarSync
[2013/07/20 12:37:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SymSilent
[2013/07/20 12:15:05 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2013/07/20 12:36:21 | 000,000,000 | ---D | M
Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014

voila ce que tu voulais je pense

Re,

- Héberge les rapports OTL.Txt et Extras.Txt présent sur ton bureau sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

Aide :

- Comment utiliser Cjoint ?

- Tutoriel OTL

++


Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014

Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014

Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014

bonsoir....
Re,

Désinstalle Spyware Terminator sert à rien.

Peux tu poster via cjoint les rapports d'AdwCleaner ?

- Lance OTL Clique sur l'icône présent sur ton bureau

Note: Sous Vista, Seven, 8 clique droit ""Exécuter en tant qu'Administrateur"

- Important :Copie-colle correctement le script contenu dans le lien ci-dessous dans la fenêtre personnalisation :


:OTL
@Alternate Data Stream - 220 bytes -> C:\Users\stephanie\SkyDrive:ms-properties
@Alternate Data Stream - 183 bytes -> C:\Users\stephanie\SkyDrive.old:ms-properties

:Reg
[-HKEY_CURRENT_USER\Software\Norton]
[-HKEY_LOCAL_MACHINE\Software\Symantec]

:Files
C:\ProgramData\Norton
C:\ProgramData\NortonInstaller
C:\Program Files (x86)\Common Files\Symantec Shared

:commands
[PURITY]
[EMPTYFLASH]
[EMPTYTEMP]


- Clique ensuite sur Correction laisse l'outil travailler.

un fichier "LOG" doit s'ouvrir avec le bloc-notes.

Autrement Il est sauvegardé dans le dossier C:\_OTL\Moved Files\

- Héberge le rapport xxxx2014_xxxxxx.log présent sur ton bureau au redémarrage de ton PC sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

Aide :

- Comment utiliser Cjoint ?

- Tutoriel OTL Options "Script"

Ce ne sont pas les mauvaises herbes qui étouffent le bon grain, c'est la négligence du cultivateur.
Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014

# AdwCleaner v3.306 - Rapport créé le 18/08/2014 à 23:25:19
# Mis à jour le 15/08/2014 par Xplode
# Système d'exploitation : Windows 8 (64 bits)
# Nom d'utilisateur : stephanie - STEPH
# Exécuté depuis : C:\Users\stephanie\Downloads\AdwCleaner-3.306.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****


***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKCU\Software\InstallCore

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16519


-\\ Google Chrome v

[ Fichier : C:\Users\stephanie\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [15687 octets] - [17/08/2014 19:48:10]
AdwCleaner[R1].txt - [1027 octets] - [18/08/2014 23:18:56]
AdwCleaner[S0].txt - [14339 octets] - [17/08/2014 19:50:14]
AdwCleaner[S1].txt - [903 octets] - [18/08/2014 23:25:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [962 octets] ##########
Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014


Re,

- Télécharge Malwarebytes Anti-malware en cliquant sur "Version gratuite à télécharger".

- Enregistre-le sur ton bureau.

- Double-clique sur le fichier téléchargé pour lancer le processus d'installation (Si le pare-feu demande l'autorisation de se connecter pour Malwarebytes, accepte)

- Une fois le logiciel installé et lancé,

Lance "malwarebytes"

- Va dans l'onglet "Setting", puis choisis ta langue "Français" puis dans le menu de gauche clique sur "Détection et protection", dans la partie "Options de détections" coche la case "Recherche de Rootkits"

- Puis va dans l'onglet "Examen".

- Sélectionne "Examen Menaces" puis clique sur "Examinez maintenant".

- Si une mise à jour est signalée clique sur Mettre à jour maintenant puis patiente durant l'examen

- Une fois l'examen terminé, veille à ce que l'action Quarantaine soit sélectionnée pour tous les éléments détectés.

- Clique sur "Appliquer les actions". S'il est demandé de redémarrer le PC, fais-le.

- Dans l'onglet Examen, clique sur Exporter le journal => Fichier texte (txt). Sinon, va dans l'onglet Historique puis Journaux de l'application.

- Héberge le rapport sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

Aide :

- Comment utiliser Cjoint ?

- Tutoriel Malwarebyte
Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014


Re,

Ok,

Réinitialise tes navigateurs
____________________________________________________________

- Télécharge ZHPDiag sur ton bureau

- Laisse-toi guider lors de l'installation.

- Ouvre ZHPDiag (icône parchemin)

- Clique sur Complet.

Note: Pour les utilisateurs de Vista/Seven/8, cliquer droit sur l'icône et "Exécuter en tant qu'administrateur",

- Héberge le rapport ZHPDiag.txt présent sur ton bureau sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

- Aide : Comment utiliser Cjoint ?

Tutoriel ZHPDiag

++
Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014


Re,

- Copie les lignes qui sont ci-dessous en gras:


Script ZHPFix
ShortcutFix
[MD5.00000000000000000000000000000000] [APT] [{AD5316F3-AF1F-4B80-86AE-95DA289BB70F}] (...) -- C:\Users\stephanie\AppData\Roaming\istartsurf\UninstallManager.exe (.not file.) [0]
O45 - LFCP:[MD5.735CDD8F9EC3B607E37622F4E2671ED6] - 17/08/2014 - 18:29:40 ---A- - C:\Windows\Prefetch\UPFST_FR_348.EXE-70EADA47.pf
O45 - LFCP:[MD5.9BAD3C94008E5C09F68AE74BE330FB35] - 16/08/2014 - 09:01:35 ---A- - C:\Windows\Prefetch\VOPACKAGE.EXE-436B6B96.pf
O45 - LFCP:[MD5.5FFF97D6A3CCCA721ED087E79B91C53A] - 16/08/2014 - 09:15:45 ---A- - C:\Windows\Prefetch\WAJAM_DOWNLOAD_V2.EXE-54923BF3.pf
O45 - LFCP:[MD5.00B2F5FA4CDD9934F2A9A7911E4009BB] - 17/08/2014 - 17:23:47 ---A- - C:\Windows\Prefetch\XML_PACKAGE_GROOVORIO_INSTALL-70819872.pf
[MD5.224F6B374852153C8C24BED141AE3A20] - (...) -- ysWOW64\RunDll32.exe [0] [PID.4172]
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (.not file.)
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (.not file.)
O43 - CFD: 18/08/2014 - 23:51:54 - [0] ----D C:\Program Files (x86)\Spyware Terminator
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
EmptyPrefetch
EmptyFlash
FirewallRAZ
EmptyTemp


- Ouvre ZHPfix, (icône seringue)

Note: Pour les utilisateurs de Vista/Seven/8, cliquer droit sur l'icône et "Exécuter en tant qu'administrateur",

- Clique sur Importer, puis colle les lignes dans la partie prévue pour,

- Clique sur Go.

- Clique sur Oui pour confirmer le nettoyage des données et celui de la corbeille.

- Héberge le rapport ZHPFix.txt présent sur ton bureau sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

Aide : Comment utiliser Cjoint ?


P.S. Si le bureau disparaît, fais Ctrl + Alt + Suppr afin d'ouvrir le gestionnaire des tâches puis dans Applications, clique sur Nouvelle tâche puis tape explorer.exe. Le bureau devrait normalement réapparaître.

/!\ Attention, ta corbeille va être vidée. Vérifie qu'il n'y ait aucun fichier supprimé par mégarde à l'intérieur. /!\
Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014


Re,

Comment va le PC ?
Messages postés
17
Date d'inscription
dimanche 17 août 2014
Statut
Membre
Dernière intervention
19 août 2014

Il va beaucoup merci pour ton aide....

Re,

Pour finir, nettoyage du fichier TEMP et suppression des outils de désinfection.

Désactive le temps de son téléchargement et utilisation ton antivirus

- Télécharge SFTGC (de Pierre13) sur ton Bureau

- Lance SFTGC, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista

- Clique sur GO

Note : A la fin un rapport va s'ouvrir

- Une fois le scan terminé rends toi sur le bureau, le fichierSFTGC.txt à été créé.

- Héberge le rapport SFTGC.txt présent sur ton bureau sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

Aide : Comment utiliser Cjoint ?
____________________________________________________________
- Télécharge DelFix sur ton bureau.

- Lance le,

Note: Pour les utilisateurs de Vista/Seven/8, cliquer droit sur l'icône et "Exécuter en tant qu'administrateur",

- Coche toutes les cases.

- Patiente pendant le scan jusqu'à l'ouverture du rapport.

- Héberge le rapport DelFix.txt présent sur ton bureau sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

Aide : Comment utiliser Cjoint ?

Note : Le rapport se trouve également sous C:\DelFix.txt

+