carry retera
-
Items
8 -
Registratiedatum
-
Laatst bezocht
carry retera's prestaties
-
Ik heb dus een nieuwe laptopdie de eerste avond prima werkte. Gisterenochtend moest ie op nieuw opstarten en nu vraagt de computer een code confidentiel of een paswoord voor microsoft account. Wat ik ook ingeef hij herkent het niet en kom ik dus niet in de computer. Kan iemand mij helpen?
-
Bedankt voor alle moeite! Het werkt weer als een speer!
-
# AdwCleaner v3.023 - Rapport créé le 09/04/2014 à 11:02:37 # Mis à jour le 01/04/2014 par Xplode # Système d'exploitation : Windows Vista Home Premium Service Pack 2 (64 bits) # Nom d'utilisateur : Carry - PC-DE-CARRY # Exécuté depuis : C:\Users\Carry\Downloads\adwcleaner.exe # Option : Nettoyer ***** [ Services ] ***** ***** [ Fichiers / Dossiers ] ***** [!] Dossier Supprimé : C:\ProgramData\~0 [!] Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeze.com [!] Dossier Supprimé : C:\Program Files\Accelerer PC [!] Dossier Supprimé : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender [!] Dossier Supprimé : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com [!] Dossier Supprimé : C:\Users\Carry\Documents\iMesh [!] Dossier Supprimé : C:\Program Files (x86)\Software Fichier Supprimé : C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\user.js ***** [ Raccourcis ] ***** Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ***** [ Registre ] ***** Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\iMesh.exe Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1 Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1 Clé Supprimée : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery Clé Supprimée : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1 Clé Supprimée : HKLM\SOFTWARE\Classes\FTDownloader Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.AudioCD Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.Device Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.file Clé Supprimée : HKLM\SOFTWARE\Classes\imweb.imwebcontrol Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Clé Supprimée : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2 Clé Supprimée : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap Clé Supprimée : HKLM\SOFTWARE\Classes\speedupmypc Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc Clé Supprimée : HKCU\Software\853db8cb33ae440 Clé Supprimée : HKLM\SOFTWARE\853db8cb33ae440 Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1 Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009 Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2102473 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2542115 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{01AD9322-02FF-4F4F-AC52-92FDA5AE65F0} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BD3DAC32-3648-466D-97BC-5828038C5DE7} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BD3DAC32-3648-466D-97BC-5828038C5DE7} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31} Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1C491116-C175-45E1-A570-6FB14FEA8B7B}] Clé Supprimée : HKCU\Software\1ClickDownload Clé Supprimée : HKCU\Software\BabSolution Clé Supprimée : HKCU\Software\Babylon Clé Supprimée : HKCU\Software\Conduit [#] Clé Supprimée : HKCU\Software\DataMngr_Toolbar Clé Supprimée : HKCU\Software\Default Tab Clé Supprimée : HKCU\Software\DefaultTab Clé Supprimée : HKCU\Software\Funmoods Clé Supprimée : HKCU\Software\ilivid Clé Supprimée : HKCU\Software\Imesh Clé Supprimée : HKCU\Software\iMeshMediabarTb Clé Supprimée : HKCU\Software\InstallCore Clé Supprimée : HKCU\Software\lollipop Clé Supprimée : HKCU\Software\Nosibay Clé Supprimée : HKCU\Software\Offerbox Clé Supprimée : HKCU\Software\Search Settings Clé Supprimée : HKCU\Software\Softonic Clé Supprimée : HKCU\Software\Somoto Toolbar Clé Supprimée : HKCU\Software\Webplayer Clé Supprimée : HKCU\Software\YahooPartnerToolbar Clé Supprimée : HKCU\Software\AppDataLow\Toolbar Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit Clé Supprimée : HKCU\Software\AppDataLow\Software\DefaultTab Clé Supprimée : HKCU\Software\AppDataLow\Software\DynConIE Clé Supprimée : HKCU\Software\AppDataLow\Software\iMeshMediabarTb Clé Supprimée : HKCU\Software\AppDataLow\Software\pdfforge Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar Clé Supprimée : HKCU\Software\AppDataLow\Software\PHPNukeFR Clé Supprimée : HKLM\Software\Bench Clé Supprimée : HKLM\Software\Boxore Clé Supprimée : HKLM\Software\Conduit Clé Supprimée : HKLM\Software\DataMngr Clé Supprimée : HKLM\Software\Default Tab Clé Supprimée : HKLM\Software\DefaultTab Clé Supprimée : HKLM\Software\Desksvc Clé Supprimée : HKLM\Software\Freeze.com Clé Supprimée : HKLM\Software\hdcode Clé Supprimée : HKLM\Software\iLividSRTB Clé Supprimée : HKLM\Software\Imesh Clé Supprimée : HKLM\Software\Iminent Clé Supprimée : HKLM\Software\InstallCore Clé Supprimée : HKLM\Software\installedbrowserextensions Clé Supprimée : HKLM\Software\Instant Savings App Clé Supprimée : HKLM\Software\Minibar Clé Supprimée : HKLM\Software\nationzoomSoftware Clé Supprimée : HKLM\Software\Offerbox Clé Supprimée : HKLM\Software\pdfforge Clé Supprimée : HKLM\Software\Search Settings Clé Supprimée : HKLM\Software\Uniblue Clé Supprimée : HKLM\Software\V9 Clé Supprimée : HKLM\Software\winzipersvc Clé Supprimée : HKLM\Software\PHPNukeFR Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iMesh MediaBar Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PHPNukeFR Toolbar Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0E25BB07-62EB-476F-87FC-6AF426AB059E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF8BE6A-899C-4196-94E7-297C5F7A203E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Desk 365 Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\eSafeSecControl Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iMesh MediaBar Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Imesh Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Instant Savings App Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PHPNukeFR Toolbar Clé Supprimée : [x64] HKLM\SOFTWARE\DomaIQ Donnée Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN32C~1.DLL Donnée Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll Clé Supprimée : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Donnée Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*.offerbox.com ***** [ Navigateurs ] ***** -\\ Internet Explorer v8.0.6001.19507 -\\ Mozilla Firefox v22.0 (fr) [ Fichier : C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\prefs.js ] -\\ Google Chrome v31.0.1650.63 [ Fichier : C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [36364 octets] - [09/04/2014 10:59:05] AdwCleaner[s0].txt - [27986 octets] - [09/04/2014 11:02:37] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [28047 octets] ##########
-
# AdwCleaner v3.023 - Rapport créé le 09/04/2014 à 11:02:37 # Mis à jour le 01/04/2014 par Xplode # Système d'exploitation : Windows Vista Home Premium Service Pack 2 (64 bits) # Nom d'utilisateur : Carry - PC-DE-CARRY # Exécuté depuis : C:\Users\Carry\Downloads\adwcleaner.exe # Option : Nettoyer ***** [ Services ] ***** ***** [ Fichiers / Dossiers ] ***** [!] Dossier Supprimé : C:\ProgramData\~0 [!] Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeze.com [!] Dossier Supprimé : C:\Program Files\Accelerer PC [!] Dossier Supprimé : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender [!] Dossier Supprimé : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com [!] Dossier Supprimé : C:\Users\Carry\Documents\iMesh [!] Dossier Supprimé : C:\Program Files (x86)\Software Fichier Supprimé : C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\user.js ***** [ Raccourcis ] ***** Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ***** [ Registre ] ***** Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\iMesh.exe Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1 Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1 Clé Supprimée : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery Clé Supprimée : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1 Clé Supprimée : HKLM\SOFTWARE\Classes\FTDownloader Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.AudioCD Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.Device Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.file Clé Supprimée : HKLM\SOFTWARE\Classes\imweb.imwebcontrol Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Clé Supprimée : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2 Clé Supprimée : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap Clé Supprimée : HKLM\SOFTWARE\Classes\speedupmypc Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc Clé Supprimée : HKCU\Software\853db8cb33ae440 Clé Supprimée : HKLM\SOFTWARE\853db8cb33ae440 Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1 Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009 Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2102473 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2542115 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{01AD9322-02FF-4F4F-AC52-92FDA5AE65F0} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BD3DAC32-3648-466D-97BC-5828038C5DE7} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BD3DAC32-3648-466D-97BC-5828038C5DE7} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31} Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1C491116-C175-45E1-A570-6FB14FEA8B7B}] Clé Supprimée : HKCU\Software\1ClickDownload Clé Supprimée : HKCU\Software\BabSolution Clé Supprimée : HKCU\Software\Babylon Clé Supprimée : HKCU\Software\Conduit [#] Clé Supprimée : HKCU\Software\DataMngr_Toolbar Clé Supprimée : HKCU\Software\Default Tab Clé Supprimée : HKCU\Software\DefaultTab Clé Supprimée : HKCU\Software\Funmoods Clé Supprimée : HKCU\Software\ilivid Clé Supprimée : HKCU\Software\Imesh Clé Supprimée : HKCU\Software\iMeshMediabarTb Clé Supprimée : HKCU\Software\InstallCore Clé Supprimée : HKCU\Software\lollipop Clé Supprimée : HKCU\Software\Nosibay Clé Supprimée : HKCU\Software\Offerbox Clé Supprimée : HKCU\Software\Search Settings Clé Supprimée : HKCU\Software\Softonic Clé Supprimée : HKCU\Software\Somoto Toolbar Clé Supprimée : HKCU\Software\Webplayer Clé Supprimée : HKCU\Software\YahooPartnerToolbar Clé Supprimée : HKCU\Software\AppDataLow\Toolbar Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit Clé Supprimée : HKCU\Software\AppDataLow\Software\DefaultTab Clé Supprimée : HKCU\Software\AppDataLow\Software\DynConIE Clé Supprimée : HKCU\Software\AppDataLow\Software\iMeshMediabarTb Clé Supprimée : HKCU\Software\AppDataLow\Software\pdfforge Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar Clé Supprimée : HKCU\Software\AppDataLow\Software\PHPNukeFR Clé Supprimée : HKLM\Software\Bench Clé Supprimée : HKLM\Software\Boxore Clé Supprimée : HKLM\Software\Conduit Clé Supprimée : HKLM\Software\DataMngr Clé Supprimée : HKLM\Software\Default Tab Clé Supprimée : HKLM\Software\DefaultTab Clé Supprimée : HKLM\Software\Desksvc Clé Supprimée : HKLM\Software\Freeze.com Clé Supprimée : HKLM\Software\hdcode Clé Supprimée : HKLM\Software\iLividSRTB Clé Supprimée : HKLM\Software\Imesh Clé Supprimée : HKLM\Software\Iminent Clé Supprimée : HKLM\Software\InstallCore Clé Supprimée : HKLM\Software\installedbrowserextensions Clé Supprimée : HKLM\Software\Instant Savings App Clé Supprimée : HKLM\Software\Minibar Clé Supprimée : HKLM\Software\nationzoomSoftware Clé Supprimée : HKLM\Software\Offerbox Clé Supprimée : HKLM\Software\pdfforge Clé Supprimée : HKLM\Software\Search Settings Clé Supprimée : HKLM\Software\Uniblue Clé Supprimée : HKLM\Software\V9 Clé Supprimée : HKLM\Software\winzipersvc Clé Supprimée : HKLM\Software\PHPNukeFR Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iMesh MediaBar Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PHPNukeFR Toolbar Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0E25BB07-62EB-476F-87FC-6AF426AB059E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF8BE6A-899C-4196-94E7-297C5F7A203E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Desk 365 Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\eSafeSecControl Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iMesh MediaBar Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Imesh Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Instant Savings App Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PHPNukeFR Toolbar Clé Supprimée : [x64] HKLM\SOFTWARE\DomaIQ Donnée Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN32C~1.DLL Donnée Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll Clé Supprimée : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Donnée Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*.offerbox.com ***** [ Navigateurs ] ***** -\\ Internet Explorer v8.0.6001.19507 -\\ Mozilla Firefox v22.0 (fr) [ Fichier : C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\prefs.js ] -\\ Google Chrome v31.0.1650.63 [ Fichier : C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [36364 octets] - [09/04/2014 10:59:05] AdwCleaner[s0].txt - [27986 octets] - [09/04/2014 11:02:37] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [28047 octets] ##########
-
Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Carry on 08/04/2014 at 18:05:25,85. Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002 Service Pack 2 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Carry\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-04-08-134311.log 106503 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Updater"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\Updater not found C:\Program Files (x86)\Mozilla Firefox\extensions\search@searchsettings.com not found C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\toolbar@alot.com deleted C:\Program Files (x86)\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} deleted C:\PROGRA~3\Websteroids deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.2.0.38\IPSFF" [03/04/2014 09:13] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [08/01/2010 13:11] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} ProfilePath: C:\Users\Carry\AppData\Roaming\Thunderbird\Profiles\2gt6omxd.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi ProfilePath: C:\Users\Carry\AppData\Roaming\TomTom\HOME\Profiles\2j5zfpdp.default - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.053.520930@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} ==== Firefox Plugins ====================== Profilepath: C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default 95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Carry\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 9B10927CFD0F7AD39E40C0E34005B1AD - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13 AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 99F97C9FE748C37528C338A423577FCB - C:\Users\Carry\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45] nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx[11/03/2014 22:44] XJZ Survey Remover - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cphljojhgmnabimjemakjleocdheengh Norton Identity Protection - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.fr/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.fr/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {105E99FF-8B9A-4492-B155-06194B9056D2} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {9CA88F39-8FD0-45DD-9BE0-2917E302CCB3} Kelkoo Url="http://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932" {9D5BD211-422C-4164-9298-BB4186A30F31} Live Search Url="http://search.live.com/results.aspx?q={searchTerms}&mkt=fr-FR&FORM=MIMWA2" {9F7FB1F9-E791-4A18-9DC7-9589D3F668AC} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" {AB15C27A-FB6D-4FB8-97AE-C0B69138C365} AOL Recherche Url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcndtie7-fr-fr" ==== Reset Google Chrome ====================== C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5244 folders=833 290344399 bytes) ==== Empty Temp Folders ====================== C:\Users\Carry\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Carry\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted ==== EOF on 08/04/2014 at 23:37:23,95 ======================
-
Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Carry on 08/04/2014 at 11:02:29,00. Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002 Service Pack 2 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Carry\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 08/04/2014 11:09:00 Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\Gamenext deleted successfully C:\PROGRA~2\Nosibay deleted successfully C:\PROGRA~2\TomTom DesktopSuite deleted successfully C:\PROGRA~2\WinZipper deleted successfully C:\PROGRA~2\Wondershare deleted successfully C:\PROGRA~2\COMMON~1\PX Storage Engine deleted successfully C:\Program Files\Symantec deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\CanonEPP deleted successfully C:\PROGRA~3\CanonIJEPPEX2 deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Carry\AppData\Roaming\Comptabilit‚ deleted successfully C:\Users\Carry\AppData\Roaming\Nosibay deleted successfully C:\Users\Carry\AppData\Roaming\WinZipper deleted successfully C:\Users\Carry\AppData\Local\Conduit deleted successfully C:\Users\Carry\AppData\Local\Lollipop deleted successfully C:\Users\Carry\AppData\Local\OpenCandy deleted successfully C:\Users\Carry\AppData\Local\PackageAware deleted successfully C:\Users\Carry\AppData\Local\StimulsoftReportsResources deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442c-B14C-3D1081953C94} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49d6-A4D5-2E8D7341384E} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3F3E8073-7187-44A1-BC6C-00B2C3EFBAF4} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{799B1CD4-D3AF-4C22-A738-C7A97EF41A1E} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9B6103C1-F818-48a8-9683-314055BE6075} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C0CF59E9-B76F-450D-8707-2BE390E86DC6} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully HKEY_CLASSES_ROOT\CLSID\{23AF19F7-1D5B-442c-B14C-3D1081953C94} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{23AF19F7-1D5B-442c-B14C-3D1081953C94} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully HKEY_CLASSES_ROOT\CLSID\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{925DAB62-F9AC-4221-806A-057BFB1014AA} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe C:\PVSW\Bin\WGE_SRV.exe C:\Windows\SysWOW64\svchost.exe C:\PVSW\BIN\W3dbsmgr.EXE C:\Windows\SysWOW64\svchost.exe C:\ProgramData\InternetUpdater\InternetUpdaterService.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe C:\Windows\SysWOW64\DllHost.exe C:\Windows\SysWOW64\conime.exe C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe C:\ProgramData\Updater\updater.exe C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Bench\Wd\wd.exe C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe C:\ProgramData\RHelpers\IEHelper\IeHelper.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Instant Savings App\FrameworkEngine.exe C:\Users\Carry\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabSearch deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabSearch deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\InternetUpdater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\InternetUpdater deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar.admin", false); user_pref("extensions.BabylonToolbar.aflt", "orgnl"); user_pref("extensions.BabylonToolbar.bbDpng", 3); user_pref("extensions.BabylonToolbar.cntry", "FR"); user_pref("extensions.BabylonToolbar.dfltSrch", false); user_pref("extensions.BabylonToolbar.excTlbr", false); user_pref("extensions.BabylonToolbar.firstRun", false); user_pref("extensions.BabylonToolbar.hdrMd5", "50463FDB6D9CA90CDBD94DE573798953"); user_pref("extensions.BabylonToolbar.hmpg", false); user_pref("extensions.BabylonToolbar.id", "998392f32ad54ec49d18e408a3560227"); user_pref("extensions.BabylonToolbar.instlDay", "15205"); user_pref("extensions.BabylonToolbar.lastActv", "1"); user_pref("extensions.BabylonToolbar.lastDP", 3); user_pref("extensions.BabylonToolbar.lastVrsnTs", ""); user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "22.0"); user_pref("extensions.BabylonToolbar.newTab", true); user_pref("extensions.BabylonToolbar.newTabUrl", "http://search.babylon.com/?babsrc=NT_FFUP"); user_pref("extensions.BabylonToolbar.noFFXTlbr", false); user_pref("extensions.BabylonToolbar.propectorlck", 129979273); user_pref("extensions.BabylonToolbar.ptch_0717", true); user_pref("extensions.BabylonToolbar.sid", "998392f32ad54ec49d18e408a3560227"); user_pref("extensions.BabylonToolbar.smplGrp", "czb"); ---- Lines funmoods removed from user.js ---- user_pref("extensions.funmoods.hmpg", true); user_pref("extensions.funmoods.hmpgUrl", "http://searchfunmoods.com/?f=1&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtC0A0B0D0E0C0FyByCzztCtN0D0Tzu0CyEzytBtN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=649671658&ir="); user_pref("extensions.funmoods.dfltSrch", true); user_pref("extensions.funmoods.srchPrvdr", "Funmoods"); user_pref("extensions.funmoods.dnsErr", true); user_pref("extensions.funmoods_i.newTab", false); user_pref("extensions.funmoods.newTabUrl", "http://searchfunmoods.com/?f=2&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtC0A0B0D0E0C0FyByCzztCtN0D0Tzu0CyEzytBtN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=649671658&ir="); user_pref("extensions.funmoods.tlbrSrchUrl", "http://searchfunmoods.com/?f=3&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtC0A0B0D0E0C0FyByCzztCtN0D0Tzu0CyEzytBtN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=649671658&ir=&q="); user_pref("extensions.funmoods.id", "002421ABDECF7681"); user_pref("extensions.funmoods.instlDay", "15831"); user_pref("extensions.funmoods.vrsn", "1.8.11.0"); user_pref("extensions.funmoods.vrsni", "1.8.11.0"); user_pref("extensions.funmoods_i.vrsnTs", "1.8.11.014:17:30"); user_pref("extensions.funmoods.prtnrId", "funmoods"); user_pref("extensions.funmoods.prdct", "funmoods"); user_pref("extensions.funmoods.aflt", "nv2"); user_pref("extensions.funmoods_i.smplGrp", "none"); user_pref("extensions.funmoods.tlbrId", "base"); user_pref("extensions.funmoods.instlRef", ""); user_pref("extensions.funmoods.dfltLng", ""); user_pref("extensions.funmoods.appId", "{EA28B360-05E0-4F93-8150-02891F1D8D3C}"); user_pref("extensions.funmoods.excTlbr", false); user_pref("extensions.funmoods_i.hmpg", true); ---- FireFox user.js and prefs.js backups ---- user_042014_1128_.backup prefs_042014_1128_.backup ProfilePath: C:\Users\Carry\AppData\Roaming\Thunderbird\Profiles\2gt6omxd.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_042014_1128_.backup ProfilePath: C:\Users\Carry\AppData\Roaming\TomTom\HOME\Profiles\2j5zfpdp.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_042014_1128_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command] @="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Safari.exe\shell\open\command] @="C:\\Program Files (x86)\\Safari\\Safari.exe" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "bProtectTabs"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Updater"=- "NextLive"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "SweetIM"=- ""=- "ApnUpdater"=- "Updater"=- "mobilegeni daemon"=- [-HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Nosibay\Bubble Dock not found C:\Program Files (x86)\Instant Savings not found C:\Program Files (x86)\Ask.com not found C:\Program Files (x86)\Mobogenie not found C:\Program Files (x86)\PHPNukeFR deleted C:\Program Files (x86)\iMesh Applications deleted C:\Program Files (x86)\AOL\AOL Toolbar 5.0 deleted C:\Users\Carry\AppData\Roaming\defaulttab deleted C:\Program Files (x86)\pdfforge Toolbar deleted C:\Program Files (x86)\Hyperionics DB Toolbar deleted C:\Users\Carry\AppData\Roaming\newnext.me deleted C:\Program Files (x86)\DefaultTab deleted C:\Users\Carry\AppData\Roaming\spotmau deleted C:\Users\Carry\AppData\Local\genienext deleted C:\Users\Carry\daemonprocess.txt deleted C:\Users\Carry\.android deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\babylon.xml deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\iMeshWebSearch.xml deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\Search_Results.xml deleted C:\PROGRA~2\Iminent deleted C:\PROGRA~2\Boxore deleted C:\PROGRA~2\Babylon deleted C:\PROGRA~2\OfferBox deleted C:\PROGRA~2\Desk 365 deleted C:\PROGRA~2\Gophoto.it deleted C:\PROGRA~2\Conduit deleted C:\Users\Carry\AppData\Roaming\Uniblue deleted C:\Users\Carry\AppData\Roaming\Smiley.ico deleted C:\Users\Carry\AppData\Roaming\OfferBox deleted C:\Users\Carry\AppData\Roaming\Desk 365 deleted C:\Users\Carry\AppData\Roaming\Funmoods deleted C:\Users\Carry\AppData\Roaming\Babylon deleted C:\Users\Carry\AppData\Roaming\GetRightToGo deleted C:\Users\Carry\AppData\Roaming\pdfforge deleted C:\Users\Carry\AppData\Roaming\OpenCandy deleted C:\Users\Carry\048298C9A4D3490B9FF9AB023A9238F3.TMP deleted C:\PROGRA~3\Websteroids deleted C:\PROGRA~3\eSafe deleted C:\PROGRA~3\BrowserDefender deleted C:\PROGRA~3\SweetIM deleted C:\PROGRA~3\InternetUpdater deleted C:\PROGRA~3\iMesh deleted C:\Users\Carry\AppData\Local\BenchUpdater deleted C:\Users\Carry\AppData\Local\Minibar deleted C:\Users\Carry\AppData\Local\PutLockerDownloader deleted C:\Users\Carry\AppData\Local\Software deleted C:\Users\Carry\AppData\Local\iMesh deleted C:\Users\Carry\AppData\Local\Mobogenie deleted C:\Users\Carry\AppData\Local\cache deleted C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data deleted C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk deleted C:\Users\Carry\Downloads\SoftonicDownloader_voor_magix-music-maker-mx.exe deleted C:\Users\Carry\AppData\LocalLow\imeshmediabartb deleted C:\Users\Carry\AppData\LocalLow\searchresultstb deleted C:\Users\Carry\AppData\LocalLow\pdfforge deleted C:\Users\Carry\AppData\LocalLow\Search Settings deleted C:\Users\Carry\AppData\LocalLow\BabylonToolbar deleted C:\Users\Carry\AppData\LocalLow\PHPNukeFR deleted C:\Users\Carry\AppData\LocalLow\PriceGong deleted C:\Users\Carry\AppData\LocalLow\Conduit deleted C:\Users\Carry\AppData\LocalLow\Toolbar4 deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted C:\windows\SysNative\tasks\Funmoods deleted C:\windows\SysNative\tasks\Desk 365 RunAsStdUser deleted C:\windows\SysNative\tasks\bench-S-1-5-21-1974969438-329552401-2338139960-1000 deleted C:\windows\SysNative\tasks\bench-sys deleted C:\Windows\tasks\bench-S-1-5-21-1974969438-329552401-2338139960-1000.job deleted C:\Windows\tasks\bench-sys.job deleted C:\windows\SysNative\tasks\DTReg deleted C:\end deleted C:\Windows\Syswow64\InstallUtil.InstallLog deleted C:\Windows\Syswow64\ConduitEngine.tmp deleted C:\Windows\Syswow64\SearchProtect deleted C:\Users\Carry\Documents\Mobogenie deleted C:\Users\Carry\Documents\PC Speed Maximizer deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\babylon.xml deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\conduit-search.xml deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\iMeshWebSearch.xml deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\live-search.xml deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\MyStart Search.xml deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\safesearch.xml deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\search-here.xml deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\search.xml deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\Search_Results.xml deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\ffxtlbr@babylon.com deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\ftdownloader3@ftdownloader.com.xpi deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\Invalidprefs.js deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\bProtector_extensions.rdf deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\bProtector_extensions.sqlite deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\bprotector_prefs.js deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\alot-toolbar deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\SweetIMToolbarData deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\SweetPacksToolbarData deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\jetpack deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\CT2405725 deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\CT2542115 deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\imeshmediabartb deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{0277C0FC-9B29-BEC2-1C18-216A87676D84} deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{0fc85f5d-6207-4515-a490-45a549d285c0} deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{2A39D365-6906-B62D-BB4C-E544F9440E50} deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352} deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\conduit deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\conduitCommon deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC} deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\smartbar deleted "C:\Windows\Installer\10713abb.msi" deleted "C:\Windows\Installer\2f80e96.msi" deleted "C:\Windows\Installer\15731182.msi" deleted "C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\Funmoods.xml" deleted "C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\conduit.xml" deleted "C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\gophoto@gophoto.it.xpi" deleted "C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\addon@defaulttab.com.xpi" deleted "C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\defaulttab.config" deleted "C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi" deleted "C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\sweetim.xml" deleted "C:\PROGRA~2\Mozilla Firefox\searchplugins\nationzoom.xml" deleted "C:\PROGRA~2\Instant Savings App\FrameworkEngine.exe" deleted "C:\PROGRA~3\Updater\updater.exe" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgIEPlayer.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" deleted "C:\PROGRA~2\Bench\Wd\wd.exe" deleted "C:\PROGRA~2\SweetIM\Messenger\mgAdaptersProxy.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgcommon.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgcommunication.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgconfig.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mghooking.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgIEPlayer.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgUpdateSupport.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\mgxml_wrapper.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\msvcp71.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\msvcr71.dll" deleted "C:\PROGRA~2\SweetIM\Messenger\SweetIM.exe" deleted "C:\PROGRA~3\RHelpers\ChromeHelper\ChromeHelper.exe" deleted "C:\PROGRA~3\RHelpers\FirefoxHelper\FirefoxHelper.exe" deleted "C:\PROGRA~3\RHelpers\IeHelper\IeHelper.exe" deleted "C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe" deleted "C:\Program Files (x86)\SweetIM" not deleted "C:\Users\Carry\AppData\Local\Instant Savings App" not deleted "C:\PROGRA~2\Instant Savings App" deleted "C:\PROGRA~2\Bench" deleted "C:\PROGRA~2\SweetIM" not deleted "C:\PROGRA~3\Updater" not deleted "C:\PROGRA~3\RHelpers" not deleted "C:\Users\Carry\AppData\Local\Instant Savings App" not deleted "C:\Users\Carry\AppData\Local\WebPlayer" deleted "C:\Users\Carry\AppData\Local\Instant Savings App" not deleted "C:\Program Files (x86)\SweetIM\Messenger" not deleted "C:\PROGRA~2\Bench\Wd" deleted "C:\PROGRA~2\SweetIM\Messenger" not deleted "C:\PROGRA~3\RHelpers\ChromeHelper" not deleted "C:\PROGRA~3\RHelpers\FirefoxHelper" not deleted "C:\PROGRA~3\RHelpers\IeHelper" not deleted "C:\Users\Carry\AppData\Local\WebPlayer\FLV Player" deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition (64-bit) Service Pack 2 (Build 6002) Memory (RAM): 4094 MB CPU Info: Pentium® Dual-Core CPU E5200 @ 2.50GHz CPU Speed: 2570,8 MHz Sound Card: Haut-parleurs (Realtek High Def | Display Adapters: NVIDIA GeForce G210 | NVIDIA GeForce G210 | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; HP 2159 Series Wide LCD Monitor | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Realtek RTL8101E Family PCI-E FE NIC CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVD-RAM GH40L Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 917,0GB | D: 14,5GB Hard Disks - Free: C: 661,0GB | D: 2,0GB Manufacturer *: Phoenix Technologies, LTD BIOS Info: AT/AT COMPATIBLE | 05/07/09 | HPQOEM - 42302e31 Time Zone: Paris, Madrid Motherboard *: MSI Boston Country: France Language: FRA ==== System Specs (Software) ====================== Anti-Virus: Norton AntiVirus On-access scanning disabled (Outdated) Anti-Spyware: Norton AntiVirus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer version: 8.0.6001.19507 Google Chrome version: 31.0.1650.63 Adobe Reader version: 9.5.5.316 Sun Java version: 1.7.0_51 (32-bit) Flash Player version: 12.0.0.77 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Carry\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-04-08 08:54:44 9B10927CFD0F7AD39E40C0E34005B1AD 877480 ----a-w- C:\Windows\SysWOW64\npdeployJava1.dll 2014-04-08 08:54:44 4CC1F431910276174B4BC20E306FE742 800168 ----a-w- C:\Windows\SysWOW64\deployJava1.dll 2014-04-08 08:39:39 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-04-08 08:39:02 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-04-08 08:39:02 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-08 08:39:02 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-04-01 12:49:55 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\Sysnative\MpSigStub.exe ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-04-08 06:59:06 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-04-08 08:40:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-04-08 06:44:45 -------- d-----w- C:\PROGRA~2\trend micro ======= C: ===== ====== C:\Users\Carry\AppData\Roaming ====== 2014-04-02 11:47:08 CCF68BD665C8C4950B80C0365D6F30EF 142582 ----a-w- C:\Users\Carry\AppData\Roaming\userenv.xml.urlencode 2014-04-02 11:47:06 9DB6FC8616E19A58232F50AAA87125C5 106861 ----a-w- C:\Users\Carry\AppData\Roaming\userenv.xml 2014-04-01 06:19:40 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps ====== C:\Users\Carry ====== 2014-04-08 09:34:27 -------- d-----w- C:\ProgramData\Websteroids 2014-04-08 08:39:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-08 08:34:45 5C68A2107DBD9B08CACE3130FE55B062 921000 ----a-w- C:\Users\Carry\Downloads\chromeinstall-7u51.exe 2014-04-08 06:58:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Carry\Desktop\RSITx64.exe 2014-04-08 06:44:09 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Carry\Downloads\RSIT.exe 2014-04-03 07:58:46 565592D342E241EB6FCA351F9C810AE3 4787368 ----a-w- C:\Users\Carry\Downloads\ccsetup412.exe 2014-04-02 11:46:55 -------- d-----w- C:\ProgramData\TuneUp360 2014-04-02 11:46:19 24A6EC3B3378F203145BAF747B8DF1BE 4335888 ----a-w- C:\Users\Carry\Downloads\1-click-pc-care_full1017.exe ====== C: exe-files == 2014-04-08 08:38:13 F4BA3A5D5FDE0A321CD7C4A74749CE5B 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe 2014-04-08 08:38:13 EBAB810C999D8C31F0D5D8B28B3EEDD1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe 2014-04-08 08:38:13 C422AF851B98378A39B51D99FE707E64 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe 2014-04-08 08:38:13 ACA236A716C2291E40ED069F2CBB3D35 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe 2014-04-08 08:38:13 6E2BECF6E17FF8DC850C058A38A50C4F 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe 2014-04-08 08:38:13 6E1B0EEBF3D1CC7ECF4104E1473900FF 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe 2014-04-08 08:38:13 397A6EA17BB97800939DE44D7BFEEC04 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe 2014-04-08 08:38:13 18BC25C50200C3DD4E67611D2467DAA2 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe 2014-04-08 08:38:13 0E37C7C174521E16CEA0A6BC46F03BCD 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe 2014-04-08 08:38:11 ED1F5F1906F8D963612A4831CDB331D6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe 2014-04-08 08:38:11 B9436A665A8621073A12338B16D7BFD4 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe 2014-04-08 08:38:11 A8F2A6D5782AA0166D8367FF674DDF77 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe 2014-04-08 08:38:11 762E372DCFDAE32FAE52C1A50A0029C2 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe 2014-04-08 08:38:11 6EEAD2C8A5CAC1F0F2066ABD77BA9092 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe 2014-04-08 08:38:11 49A5F3169A23C00F9F2023DFE04D7AF6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe 2014-04-08 08:38:05 E9BFEA5B2F3F7598DA990F9728768790 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 2014-04-08 08:38:05 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe 2014-04-08 08:38:05 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe 2014-04-08 08:38:04 FBC27FD8E76C53E6E8066944BBE2BF73 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe 2014-04-08 08:38:04 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe 2014-04-08 08:38:04 5877E6618DA03EE8E7A869F57EE6ACE5 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe 2014-04-08 08:36:07 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Carry\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe 2014-04-08 08:34:45 5C68A2107DBD9B08CACE3130FE55B062 921000 ----a-w- C:\Users\Carry\Downloads\chromeinstall-7u51.exe 2014-04-08 06:59:06 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Carry.exe 2014-04-08 06:58:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Carry\Desktop\RSITx64.exe 2014-04-08 06:44:46 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\Carry.exe 2014-04-08 06:44:09 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Carry\Downloads\RSIT.exe 2014-04-03 07:58:46 565592D342E241EB6FCA351F9C810AE3 4787368 ----a-w- C:\Users\Carry\Downloads\ccsetup412.exe 2014-04-02 11:46:19 24A6EC3B3378F203145BAF747B8DF1BE 4335888 ----a-w- C:\Users\Carry\Downloads\1-click-pc-care_full1017.exe === C: other files == 2014-04-08 08:38:14 863EB6802B1C3B7630290871599BE0BD 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip 2014-04-03 05:20:31 F718A57D946EAC76EFCB351D74E269F4 875736 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\srtsp64.sys 2014-04-03 05:20:31 B18CE01B9C09C59422BA7C7064248B35 36952 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\srtspx64.sys 2014-04-03 05:20:31 9F31630D7FC2DD9D5DA1CE359AAD1F46 1148120 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\SymEFA64.sys 2014-04-03 05:20:31 5C9EE2303CA7F267665D75237862B39C 493656 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\SymDS64.sys 2014-04-03 05:20:31 5570A74FF9B1EFBC5154DD1E2F05C517 593112 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\symnets.sys 2014-04-03 05:20:31 48C2934683CBD06F662B088EEF49EF6A 264280 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\Ironx64.sys 2014-04-03 05:20:31 20F758E6339A16F97DD83389D582E09A 23568 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\SymELAM.sys 2014-04-03 05:20:31 0510396A957E9FD7205BA62D3CAE4528 162392 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\ccSetx64.sys 2014-04-03 05:20:31 018D1F8343C301B4AF9DD042D2FFBCC8 510168 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\symtdiv.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "Facebook Update"="C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "WMPNSCFG"="C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe" "FLV Player"="C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe" "Updater"="C:\ProgramData\Updater\updater.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "UpdateP2GoShortCut"="c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0" "UpdatePDIRShortCut"="c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\PowerDirector UpdateWithCreateOnce SOFTWARE\CyberLink\PowerDirector\7.0" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Wd"="C:\Program Files (x86)\Bench\Wd\wd.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "Facebook Update"="C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "WMPNSCFG"="C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe" "FLV Player"="C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe" "Updater"="C:\ProgramData\Updater\updater.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~3\\Wincert\\WIN32C~1.DLL C:\\PROGRA~2\\SEARCH~1\\Datamngr\\mgrldr.dll " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Remote Software"="C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe" "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "SmartMenu"="%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer for HP TouchSmart] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CLMLServer for HP TouchSmart" "hkey"="HKLM" "command"="\"c:\\Program Files (x86)\\Hewlett-Packard\\TouchSmart\\Media\\Kernel\\CLML\\CLMLSvc.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DVDAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DVDAgent" "hkey"="HKLM" "command"="\"c:\\Program Files (x86)\\Hewlett-Packard\\Media\\DVD\\DVDAgent.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Health Check Scheduler] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Health Check Scheduler" "hkey"="HKLM" "command"="c:\\Program Files (x86)\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPADVISOR" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe view=DOCKVIEW,SYSTRAY" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NavRegReminder] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NavRegReminder" "hkey"="HKLM" "command"="\"C:\\Windows\\temp\\NavBrowser.exe\" /r /i \"C:\\Windows\\temp\\NavLoad.ini\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RGSC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RGSC" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe /silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SmartMenu] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SmartMenu" "hkey"="HKLM" "command"="%ProgramFiles%\\Hewlett-Packard\\HP MediaSmart\\SmartMenu.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SpybotSD TeaTimer" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Spybot - Search & Destroy\\TeaTimer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Steam" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TSMAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TSMAgent" "hkey"="HKLM" "command"="\"c:\\Program Files (x86)\\Hewlett-Packard\\TouchSmart\\Media\\TSMAgent.exe\"" ==== Startup Folders ====================== 2009-08-24 13:44:23 1001 ----a-w- C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk 2010-03-26 13:12:03 1964 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/03/2014 23:51] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000Core.job --a------ C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe [16/07/2012 15:43] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000UA.job --a------ C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe [16/07/2012 15:43] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/05/2011 12:12] C:\Windows\tasks\HPCeeScheduleForCarry.job --a------ C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [24/02/2009 18:17] C:\Windows\tasks\PCConfidential.job --a------ C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe [] C:\Windows\tasks\PCDRScheduledMaintenance.job --a------ [undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000Core" [C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000UA" [C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Health Check" ["c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"] "C:\Windows\SysNative\tasks\HPCeeScheduleForCarry" [C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\WSCStub.exe"] "C:\Windows\SysNative\tasks\PCConfidential" [C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe] "C:\Windows\SysNative\tasks\PCDRScheduledMaintenance" [C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe] "C:\Windows\SysNative\tasks\RecoveryCD" ["C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe"] "C:\Windows\SysNative\tasks\{3D74D096-C270-4EDF-8D89-7EDA8B910D6A}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe] "C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Analyzer" [C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\SymErr.exe] "C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Processor" [C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.2.0.38\IPSFF" [03/04/2014 09:13] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [08/01/2010 13:11] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default - ALOT Toolbar - %ProfilePath%\extensions\toolbar@alot.com - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} - MediaBar - %ProfilePath%\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593} - Yahoo Toolbar - %ProfilePath%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} - Funmoods New Tab - %ProfilePath%\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi ProfilePath: C:\Users\Carry\AppData\Roaming\Thunderbird\Profiles\2gt6omxd.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi ProfilePath: C:\Users\Carry\AppData\Roaming\TomTom\HOME\Profiles\2j5zfpdp.default - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.053.520930@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Search Settings Plugin - %AppDir%\extensions\search@searchsettings.com - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - pdfforge Toolbar Plugin - %AppDir%\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default 95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Carry\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 9B10927CFD0F7AD39E40C0E34005B1AD - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13 AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 99F97C9FE748C37528C338A423577FCB - C:\Users\Carry\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Deleted Firefox Extensions ====================== C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593} deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi deleted C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} deleted C:\Program Files (x86)\Mozilla Firefox\extensions\search@searchsettings.com deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bbffdhejhaoiflnpooogkckfdcmmjppn - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx[] dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx[] ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[] kbjlipmgfoamgjaogmbihaffnpkpjajp - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\GCSurfMatch.crx[] kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files (x86)\DefaultTab\DefaultTab.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45] nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx[11/03/2014 22:44] pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx[] Instant Savings App - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\achhmapmjlcjlomcbmbicbgkihghgnie Extended Protection - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml Instant Savings App - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdjndgfgjaglgcnllemofeepjeeaofa XJZ Survey Remover - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cphljojhgmnabimjemakjleocdheengh Select City - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo DefaultTab - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc Google Wallet - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Norton Identity Protection - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob GoPhoto.it - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc ==== Chrome Fix ====================== C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage-journal deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kdidombaedgpfiiedeimiebkmbilgmlc_0.localstorage deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pfmopbbadnfoelckkcmjjeaaegjpjjbk_0.localstorage deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\achhmapmjlcjlomcbmbicbgkihghgnie deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_achhmapmjlcjlomcbmbicbgkihghgnie_0.localstorage deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_achhmapmjlcjlomcbmbicbgkihghgnie_0.localstorage-journal deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdjndgfgjaglgcnllemofeepjeeaofa deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ckdjndgfgjaglgcnllemofeepjeeaofa_0.localstorage deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ckdjndgfgjaglgcnllemofeepjeeaofa_0.localstorage-journal deleted successfully C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.fr/" "Default_Page_URL"="http://www.nationzoom.com/?type=hp&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470" "Search Bar"="http://g.msn.fr/0SEFRFR/SAOS02" "Default_Search_URL"="http://www.nationzoom.com/web/?type=ds&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.nationzoom.com/?type=hp&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470" "Default_Page_URL"="http://www.nationzoom.com/?type=hp&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470" "Search Page"="http://www.nationzoom.com/web/?type=ds&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://www.nationzoom.com/?type=hp&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470" "Default_Page_URL"="http://www.nationzoom.com/?type=hp&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470" "Search Page"="http://www.nationzoom.com/web/?type=ds&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{afdbddaa-5d3f-42ee-b79c-185a7020515b}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.fr/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Unknown Url="Not_Found" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {105E99FF-8B9A-4492-B155-06194B9056D2} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}" {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {9CA88F39-8FD0-45DD-9BE0-2917E302CCB3} Kelkoo Url="http://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932" {9D5BD211-422C-4164-9298-BB4186A30F31} Live Search Url="http://search.live.com/results.aspx?q={searchTerms}&mkt=fr-FR&FORM=MIMWA2" {9F7FB1F9-E791-4A18-9DC7-9589D3F668AC} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" {AB15C27A-FB6D-4FB8-97AE-C0B69138C365} AOL Recherche Url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcndtie7-fr-fr" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully HKEY_CLASSES_ROOT\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\bubbledock@nosibay.com deleted successfully ==== shortcuts on Users Desktops ====================== C:\Users\Carry\Desktop\EBP Compta 16.0.lnk - C:\Program Files (x86)\EBP\Compta16.0\compta.exe C:\Users\Carry\Desktop\Fichiers d’installation Norton.lnk - C:\Users\Carry\Desktop\FLV Player.lnk - C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe C:\Users\Carry\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Nation Zoom C:\Users\Carry\Desktop\QuickPar.lnk - C:\Program Files (x86)\QuickPar\QuickPar.exe C:\Users\Carry\Desktop\µTorrent.lnk - C:\Users\Carry\Desktop\gijs\ASIO4ALL v2 Instruction Manual.lnk - C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf C:\Users\Carry\Desktop\gijs\FL Studio 11.lnk - C:\Program Files (x86)\Image-Line\FL Studio 11\FL.exe C:\Users\Carry\Desktop\gijs\MAGIX Music Maker 17 Version à télécharger.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\EBP Compta Classic Open Line 2013 5.1.lnk - C:\Program Files\EBP\Accounting5.1FRFR20\EBP.Accounting.Application.exe C:\Users\Public\Desktop\EBP Migration vers Open Line 2.0.lnk - C:\ProgramData\EBP\CppMigrator2.0\EBP.CppMigrator.Application.exe C:\Users\Public\Desktop\HP MediaSmart.lnk - c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_2F0AA623FDE06A97508B91.exe C:\Users\Public\Desktop\MappyPlus.lnk - C:\Windows\Installer\{478F482D-C30B-4876-A080-BE3916268682}\app_icon.ico C:\Users\Public\Desktop\Norton AntiVirus.lnk - C:\Program Files (x86)\Norton AntiVirus\Engine64\21.2.0.38\uiStub.exe C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\LiveUpdate.lnk - C:\Program Files (x86)\Norton AntiVirus\Engine64\21.2.0.38\uiStub.exe /lu C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\NBRT.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Norton AntiVirus.lnk - C:\Program Files (x86)\Norton AntiVirus\Engine64\21.2.0.38\uiStub.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Support.lnk - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\symerr.exe /support C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Uninstall Norton AntiVirus.lnk - C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\562C4DD5\21.2.0.38\InstStub.exe /X /shortcut C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe\Désinstaller Norton Identity Safe.LNK - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe\Norton Identity Safe.LNK - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\cosastub.exe /install /force ==== shortcuts in Quick Launch ====================== C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk - C:\Windows\Installer\{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}\SafariIco.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk - C:\Windows\system32\calc.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Nation Zoom C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk - c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_BD15A4BF3888028F418EC7.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk - C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Nation Zoom C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MediaWidget.lnk - C:\Program Files (x86)\Media Widget\MediaWidget.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\monAlbumPhoto.lnk - C:\Program Files (x86)\monAlbumPhoto\monAlbumphoto.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Nation Zoom C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\NewsLeecher.lnk - C:\Program Files (x86)\NewsLeecher\newsLeecher.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Skype.lnk - C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Mail.lnk - C:\Program Files (x86)\Windows Mail\WinMail.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk - c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_BD15A4BF3888028F418EC7.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk - c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_BD15A4BF3888028F418EC7.exe C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== shortcuts After Repair ====================== C:\Users\Carry\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6EB8FE4C9986914497E92C7F5A702E3 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\059103D1F2AE2884A90A9464776548A2 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kbjlipmgfoamgjaogmbihaffnpkpjajp deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iMesh deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InternetUpdater deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\4351_Instant Savings App deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4EF8BE6A-899C-4196-94E7-297C5F7A203E} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D301950-EA2F-4882-9AA0-49467756842A} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NavRegReminder deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Wd] "C:\Program Files (x86)\Bench\Wd\wd.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [FLV Player] C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe O4 - HKCU\..\Run: [updater] C:\ProgramData\Updater\updater.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\PROGRA~2\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5173 folders=818 289106269 bytes) ==== Empty Temp Folders ====================== C:\Users\Carry\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Carry\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Program Files (x86)\SweetIM" not found "C:\Users\Carry\AppData\Local\Instant Savings App" not found "C:\PROGRA~2\SweetIM" not found "C:\PROGRA~3\Updater" not found "C:\PROGRA~3\RHelpers" not found "C:\Users\Carry\AppData\Local\Instant Savings App" not found "C:\Users\Carry\AppData\Local\Instant Savings App" not found ==== EOF on 08/04/2014 at 15:43:11,83 ======================
-
Logfile of random's system information tool 1.09 (written by random/random) Run by Carry at 2014-04-08 08:59:06 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 677 GB (72%) free of 939 GB Total RAM: 4093 MB (36% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 08:59:12, on 08/04/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19507) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe C:\Windows\SysWOW64\conime.exe C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe C:\ProgramData\Updater\updater.exe C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Bench\Wd\wd.exe C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe C:\ProgramData\RHelpers\IEHelper\IeHelper.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Carry.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O1 - Hosts: ::1 localhost O1 - Hosts: 54.204.28.26 ckdjndgfgjaglgcnllemofeepjeeaofa O1 - Hosts: 54.204.28.26 achhmapmjlcjlomcbmbicbgkihghgnie O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHPN.dll O2 - BHO: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (file missing) O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files (x86)\iMesh Applications\MediaBar\DataMngr\IEBHO.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\IPS\IPSBHO.DLL O2 - BHO: Instant Savings App BHO - {6EB4A4C0-6036-4D2E-B010-20707C4B62E8} - C:\Program Files (x86)\Instant Savings App\FrameworkBHO.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files (x86)\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\pdfforgeToolbarIE.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\pdfforgeToolbarIE.dll O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHPN.dll O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files (x86)\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Hyperionics DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [updater] C:\ProgramData\Updater\Updater.exe O4 - HKLM\..\Run: [mobilegeni daemon] "C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Wd] "C:\Program Files (x86)\Bench\Wd\wd.exe" O4 - HKLM\..\RunOnce: [instant Savings App-repairJob] wscript.exe "C:\Users\Carry\AppData\Local\Instant Savings App\repair.js" "Instant Savings App-repairJob" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [updater] C:\ProgramData\Updater\updater.exe O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Carry\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l O4 - HKCU\..\Run: [FLV Player] C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file) O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Internet Updater (InternetUpdater) - Parallel Lines Development, LLC - C:\ProgramData\InternetUpdater\InternetUpdaterService.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 31748 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 wininit.exe C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Windows\system32\Dwm.exe" taskeng.exe {A17CE0BD-563E-4C31-9B28-22EB99E52EC0} C:\Windows\Explorer.EXE taskeng.exe {7DD091D5-FA87-415A-9CB5-8E7572185396} taskeng.exe {289B76FF-F311-4354-9FB0-EA98F425F7F5} "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe" C:\PVSW\Bin\WGE_SRV.exe C:\Windows\SysWOW64\svchost.exe -k netsvcs "C:\PVSW\BIN\W3dbsmgr.EXE" -SRDE -SERVICE C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\ProgramData\InternetUpdater\InternetUpdaterService.exe" "c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe" -sEBP "C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\diMaster.dll" /prefetch:1 "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\diMaster.dll" /prefetch:1 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-28160086-2712-40df-93fd-79169169b1a9 -SystemEventPortName:HostProcess-34044708-c68f-4dfb-9864-6aed6f3a7745 -IoCancelEventPortName:HostProcess-ede0433b-16fd-43be-9049-a4f79cc1cea0 -NonStateChangingEventPortName:HostProcess-79db406d-6ade-47df-9ff8-8149d12897d3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cbbea3d8-8cc3-4e25-8024-902707664350 -DeviceGroupId:WpdFsGroup "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe" /c /a /s UserSession "C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe" /c /a /s UserSession WLIDSvcM.exe 2868 C:\Windows\SysWOW64\DllHost.exe /Processid:{304CE942-6E39-40D8-943A-B913C40C9CD4} C:\Windows\system32\conime.exe "C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Windows\ehome\ehtray.exe" "C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver "C:\ProgramData\Updater\updater.exe" "C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe" C:\Windows\ehome\ehmsas.exe -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe" "C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe" "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\PROGRA~1\HEWLET~1\HPREMO~1\HPREMO~1.EXE" -Embedding C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\Windows Media Player\wmpnscfg.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Bench\Wd\wd.exe" "C:\Program Files\iPod\bin\iPodService.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe" "C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe" "C:\ProgramData\RHelpers\IEHelper\IeHelper.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C4400 series#1270990727" -Startup "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding C:\Windows\system32\msiexec /V "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI "c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding "C:\Program Files\Windows Mail\WinMail.exe" "C:\Windows\system32\wuauclt.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://www.pc-helpforum.be/f163/virus-69287-new/" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.0.48735572\28212348" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.1.2138649197\2016851544" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.2.1239355571\29295463" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.3.766589743\575510155" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.4.1840914331\699119275" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.5.503055554\44870191" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.7.161878693\60494566" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.8.1574973885\1432090482" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6092.9.1902595360\475684283" --ppapi-flash-args --lang=fr --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6092.10.2056295710\2068554114" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,5,12,22,26 --disable-accelerated-video-decode --gpu-vendor-id=0x10de --gpu-device-id=0x0a60 --gpu-driver-vendor=NVIDIA --gpu-driver-version=7.15.11.8586 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.30.2024363379\1472305217" /prefetch:673131151 splwow64 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 640 644 652 65536 648 "C:\Users\Carry\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\bench-S-1-5-21-1974969438-329552401-2338139960-1000.job C:\Windows\tasks\bench-sys.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000UA.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HPCeeScheduleForCarry.job C:\Windows\tasks\PCConfidential.job C:\Windows\tasks\PCDRScheduledMaintenance.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}] Instant Savings App BHO - C:\Program Files (x86)\Instant Savings App\FrameworkBHO64.dll [2014-03-04 325160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}] PHPNukeFR Toolbar - C:\Program Files (x86)\PHPNukeFR\tbPHPN.dll [2009-12-31 2349080] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] Bubble Dock SurfMatch - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] UrlHelper Class - C:\Program Files (x86)\iMesh Applications\MediaBar\DataMngr\IEBHO.dll [2010-05-27 392072] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Norton Vulnerability Protection - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\IPS\IPSBHO.DLL [2014-02-21 392344] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}] Instant Savings App BHO - C:\Program Files (x86)\Instant Savings App\FrameworkBHO.dll [2014-03-04 258088] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-04 329504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}] AOL Toolbar BHO - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] DefaultTab Browser Helper - C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll [2014-02-06 468600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}] Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll [2014-03-11 654176] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}] MediaBar - C:\Program Files (x86)\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll [2009-11-20 87472] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}] pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-04 59168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll [2009-07-29 1153024] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] SMTTB2009 Class - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {D629FDE2-1C75-40B2-9B20-CE72D3A430AF} - Instant Savings App - C:\Program Files (x86)\Instant Savings App\FrameworkBHO64.dll [2014-03-04 325160] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120] {B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880] {1c491116-c175-45e1-a570-6fb14fea8b7b} - PHPNukeFR Toolbar - C:\Program Files (x86)\PHPNukeFR\tbPHPN.dll [2009-12-31 2349080] {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - MediaBar - C:\Program Files (x86)\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll [2009-11-20 87472] {D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432] {338B4DFE-2E2C-4338-9E41-E176D497299E} - Hyperionics DB Toolbar - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720] {A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll [2014-03-11 654176] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184] "HP Remote Software"=C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe [2009-02-06 172032] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-05-01 16252448] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728] "SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-03-05 915512] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240] "TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [] "Facebook Update"=C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-16 138096] "WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [] "Updater"=C:\ProgramData\Updater\updater.exe [2013-12-19 486264] "NextLive"=C:\Windows\SysWOW64\rundll32.exe [2006-11-02 44544] "FLV Player"=C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [2012-10-26 202752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-04-09 185640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-03-19 1148200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04 75016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-06-07 421776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NavRegReminder] C:\Windows\temp\NavBrowser.exe /r /i C:\Windows\temp\NavLoad.ini [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings] C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-03-05 915512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] C:\Program Files (x86)\Steam\Steam.exe [2013-12-11 1823656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2009-04-09 1328424] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768] "UpdateP2GoShortCut"=c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "UpdatePDIRShortCut"=c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896] "SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2010-10-13 111928] ""= [] "ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2013-04-30 1721480] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-06-07 421776] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "Updater"=C:\ProgramData\Updater\Updater.exe [2013-12-19 486264] "mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "Wd"=C:\Program Files (x86)\Bench\Wd\wd.exe [2014-03-04 60416] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "Instant Savings App-repairJob"=wscript.exe C:\Users\Carry\AppData\Local\Instant Savings App\repair.js Instant Savings App-repairJob [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Notification de cadeaux MSN.lnk - C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "HideFastUserSwitching"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-04-08 08:59:06 ----D---- C:\Program Files\trend micro 2014-04-08 08:44:45 ----D---- C:\rsit 2014-04-08 08:44:45 ----D---- C:\Program Files (x86)\trend micro 2014-04-03 09:59:57 ----D---- C:\Program Files\CCleaner 2014-04-02 13:47:07 ----D---- C:\Users\Carry\AppData\Roaming\spotmau 2014-04-02 13:46:55 ----D---- C:\ProgramData\TuneUp360 2014-04-02 13:46:50 ----D---- C:\Program Files (x86)\Wondershare 2014-04-01 14:49:55 ----N---- C:\Windows\system32\MpSigStub.exe 2014-03-13 06:48:55 ----A---- C:\Windows\SYSWOW64\wer.dll 2014-03-13 06:48:55 ----A---- C:\Windows\system32\wer.dll 2014-03-13 06:48:51 ----A---- C:\Windows\SYSWOW64\tzres.dll 2014-03-13 06:48:51 ----A---- C:\Windows\system32\tzres.dll 2014-03-13 06:48:36 ----A---- C:\Windows\SYSWOW64\qedit.dll 2014-03-13 06:48:36 ----A---- C:\Windows\system32\qedit.dll 2014-03-13 06:48:33 ----A---- C:\Windows\system32\mshtml.dll 2014-03-13 06:48:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-03-13 06:48:31 ----A---- C:\Windows\system32\ieframe.dll 2014-03-13 06:48:30 ----A---- C:\Windows\system32\wininet.dll 2014-03-13 06:48:30 ----A---- C:\Windows\system32\urlmon.dll 2014-03-13 06:48:30 ----A---- C:\Windows\system32\occache.dll 2014-03-13 06:48:30 ----A---- C:\Windows\system32\mstime.dll 2014-03-13 06:48:30 ----A---- C:\Windows\system32\msfeeds.dll 2014-03-13 06:48:30 ----A---- C:\Windows\system32\iertutil.dll 2014-03-13 06:48:30 ----A---- C:\Windows\system32\iedkcs32.dll 2014-03-13 06:48:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-03-13 06:48:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-03-13 06:48:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-03-13 06:48:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-03-13 06:48:29 ----A---- C:\Windows\system32\mshtmled.dll 2014-03-13 06:48:29 ----A---- C:\Windows\system32\msfeedsbs.dll 2014-03-13 06:48:29 ----A---- C:\Windows\system32\licmgr10.dll 2014-03-13 06:48:29 ----A---- C:\Windows\system32\jsproxy.dll 2014-03-13 06:48:29 ----A---- C:\Windows\system32\ieui.dll 2014-03-13 06:48:29 ----A---- C:\Windows\system32\iesetup.dll 2014-03-13 06:48:29 ----A---- C:\Windows\system32\iernonce.dll 2014-03-13 06:48:29 ----A---- C:\Windows\system32\iepeers.dll 2014-03-13 06:48:29 ----A---- C:\Windows\system32\corpol.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\url.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\occache.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\mstime.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\licmgr10.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\iepeers.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe 2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\corpol.dll 2014-03-13 06:48:28 ----A---- C:\Windows\system32\url.dll 2014-03-13 06:48:28 ----A---- C:\Windows\system32\msfeedssync.exe 2014-03-13 06:48:28 ----A---- C:\Windows\system32\ieUnatt.exe 2014-03-13 06:48:28 ----A---- C:\Windows\system32\iesysprep.dll 2014-03-13 06:48:28 ----A---- C:\Windows\system32\ie4uinit.exe 2014-03-13 06:48:27 ----A---- C:\Windows\system32\win32k.sys ======List of files/folders modified in the last 1 month====== 2014-04-08 08:59:12 ----D---- C:\Windows\Prefetch 2014-04-08 08:59:06 ----RD---- C:\Program Files 2014-04-08 08:59:03 ----D---- C:\Windows\Temp 2014-04-08 08:44:45 ----D---- C:\Program Files (x86) 2014-04-08 08:43:12 ----SHD---- C:\Windows\Installer 2014-04-08 08:43:11 ----D---- C:\Config.Msi 2014-04-08 08:40:37 ----D---- C:\Users\Carry\AppData\Roaming\newnext.me 2014-04-08 08:39:21 ----SHD---- C:\System Volume Information 2014-04-05 14:16:23 ----D---- C:\Windows\SysWOW64 2014-04-04 08:32:12 ----D---- C:\Windows 2014-04-03 10:04:23 ----D---- C:\ProgramData\Spybot - Search & Destroy 2014-04-03 10:04:22 ----D---- C:\Program Files (x86)\Steam 2014-04-03 10:04:16 ----D---- C:\Users\Carry\AppData\Roaming\uTorrent 2014-04-03 10:04:15 ----D---- C:\Users\Carry\AppData\Roaming\TS3Client 2014-04-03 10:04:14 ----D---- C:\Users\Carry\AppData\Roaming\Skype 2014-04-03 10:04:12 ----D---- C:\Program Files (x86)\PDFCreator 2014-04-03 10:03:32 ----D---- C:\Windows\Panther 2014-04-03 10:03:32 ----D---- C:\Windows\inf 2014-04-03 10:03:27 ----D---- C:\Windows\Minidump 2014-04-03 10:03:27 ----D---- C:\Windows\Logs 2014-04-03 10:03:27 ----D---- C:\Windows\Debug 2014-04-03 09:59:59 ----D---- C:\Windows\system32\Tasks 2014-04-03 09:09:20 ----D---- C:\Windows\system32\drivers\NAVx64 2014-04-03 07:23:48 ----D---- C:\ProgramData\Norton 2014-04-03 07:20:13 ----D---- C:\Program Files (x86)\Norton AntiVirus 2014-04-02 17:20:47 ----D---- C:\Windows\system32\wbem 2014-04-02 17:18:58 ----D---- C:\Windows\Tasks 2014-04-02 17:18:58 ----D---- C:\Windows\system32\spool 2014-04-02 17:18:58 ----D---- C:\Windows\system32\catroot2 2014-04-02 17:18:58 ----D---- C:\Windows\registration 2014-04-02 17:18:58 ----D---- C:\ProgramData\HP Product Assistant 2014-04-02 14:34:44 ----HD---- C:\Windows\system32\GroupPolicy 2014-04-02 14:34:44 ----D---- C:\Windows\SYSWOW64\GroupPolicy 2014-04-02 13:57:45 ----D---- C:\Program Files (x86)\SMINST 2014-04-02 13:46:55 ----HD---- C:\ProgramData 2014-04-01 14:49:55 ----D---- C:\Windows\System32 2014-04-01 09:06:29 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-04-01 08:55:54 ----D---- C:\ProgramData\CanonIJPLM 2014-04-01 08:53:54 ----D---- C:\Program Files (x86)\Mozilla Firefox 2014-03-29 05:10:36 ----D---- C:\ProgramData\HP 2014-03-28 18:16:03 ----D---- C:\Windows\system32\drivers\NSTx64 2014-03-28 18:11:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-03-19 18:02:02 ----D---- C:\Windows\LiveKernelReports 2014-03-19 04:01:10 ----D---- C:\Windows\system32\MRT 2014-03-19 04:01:03 ----A---- C:\Windows\system32\mrt.exe 2014-03-15 04:10:35 ----D---- C:\ProgramData\Microsoft Help 2014-03-14 11:17:40 ----D---- C:\Windows\rescache 2014-03-14 10:35:04 ----D---- C:\Windows\SYSWOW64\fr-FR 2014-03-14 10:35:04 ----D---- C:\Windows\system32\fr-FR 2014-03-14 10:34:59 ----D---- C:\Program Files (x86)\Internet Explorer 2014-03-14 10:34:54 ----D---- C:\Program Files\Internet Explorer 2014-03-14 10:34:48 ----D---- C:\Windows\SYSWOW64\migration 2014-03-14 10:34:26 ----D---- C:\Windows\system32\migration 2014-03-14 10:14:09 ----D---- C:\Windows\winsxs 2014-03-13 06:48:12 ----D---- C:\Windows\system32\catroot 2014-03-11 23:51:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAVx64\1502000.026\SYMDS64.SYS [2013-10-30 493656] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAVx64\1502000.026\SYMEFA64.SYS [2014-03-04 1148120] R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.2.0.38\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [2014-03-19 1525976] R1 ccSet_NAV;NAV Settings Manager; C:\Windows\system32\drivers\NAVx64\1502000.026\ccSetx64.sys [2014-02-25 162392] R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [2013-09-27 162392] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-04-02 484952] R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.2.0.38\Definitions\IPSDefs\20140405.001\IDSvia64.sys [2014-04-02 525016] R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NAVx64\1502000.026\SRTSP64.SYS [2014-02-13 875736] R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1502000.026\SRTSPX64.SYS [2013-10-30 36952] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1502000.026\Ironx64.SYS [2013-10-30 264280] R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NAVx64\1502000.026\SYMTDIV.SYS [2014-02-18 510168] R3 DCamUSBVM;Lenovo Q350 USB PC Camera; C:\Windows\System32\Drivers\usbVM31b.sys [2005-09-19 142336] R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 145408] R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 19968] R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 42496] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-02-11 1708192] R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.2.0.38\Definitions\VirusDefs\20140407.018\ENG64.SYS [2014-04-02 126040] R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.2.0.38\Definitions\VirusDefs\20140407.018\EX64.SYS [2014-04-02 2099288] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-04-24 79392] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-05-01 11725728] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2009-01-20 195584] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-04-03 177752] R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 40960] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656] S3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys [] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936] S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-02-02 23536] S3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NAVx64\1008030.006\SYMFW.SYS [] S3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NAVx64\1008030.006\SYMNDISV.SYS [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-04-25 52736] S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328] S4 RsFx0153;RsFx0153 Driver; C:\Windows\system32\DRIVERS\RsFx0153.sys [2012-06-29 321992] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184] R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [2013-10-26 107520] R2 EBP Pervasive.SQL;EBP Pervasive.SQL; C:\PVSW\Bin\WGE_SRV.exe [2006-12-07 32768] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648] R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-01-23 1858048] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648] R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-12-04 94208] R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 27648] R2 InternetUpdater;Internet Updater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [2014-01-15 45568] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-03-17 73728] R2 MSSQL$EBP;SQL Server (EBP); C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe [2012-06-29 62218696] R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe [2014-03-12 262968] R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [2014-03-11 130104] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 27648] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-05-01 381984] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 27648] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2012-06-29 277448] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 27648] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 DefaultTabSearch;DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-12-20 574464] S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-05 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928] S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848] S3 gupdatem;Service Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-05 136176] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120] S3 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-12 407336] S3 Symantec Core LC;Symantec Core LC; C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2009-09-03 1251720] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 1012344] S4 MSSQLServerADHelper100;Service SQL Active Directory Helper; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744] S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 SQLAgent$EBP;Agent SQL Server (EBP); C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\SQLAGENT.EXE [2012-06-29 441288] -----------------EOF-----------------
-
Sinds enkele weken opent mijn computer het ene na het andere scherm met de mededeling dat firefox,wachtdog,chrome helper enz.niet kan openen.Vervolgens loopt de computer vast en moet ik de stekker uit het stopcontact halen om de boel weer op te starten.Inmiddels heb ik met de ccleaner de computer gecontroleerd en herstelt.Wie weet wat ik aan dit probleem kan doen?
