Results 1 to 6 of 6
  1. #1
    Member thaly's Avatar
    Join Date
    Aug 2005
    Location
    France
    Posts
    37
    Points
    0

    Default Sendori detected by Superantispyware but it shows nowhere

    Hello,


    SuperAntispyware is detecting Sendori in my computer, yet Superantispyware does not give me an option to delete it or uninstall it.
    Sendori does not show in my programmes file, nor in my CCleaner uninstall tool.
    How can I find Sendori to delete it?


    Thank you






    ___________________________________________________________________________________________

    Superantispyware1.jpgsuperantispyware 2.jpg


    _________________________________________________________________________________________

    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes | Free Anti-Malware & Internet Security Software


    Database version: v2014.04.16.09


    Windows Vista Service Pack 2 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Claude Alice :: MARS [administrator]


    16/04/2014 21:03:57
    mbam-log-2014-04-16 (21-03-57).txt


    Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|K:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 538618
    Time elapsed: 1 hour(s), 49 minute(s), 10 second(s)


    Memory Processes Detected: 0
    (No malicious items detected)


    Memory Modules Detected: 0
    (No malicious items detected)


    Registry Keys Detected: 2
    HKCU\Software\AppDataLow\Software\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
    HKCU\Software\Softonic\Universal Downloader (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.


    Registry Values Detected: 0
    (No malicious items detected)


    Registry Data Items Detected: 0
    (No malicious items detected)


    Folders Detected: 0
    (No malicious items detected)


    Files Detected: 0
    (No malicious items detected)


    (end)

    ________________________________________________________________________________________

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 23:03:02, on 16/04/2014
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16545)
    Boot mode: Normal


    Running processes:
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\hp\kbd\kbd.exe
    C:\Windows\SysWOW64\conime.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe


    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Google
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apache - Unknown owner - C:\PROGRA~2\EASYPH~1.1VC\binaries\apache\bin\eds-httpd.exe (file missing)
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: devolo Network Service (DevoloNetworkService) - devolo AG - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
    O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
    O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: @C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101 (getPlusHelper) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HideMyIpSRV - Hide My IP - C:\Program Files (x86)\Hide My IP\HideMyIpSrv.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe (file missing)
    O23 - Service: Hotspot Shield Routing Service (HssSrv) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (file missing)
    O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (file missing)
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: MySQL - Unknown owner - C:\PROGRA~2\EASYPH~1.1VC\binaries\mysql\bin\eds-mysqld.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: wampstackMySQL - Unknown owner - C:\Bitnami\wampstack-5.4.26-2\mysql\bin\mysqld.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe


    --
    End of file - 24668 bytes

    ________________________________________________________________________________________
    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!


    Generated 04/17/2014 at 00:31 AM


    Application Version : 5.7.1018


    Core Rules Database Version : 11172
    Trace Rules Database Version: 8984


    Scan type : Complete Scan
    Total Scan Time : 01:09:27


    Operating System Information
    Windows Vista Home Premium 64-bit, Service Pack 2 (Build 6.00.6002)
    UAC On - Limited User


    Memory items scanned : 531
    Memory threats detected : 0
    Registry items scanned : 78436
    Registry threats detected : 0
    File items scanned : 98478
    File threats detected : 6


    Adware.Tracking Cookie
    accounts.google.com [ C:\USERS\CLAUDE ALICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.googleadservices.com [ C:\USERS\CLAUDE ALICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .xiti.com [ C:\USERS\CLAUDE ALICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .xiti.com [ C:\USERS\CLAUDE ALICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\CLAUDE ALICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\CLAUDE ALICE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

    _______________________________________________________________________________________

    # AdwCleaner v3.023 - Rapport créé le 16/04/2014 à 20:51:45
    # Mis à jour le 01/04/2014 par Xplode
    # Système d'exploitation : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
    # Nom d'utilisateur : Claude Alice - MARS
    # Exécuté depuis : C:\Users\Claude Alice\Downloads\adwcleaner.exe
    # Option : Scanner


    ***** [ Services ] *****


    Service Présent : hshld
    Service Présent : HssSrv
    Service Présent : hsswd


    ***** [ Fichiers / Dossiers ] *****


    Dossier Présent : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\Extensions\bbrs_002@blabbers.com
    Dossier Présent C:\hotspot shield
    Dossier Présent C:\Program Files (x86)\ConduitEngine
    Dossier Présent C:\Program Files (x86)\GreenTree Applications
    Dossier Présent C:\Users\Claude Alice\AppData\Local\apn
    Dossier Présent C:\Users\Claude Alice\AppData\Local\AVG Security Toolbar
    Dossier Présent C:\Users\Claude Alice\AppData\Local\Linkury
    Dossier Présent C:\Users\Claude Alice\AppData\Local\PackageAware
    Dossier Présent C:\Users\Claude Alice\AppData\LocalLow\Conduit
    Dossier Présent C:\Users\Claude Alice\AppData\LocalLow\ConduitEngine
    Dossier Présent C:\Users\Claude Alice\AppData\LocalLow\PriceGong
    Dossier Présent C:\Users\Claude Alice\AppData\LocalLow\Zynga
    Dossier Présent C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\Conduit
    Dossier Présent C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\ConduitEngine
    Fichier Présent : C:\Program Files (x86)\Mozilla Firefox\Components\AskSearch.js
    Fichier Présent : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
    Fichier Présent : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\searchplugins\Askcom.xml
    Fichier Présent : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\searchplugins\Messenger Plus Smartbar Search.xml
    Fichier Présent : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\searchplugins\Plusnetwork.xml
    Fichier Présent : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\searchplugins\search-the-web.xml
    Fichier Présent : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\user.js


    ***** [ Raccourcis ] *****




    ***** [ Registre ] *****


    Clé Présente : HKCU\Software\APN PIP
    Clé Présente : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
    Clé Présente : HKCU\Software\AppDataLow\Software\conduitEngine
    Clé Présente : HKCU\Software\AppDataLow\Software\conduitEngine
    Clé Présente : HKCU\Software\AppDataLow\Software\PriceGong
    Clé Présente : HKCU\Software\AppDataLow\Software\SmartBar
    Clé Présente : HKCU\Software\AppDataLow\Toolbar
    Clé Présente : HKCU\Software\Blabbers
    Clé Présente : HKCU\Software\BlabbersToolbar
    Clé Présente : HKCU\Software\BrowserCompanion
    Clé Présente : HKCU\Software\Conduit
    Clé Présente : HKCU\Software\hotspotshield
    Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\clickpotatolitesa
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\hotspotshield
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB912-C5FA-486F-8334-57288578C627}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Clé Présente : HKCU\Software\Softonic
    Clé Présente : HKCU\Software\YahooPartnerToolbar
    Clé Présente : [x64] HKCU\Software\APN PIP
    Clé Présente : [x64] HKCU\Software\Blabbers
    Clé Présente : [x64] HKCU\Software\BlabbersToolbar
    Clé Présente : [x64] HKCU\Software\BrowserCompanion
    Clé Présente : [x64] HKCU\Software\Conduit
    Clé Présente : [x64] HKCU\Software\hotspotshield
    Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    Clé Présente : [x64] HKCU\Software\Softonic
    Clé Présente : [x64] HKCU\Software\YahooPartnerToolbar
    Clé Présente : HKLM\Software\AVG Secure Search
    Clé Présente : HKLM\Software\BrowserCompanion
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
    Clé Présente : HKLM\SOFTWARE\Classes\Conduit.Engine
    Clé Présente : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Clé Présente : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT2549263
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT2567681
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT2719315
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT2769726
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
    Clé Présente : HKLM\Software\Conduit
    Clé Présente : HKLM\Software\conduitEngine
    Clé Présente : HKLM\Software\conduitEngine
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Clé Présente : HKLM\Software\PIP
    Clé Présente : HKLM\Software\Uniblue
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}
    Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F4E6547E-325B-403C-A3BB-AD29ED37A92F}]
    Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]


    ***** [ Navigateurs ] *****


    -\\ Internet Explorer v9.0.8112.16545


    Paramètre Présent : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
    Paramètre Présent : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://isearch.avg.com/tab?cid={699E46D5-9C22-43A4-B1D4-B5962D493AC8}&mid=088cf2f0c7a447d18cc6d16a12de16af-4833d98cb7accfee76b0ad8c5b6ac0122eabbdad&lang=fr&ds=AVG&pr=fr&d=2011-10-30 10:50:43&v=9.0.0.22&sap=nt


    -\\ Mozilla Firefox v


    [ Fichier : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\prefs.js ]


    Ligne Trouvée : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "");
    Ligne Trouvée : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2549263&SearchSource=13");
    Ligne Trouvée : user_pref("CommunityToolbar.ConduitSearchList", "Expat Shield Customized Web Search");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1111600/1107304/FR", "\"0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1161838/1157525/FR", "\"0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/942243/938027/FR", "\"0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2549263", "\"1314890028\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2719315", "\"1296491104\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2769726", "\"0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "MUj9hNyEiPxkVQ8Q8IYZ6A==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=fr-fr", "ZSqe5hKaZ5ArucBehsFKPg==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "ZF/VZo7UyQBp8ghNNzhnSQ==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=fr-fr", "/oUS1eK2SdsB3t6H2kLPsA==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "+RsYuZ9IN1smka6Zuggr5w==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=fr-fr", "a47lyj7cLWBfKLgeVP5JNA==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "t6SQZ7j9WsBHhE8zC0kAEQ==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=fr-fr", "A4BF15en2mpzA5wEihSZog==");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"80ee9485875dcc1:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2549263", "\"189bc05ed9753368aadfb2b80f08021d\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2719315", "\"634333631231730000\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2769726", "\"634333631231730000\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634333631231730000\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634248284990000000");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/2011 5:25:10 PM", "634339976460000000");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=11/8/2010 3:54:59 PM", "634285417620000000");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/21/2010 3:22:42 PM", "634303635100000000");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/2011 6:54:06 PM", "634356118310000000");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2549263&octid=CT2549263", "\"1317023379\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2719315/CT2719315", "\"1300981200\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2769726/CT2769726", "\"1298387099\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer_dead.gif", "\"0a8c48d3330c81:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.gif", "\"0e2106f3030c81:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif", "\"0f475394430c81:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif", "\"08d9ef44430c81:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif", "\"066e8863030c81:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "\"802b1fef4e19c81:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif", "\"802b1fef4e19c81:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "\"802b1fef4e19c81:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "\"802b1fef4e19c81:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\"802b1fef4e19c81:0\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"634351849102130000\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634351849102130000\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"dfcd977b3de16cbbb14789dbe1cbbc9f\"");
    Ligne Trouvée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr-fr", "\"634351849102130000\"");
    Ligne Trouvée : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
    Ligne Trouvée : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
    Ligne Trouvée : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
    Ligne Trouvée : user_pref("CommunityToolbar.IsEngineShown", false);
    Ligne Trouvée : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
    Ligne Trouvée : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Claude Alice\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\2uqmc1vy.default\\conduitCommon\\modules\\3.7.0.6");
    Ligne Trouvée : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
    Ligne Trouvée : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2719315");
    Ligne Trouvée : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{b9e20919-fa55-471f-989b-b107bf8de785}");
    Ligne Trouvée : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "messengerpluslive_france_tb");
    Ligne Trouvée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
    Ligne Trouvée : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine");
    Ligne Trouvée : user_pref("CommunityToolbar.ToolbarsList2", "");
    Ligne Trouvée : user_pref("CommunityToolbar.ToolbarsList4", "");
    Ligne Trouvée : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Mar 26 2011 03:31:34 GMT+0100");
    Ligne Trouvée : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
    Ligne Trouvée : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jul 21 2011 18:56:02 GMT+0200");
    Ligne Trouvée : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Ligne Trouvée : user_pref("CommunityToolbar.alert.locale", "en");
    Ligne Trouvée : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
    Ligne Trouvée : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jul 21 2011 18:55:54 GMT+0200");
    Ligne Trouvée : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
    Ligne Trouvée : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
    Ligne Trouvée : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Ligne Trouvée : user_pref("CommunityToolbar.alert.showTrayIcon", false);
    Ligne Trouvée : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
    Ligne Trouvée : user_pref("CommunityToolbar.alert.userId", "44554b37-be90-41ac-bdb7-697ef35375d3");
    Ligne Trouvée : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Nov 21 2011 13:30:25 GMT+0100");
    Ligne Trouvée : user_pref("CommunityToolbar.globalUserId", "e012e09c-b1ea-4185-a114-9038d8056542");
    Ligne Trouvée : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Ligne Trouvée : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Ligne Trouvée : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2549263");
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Nov 18 2011 00:22:09 GMT+0100");
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Nov 21 2011 13:30:33 GMT+0100");
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.locale", "en");
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Nov 21 2011 13:30:25 GMT+0100");
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Ligne Trouvée : user_pref("CommunityToolbar.notifications.userId", "48eb1116-0b81-42a1-b579-2e88050c5f8a");
    Ligne Trouvée : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
    Ligne Trouvée : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
    Ligne Trouvée : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Jul 21 2011 15:56:00 GMT+0200");
    Ligne Trouvée : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Mar 26 2011 03:31:38 GMT+0100");
    Ligne Trouvée : user_pref("ConduitEngine.FirstServerDate", "12/22/2010 00");
    Ligne Trouvée : user_pref("ConduitEngine.FirstTime", true);
    Ligne Trouvée : user_pref("ConduitEngine.FirstTimeFF3", true);
    Ligne Trouvée : user_pref("ConduitEngine.HasUserGlobalKeys", true);
    Ligne Trouvée : user_pref("ConduitEngine.HideEngineAfterRestart", false);
    Ligne Trouvée : user_pref("ConduitEngine.Initialize", true);
    Ligne Trouvée : user_pref("ConduitEngine.InitializeCommonPrefs", true);
    Ligne Trouvée : user_pref("ConduitEngine.InstalledDate", "Tue Dec 21 2010 02:17:02 GMT+0100");
    Ligne Trouvée : user_pref("ConduitEngine.IsMulticommunity", false);
    Ligne Trouvée : user_pref("ConduitEngine.IsOpenThankYouPage", false);
    Ligne Trouvée : user_pref("ConduitEngine.IsOpenUninstallPage", true);
    Ligne Trouvée : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Mar 26 2011 20:04:59 GMT+0100");
    Ligne Trouvée : user_pref("ConduitEngine.LastLogin_3.2.3.3", "Tue Dec 21 2010 22:24:34 GMT+0100");
    Ligne Trouvée : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Fri Mar 25 2011 20:04:58 GMT+0100");
    Ligne Trouvée : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sun Mar 27 2011 04:54:09 GMT+0200");
    Ligne Trouvée : user_pref("ConduitEngine.PublisherContainerWidth", 0);
    Ligne Trouvée : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
    Ligne Trouvée : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Mar 27 2011 04:54:09 GMT+0200");
    Ligne Trouvée : user_pref("ConduitEngine.UserID", "UN11426031669287029");
    Ligne Trouvée : user_pref("ConduitEngine.engineLocale", "en-US");
    Ligne Trouvée : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Mar 26 2011 20:04:59 GMT+0100");
    Ligne Trouvée : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun Mar 27 2011 03:54:09 GMT+0200");
    Ligne Trouvée : user_pref("ConduitEngine.initDone", true);
    Ligne Trouvée : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
    Ligne Trouvée : user_pref("avg.toolbar.websearchlink", "hxxp://fr.yhs.search.yahoo.com/avg/search?fr=yhs-avg");
    Ligne Trouvée : user_pref("browser.search.defaultthis.engineName", "Expat Shield Customized Web Search");
    Ligne Trouvée : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2549263&SearchSource=3&q={searchTerms}");
    Ligne Trouvée : user_pref("browser.search.order.1", "Ask.com");
    Ligne Trouvée : user_pref("extensions.enabledItems", "linkuryfirefoxremoteplugin@linkury.com:1.0,{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.51,en-GB@dictionaries.addons.mozilla.org:1.19.1,es-es@dictionaries.addons.mozi[...]
    Ligne Trouvée : user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10168&gct=&gc=1&q={searchTerms}&crm=1");
    Ligne Trouvée : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
    Ligne Trouvée : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
    Ligne Trouvée : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");


    -\\ Google Chrome v34.0.1847.116


    [ Fichier : C:\Users\Claude Alice\AppData\Local\Google\Chrome\User Data\Default\preferences ]




    *************************


    AdwCleaner[R0].txt - [27702 octets] - [16/04/2014 20:51:45]


    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [27763 octets] ##########

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hi! My name is zep516 and Welcome to HELP2GO!
    I'll do the best I can to resolve your computer issue
    Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

    First

    On the adwcleaner "scan" did you run the CLEAN OPTION If not please do so.

    [*]Click on the Clean button follow the prompts.
    A log file will automatically open after the scan has finished and the PC has rebooted.
    Please post the content of that log file with your next answer.
    Next

    Please download OTL to your Desktop
    • Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.

    Please post the contents of both OTL.txt and Extras.txt files in your next reply.[/QUOTE]

    Thanks
    Joe
    Last edited by zep516; 04-16-2014 at 07:15 PM.

  3. #3
    Member thaly's Avatar
    Join Date
    Aug 2005
    Location
    France
    Posts
    37
    Points
    0

    Default adwcleaner[SO].txt

    Thank you


    # AdwCleaner v3.023 - Rapport créé le 17/04/2014 à 02:07:32
    # Mis à jour le 01/04/2014 par Xplode
    # Système d'exploitation : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
    # Nom d'utilisateur : Claude Alice - MARS
    # Exécuté depuis : C:\Users\Claude Alice\Downloads\adwcleaner.exe
    # Option : Nettoyer


    ***** [ Services ] *****


    [#] Service Supprimé : hshld
    [#] Service Supprimé : HssSrv
    [#] Service Supprimé : hsswd


    ***** [ Fichiers / Dossiers ] *****


    [!] Dossier Supprimé : C:\hotspot shield
    [!] Dossier Supprimé : C:\Program Files (x86)\ConduitEngine
    [!] Dossier Supprimé : C:\Program Files (x86)\GreenTree Applications
    [!] Dossier Supprimé : C:\Users\Claude Alice\AppData\Local\apn
    [!] Dossier Supprimé : C:\Users\Claude Alice\AppData\Local\AVG Security Toolbar
    [!] Dossier Supprimé : C:\Users\Claude Alice\AppData\Local\Linkury
    [!] Dossier Supprimé : C:\Users\Claude Alice\AppData\Local\PackageAware
    [!] Dossier Supprimé : C:\Users\Claude Alice\AppData\LocalLow\Conduit
    [!] Dossier Supprimé : C:\Users\Claude Alice\AppData\LocalLow\ConduitEngine
    [!] Dossier Supprimé : C:\Users\Claude Alice\AppData\LocalLow\PriceGong
    [!] Dossier Supprimé : C:\Users\Claude Alice\AppData\LocalLow\Zynga
    [!] Dossier Supprimé : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\Conduit
    [!] Dossier Supprimé : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\ConduitEngine
    [!] Dossier Supprimé : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\Extensions\bbrs_002@blabbers.com
    Fichier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
    Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\Components\AskSearch.js
    Fichier Supprimé : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\searchplugins\Askcom.xml
    Fichier Supprimé : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\searchplugins\Messenger Plus Smartbar Search.xml
    Fichier Supprimé : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\searchplugins\Plusnetwork.xml
    Fichier Supprimé : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\searchplugins\search-the-web.xml
    Fichier Supprimé : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\user.js


    ***** [ Raccourcis ] *****




    ***** [ Registre ] *****


    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
    Clé Supprimée : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2549263
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2567681
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2719315
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2769726
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB912-C5FA-486F-8334-57288578C627}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F4E6547E-325B-403C-A3BB-AD29ED37A92F}]
    Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
    Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}
    Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Clé Supprimée : HKCU\Software\APN PIP
    Clé Supprimée : HKCU\Software\Blabbers
    Clé Supprimée : HKCU\Software\BlabbersToolbar
    Clé Supprimée : HKCU\Software\BrowserCompanion
    Clé Supprimée : HKCU\Software\Conduit
    Clé Supprimée : HKCU\Software\hotspotshield
    Clé Supprimée : HKCU\Software\Softonic
    Clé Supprimée : HKCU\Software\YahooPartnerToolbar
    Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
    Clé Supprimée : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
    Clé Supprimée : HKCU\Software\AppDataLow\Software\conduitEngine
    Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
    Clé Supprimée : HKLM\Software\AVG Secure Search
    Clé Supprimée : HKLM\Software\BrowserCompanion
    Clé Supprimée : HKLM\Software\Conduit
    Clé Supprimée : HKLM\Software\conduitEngine
    Clé Supprimée : HKLM\Software\PIP
    Clé Supprimée : HKLM\Software\Uniblue
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\clickpotatolitesa
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\hotspotshield
    Clé Supprimée : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF


    ***** [ Navigateurs ] *****


    -\\ Internet Explorer v9.0.8112.16545


    Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
    Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]


    -\\ Mozilla Firefox v


    [ Fichier : C:\Users\Claude Alice\AppData\Roaming\Mozilla\Firefox\Profiles\2uqmc1vy.default\prefs.js ]


    Ligne Supprimée : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "");
    Ligne Supprimée : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2549263&SearchSource=13");
    Ligne Supprimée : user_pref("CommunityToolbar.ConduitSearchList", "Expat Shield Customized Web Search");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1111600/1107304/FR", "\"0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1161838/1157525/FR", "\"0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/942243/938027/FR", "\"0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2549263", "\"1314890028\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2719315", "\"1296491104\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2769726", "\"0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "MUj9hNyEiPxkVQ8Q8IYZ6A==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=fr-fr", "ZSqe5hKaZ5ArucBehsFKPg==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "ZF/VZo7UyQBp8ghNNzhnSQ==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=fr-fr", "/oUS1eK2SdsB3t6H2kLPsA==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "+RsYuZ9IN1smka6Zuggr5w==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=fr-fr", "a47lyj7cLWBfKLgeVP5JNA==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "t6SQZ7j9WsBHhE8zC0kAEQ==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=fr-fr", "A4BF15en2mpzA5wEihSZog==");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"80ee9485875dcc1:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2549263", "\"189bc05ed9753368aadfb2b80f08021d\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2719315", "\"634333631231730000\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2769726", "\"634333631231730000\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634333631231730000\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634248284990000000");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/2011 5:25:10 PM", "634339976460000000");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=11/8/2010 3:54:59 PM", "634285417620000000");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/21/2010 3:22:42 PM", "634303635100000000");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/2011 6:54:06 PM", "634356118310000000");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2549263&octid=CT2549263", "\"1317023379\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2719315/CT2719315", "\"1300981200\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2769726/CT2769726", "\"1298387099\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer_dead.gif", "\"0a8c48d3330c81:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.gif", "\"0e2106f3030c81:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif", "\"0f475394430c81:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif", "\"08d9ef44430c81:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif", "\"066e8863030c81:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "\"802b1fef4e19c81:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif", "\"802b1fef4e19c81:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "\"802b1fef4e19c81:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "\"802b1fef4e19c81:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\"802b1fef4e19c81:0\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"634351849102130000\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634351849102130000\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"dfcd977b3de16cbbb14789dbe1cbbc9f\"");
    Ligne Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr-fr", "\"634351849102130000\"");
    Ligne Supprimée : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
    Ligne Supprimée : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
    Ligne Supprimée : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
    Ligne Supprimée : user_pref("CommunityToolbar.IsEngineShown", false);
    Ligne Supprimée : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
    Ligne Supprimée : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Claude Alice\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\2uqmc1vy.default\\conduitCommon\\modules\\3.7.0.6");
    Ligne Supprimée : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
    Ligne Supprimée : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2719315");
    Ligne Supprimée : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{b9e20919-fa55-471f-989b-b107bf8de785}");
    Ligne Supprimée : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "messengerpluslive_france_tb");
    Ligne Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
    Ligne Supprimée : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine");
    Ligne Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "");
    Ligne Supprimée : user_pref("CommunityToolbar.ToolbarsList4", "");
    Ligne Supprimée : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Mar 26 2011 03:31:34 GMT+0100");
    Ligne Supprimée : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
    Ligne Supprimée : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jul 21 2011 18:56:02 GMT+0200");
    Ligne Supprimée : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Ligne Supprimée : user_pref("CommunityToolbar.alert.locale", "en");
    Ligne Supprimée : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
    Ligne Supprimée : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jul 21 2011 18:55:54 GMT+0200");
    Ligne Supprimée : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
    Ligne Supprimée : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
    Ligne Supprimée : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Ligne Supprimée : user_pref("CommunityToolbar.alert.showTrayIcon", false);
    Ligne Supprimée : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
    Ligne Supprimée : user_pref("CommunityToolbar.alert.userId", "44554b37-be90-41ac-bdb7-697ef35375d3");
    Ligne Supprimée : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Nov 21 2011 13:30:25 GMT+0100");
    Ligne Supprimée : user_pref("CommunityToolbar.globalUserId", "e012e09c-b1ea-4185-a114-9038d8056542");
    Ligne Supprimée : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Ligne Supprimée : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Ligne Supprimée : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2549263");
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Nov 18 2011 00:22:09 GMT+0100");
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Nov 21 2011 13:30:33 GMT+0100");
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.locale", "en");
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Nov 21 2011 13:30:25 GMT+0100");
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Ligne Supprimée : user_pref("CommunityToolbar.notifications.userId", "48eb1116-0b81-42a1-b579-2e88050c5f8a");
    Ligne Supprimée : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
    Ligne Supprimée : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
    Ligne Supprimée : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Jul 21 2011 15:56:00 GMT+0200");
    Ligne Supprimée : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Mar 26 2011 03:31:38 GMT+0100");
    Ligne Supprimée : user_pref("ConduitEngine.FirstServerDate", "12/22/2010 00");
    Ligne Supprimée : user_pref("ConduitEngine.FirstTime", true);
    Ligne Supprimée : user_pref("ConduitEngine.FirstTimeFF3", true);
    Ligne Supprimée : user_pref("ConduitEngine.HasUserGlobalKeys", true);
    Ligne Supprimée : user_pref("ConduitEngine.HideEngineAfterRestart", false);
    Ligne Supprimée : user_pref("ConduitEngine.Initialize", true);
    Ligne Supprimée : user_pref("ConduitEngine.InitializeCommonPrefs", true);
    Ligne Supprimée : user_pref("ConduitEngine.InstalledDate", "Tue Dec 21 2010 02:17:02 GMT+0100");
    Ligne Supprimée : user_pref("ConduitEngine.IsMulticommunity", false);
    Ligne Supprimée : user_pref("ConduitEngine.IsOpenThankYouPage", false);
    Ligne Supprimée : user_pref("ConduitEngine.IsOpenUninstallPage", true);
    Ligne Supprimée : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Mar 26 2011 20:04:59 GMT+0100");
    Ligne Supprimée : user_pref("ConduitEngine.LastLogin_3.2.3.3", "Tue Dec 21 2010 22:24:34 GMT+0100");
    Ligne Supprimée : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Fri Mar 25 2011 20:04:58 GMT+0100");
    Ligne Supprimée : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sun Mar 27 2011 04:54:09 GMT+0200");
    Ligne Supprimée : user_pref("ConduitEngine.PublisherContainerWidth", 0);
    Ligne Supprimée : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
    Ligne Supprimée : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Mar 27 2011 04:54:09 GMT+0200");
    Ligne Supprimée : user_pref("ConduitEngine.UserID", "UN11426031669287029");
    Ligne Supprimée : user_pref("ConduitEngine.engineLocale", "en-US");
    Ligne Supprimée : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Mar 26 2011 20:04:59 GMT+0100");
    Ligne Supprimée : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun Mar 27 2011 03:54:09 GMT+0200");
    Ligne Supprimée : user_pref("ConduitEngine.initDone", true);
    Ligne Supprimée : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
    Ligne Supprimée : user_pref("avg.toolbar.websearchlink", "hxxp://fr.yhs.search.yahoo.com/avg/search?fr=yhs-avg");
    Ligne Supprimée : user_pref("browser.search.defaultthis.engineName", "Expat Shield Customized Web Search");
    Ligne Supprimée : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2549263&SearchSource=3&q={searchTerms}");
    Ligne Supprimée : user_pref("browser.search.order.1", "Ask.com");
    Ligne Supprimée : user_pref("extensions.enabledItems", "linkuryfirefoxremoteplugin@linkury.com:1.0,{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.51,en-GB@dictionaries.addons.mozilla.org:1.19.1,es-es@dictionaries.addons.mozi[...]
    Ligne Supprimée : user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10168&gct=&gc=1&q={searchTerms}&crm=1");
    Ligne Supprimée : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
    Ligne Supprimée : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
    Ligne Supprimée : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");


    -\\ Google Chrome v34.0.1847.116


    [ Fichier : C:\Users\Claude Alice\AppData\Local\Google\Chrome\User Data\Default\preferences ]




    *************************


    AdwCleaner[R0].txt - [27964 octets] - [16/04/2014 20:51:45]
    AdwCleaner[R1].txt - [27965 octets] - [17/04/2014 02:05:44]
    AdwCleaner[S0].txt - [25672 octets] - [17/04/2014 02:07:32]


    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25733 octets] ##########

  4. #4
    Member thaly's Avatar
    Join Date
    Aug 2005
    Location
    France
    Posts
    37
    Points
    0

    Default OTL.txt

    OTL logfile created on: 17/04/2014 04:13:45 - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Claude Alice\Downloads
    64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,06% Memory free
    8,20 Gb Paging File | 6,30 Gb Available in Paging File | 76,85% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 582,24 Gb Total Space | 368,52 Gb Free Space | 63,29% Space Free | Partition Type: NTFS
    Drive D: | 13,93 Gb Total Space | 2,84 Gb Free Space | 20,37% Space Free | Partition Type: NTFS

    Computer Name: MARS | User Name: Claude Alice | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/04/17 02:21:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Claude Alice\Downloads\OTL (1).exe
    PRC - [2014/04/12 22:13:33 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2014/04/12 22:13:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2013/12/18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2010/12/23 12:41:36 | 003,304,768 | ---- | M] (devolo AG) -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
    PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/12/05 19:15:16 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014/04/12 22:13:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV:64bit: - [2013/05/23 22:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
    SRV:64bit: - [2008/01/21 04:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2014/04/13 17:27:08 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/12/18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2011/06/04 01:56:02 | 003,249,512 | ---- | M] (Hide My IP) [On_Demand | Stopped] -- C:\Program Files (x86)\Hide My IP\HideMyIpSrv.exe -- (HideMyIpSRV)
    SRV - [2010/12/23 12:41:36 | 003,304,768 | ---- | M] (devolo AG) [Auto | Running] -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
    SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
    SRV - [2009/10/20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
    SRV - [2009/03/30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008/11/03 18:21:18 | 000,354,840 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
    SRV - [2008/03/25 21:23:58 | 000,894,976 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
    SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
    DRV:64bit: - [2014/04/12 22:13:39 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
    DRV:64bit: - [2014/04/12 22:13:39 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2014/04/12 22:13:39 | 000,208,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
    DRV:64bit: - [2014/04/12 22:13:39 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2014/04/12 22:13:39 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
    DRV:64bit: - [2014/04/12 22:13:39 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
    DRV:64bit: - [2014/04/12 22:13:38 | 000,064,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
    DRV:64bit: - [2013/01/25 17:38:04 | 000,088,448 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
    DRV:64bit: - [2012/11/29 12:56:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
    DRV:64bit: - [2012/11/29 12:56:30 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lmimirr.sys -- (lmimirr)
    DRV:64bit: - [2012/09/28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/02/29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/07/22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)
    DRV:64bit: - [2011/07/12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)
    DRV:64bit: - [2010/09/22 21:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\taphss.sys -- (taphss)
    DRV:64bit: - [2009/10/20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
    DRV:64bit: - [2009/10/01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
    DRV:64bit: - [2008/12/07 13:44:56 | 000,035,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btnetBus.sys -- (btnetBUs)
    DRV:64bit: - [2008/11/03 18:10:08 | 000,406,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
    DRV:64bit: - [2008/02/14 16:56:14 | 000,160,768 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
    DRV:64bit: - [2008/01/21 04:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
    DRV:64bit: - [2007/07/03 18:04:44 | 000,142,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscdmdm.sys -- (sscdmdm)
    DRV:64bit: - [2007/07/03 18:04:16 | 000,016,040 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscdmdfl.sys -- (sscdmdfl)
    DRV:64bit: - [2007/07/03 18:02:12 | 000,105,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sscdbus.sys -- (sscdbus)
    DRV:64bit: - [2007/03/08 20:03:58 | 001,541,120 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbVM305.sys -- (ZSMC0305)
    DRV:64bit: - [2007/02/02 21:47:18 | 000,300,800 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vvftav.sys -- (vvftav)
    DRV - [2011/12/31 12:02:45 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
    DRV - [2010/06/10 13:32:14 | 000,034,048 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\npf_devolo.sys -- (NPF_devolo)
    DRV - [2009/03/13 00:46:30 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0982B9D4-C3A4-41B3-92A0-81874C999422}
    IE:64bit: - HKLM\..\SearchScopes\{0982B9D4-C3A4-41B3-92A0-81874C999422}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcndtie7-fr-fr
    IE:64bit: - HKLM\..\SearchScopes\{A6B150EA-F9C9-43CB-9318-4B55AF19D69B}: "URL" = http://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{0982B9D4-C3A4-41B3-92A0-81874C999422}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcndtie7-fr-fr
    IE - HKLM\..\SearchScopes\{A6B150EA-F9C9-43CB-9318-4B55AF19D69B}: "URL" = http://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Google
    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google
    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google
    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\..\SearchScopes\{F3DCD557-4158-4163-B7D8-3ECD014C31F2}: "URL" = http://www.google.fr/search?hl=fr&q={searchTerms}+&meta=
    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Google"
    FF - prefs.js..browser.search.defaultenginename: "Google"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
    FF - prefs.js..extensions.enabledAddons: en-GB@dictionaries.addons.mozilla.org:1.19.1
    FF - prefs.js..extensions.enabledAddons: es-es@dictionaries.addons.mozilla.org:1.5
    FF - prefs.js..extensions.enabledAddons: {d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}:1.0
    FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120910
    FF - prefs.js..extensions.enabledAddons: wrc@avast.com:8.0.1483
    FF - prefs.js..extensions.enabledAddons: support@free-hideip.com:1.0
    FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.14
    FF - prefs.js..extensions.enabledAddons: bbrs_002@blabbers.com:1.0.5
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2009/05/13 10:58:34 | 000,000,000 | ---D | M]
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2009/05/13 10:58:34 | 000,000,000 | ---D | M]
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Claude Alice\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found
    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Claude Alice\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Claude Alice\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Claude Alice\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Claude Alice\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Claude Alice\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Claude Alice\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/04 00:07:45 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/04/12 22:13:40 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/04 00:07:45 | 000,000,000 | ---D | M]

    [2010/04/25 04:55:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Claude Alice\AppData\Roaming\mozilla\Extensions
    [2010/04/25 04:55:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Claude Alice\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
    [2014/04/17 02:09:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Claude Alice\AppData\Roaming\mozilla\Firefox\Profiles\2uqmc1vy.default\extensions
    [2009/09/22 16:00:43 | 000,000,000 | ---D | M] (History Submenus) -- C:\Users\Claude Alice\AppData\Roaming\mozilla\Firefox\Profiles\2uqmc1vy.default\extensions\{7102aba3-045c-4ec2-b921-46d87636d84b}(234)
    [2012/12/13 23:20:21 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Claude Alice\AppData\Roaming\mozilla\Firefox\Profiles\2uqmc1vy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2013/04/09 00:29:28 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Claude Alice\AppData\Roaming\mozilla\Firefox\Profiles\2uqmc1vy.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2012/04/11 22:08:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Claude Alice\AppData\Roaming\mozilla\Firefox\Profiles\2uqmc1vy.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(123)
    [2012/04/15 18:27:50 | 000,000,000 | ---D | M] (CSHelper) -- C:\Users\Claude Alice\AppData\Roaming\mozilla\Firefox\Profiles\2uqmc1vy.default\extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}
    [2010/12/22 16:38:03 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Claude Alice\AppData\Roaming\mozilla\Firefox\Profiles\2uqmc1vy.default\extensions\en-GB@dictionaries.addons.mozilla.org
    [2011/06/07 21:35:10 | 000,000,000 | ---D | M] (Diccionario de Español/España) -- C:\Users\Claude Alice\AppData\Roaming\mozilla\Firefox\Profiles\2uqmc1vy.default\extensions\es-es@dictionaries.addons.mozilla.org
    [2013/04/09 00:21:08 | 000,004,548 | ---- | M] () (No name found) -- C:\Users\Claude Alice\AppData\Roaming\mozilla\firefox\profiles\2uqmc1vy.default\extensions\support@free-hideip.com.xpi
    [2009/03/13 14:18:30 | 000,005,346 | ---- | M] () -- C:\Users\Claude Alice\AppData\Roaming\mozilla\firefox\profiles\2uqmc1vy.default\searchplugins\microsoft.xml
    [2011/08/31 13:15:29 | 000,003,613 | ---- | M] () -- C:\Users\Claude Alice\AppData\Roaming\mozilla\firefox\profiles\2uqmc1vy.default\searchplugins\YouGoo.xml
    [2014/04/12 22:13:40 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
    File not found (No name found) -- C:\USERS\CLAUDE ALICE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2UQMC1VY.DEFAULT\EXTENSIONS\BBRS_002@BLABBERS.COM
    [2012/02/21 19:41:46 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2012/06/28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
    [2010/10/21 21:56:38 | 000,001,847 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\privatesearch.xml

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: https://www.google.fr/
    CHR - plugin: Error reading preferences file
    CHR - Extension: Documents Google = C:\Users\Claude Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: YouTube = C:\Users\Claude Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Recherche Google = C:\Users\Claude Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: avast! Online Security = C:\Users\Claude Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.93_0\
    CHR - Extension: Google Wallet = C:\Users\Claude Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
    CHR - Extension: Gmail = C:\Users\Claude Alice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2014/04/16 19:59:53 | 000,450,715 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 0Scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben&#46;com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 Gadgets And More
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 15473 more lines...
    O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {F4E6547E-325B-403C-A3BB-AD29ED37A92F} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {F4E6547E-325B-403C-A3BB-AD29ED37A92F} - No CLSID value found.
    O3 - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
    O3 - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\..\Toolbar\WebBrowser: (no name) - {B9E20919-FA55-471F-989B-B107BF8DE785} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter File not found
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter File not found
    O4 - HKU\S-1-5-21-2706979001-3739070881-315316544-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\HMIPCore64.dll (Hide My IP)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\HMIPCore64.dll (Hide My IP)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\HMIPCore64.dll (Hide My IP)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\HMIPCore64.dll (Hide My IP)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\HMIPCore64.dll (Hide My IP)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\..Trusted Domains: localhost ([]http in Trusted sites)
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/reso...an8/oscan8.cab (BDSCANONLINE Control)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D37BF062-E5AD-428B-BF5C-3F0304D0C27A}: DhcpNameServer = 212.27.40.240 212.27.40.241
    O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\linkscanner - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found
    O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O24 - Desktop WallPaper: C:\Users\Claude Alice\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Claude Alice\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
    O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
    O29 - HKLM SecurityProviders - (credssp.dll) - File not found
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2014/04/16 20:34:05 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKU\S-1-5-21-2706979001-3739070881-315316544-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/04/16 20:51:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014/04/16 20:07:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BCD32
    [2014/04/16 20:07:15 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
    [2014/04/13 22:58:21 | 000,000,000 | ---D | C] -- C:\EasyPHP-DevServer-14.1VC9
    [2014/04/13 20:09:25 | 000,000,000 | ---D | C] -- C:\Bitnami
    [2014/04/13 18:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyPHP-DevServer-14.1VC9
    [2014/04/13 04:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\A EasyPHP-DevServer-14.1VC11
    [2014/04/13 00:12:06 | 000,415,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRepl35.dll
    [2014/04/13 00:12:06 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSRD2x35.dll
    [2014/04/13 00:12:06 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB5DB.dll
    [2014/04/13 00:12:06 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ODBCTL32.dll
    [2014/04/13 00:11:42 | 001,050,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSJet35.dll
    [2014/04/13 00:11:41 | 000,040,374 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\SysWow64\P3S4ODFR.DLL
    [2014/04/13 00:11:41 | 000,012,288 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\SysWow64\P3RDAOFR.DLL
    [2014/04/13 00:11:41 | 000,012,288 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\SysWow64\P3CDAOFR.DLL
    [2014/04/13 00:11:40 | 000,979,456 | ---- | C] (Three D Graphics) -- C:\Windows\SysWow64\PG32.DLL
    [2014/04/13 00:11:40 | 000,710,656 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\SysWow64\CR2C40FR.DLL
    [2014/04/13 00:11:40 | 000,180,224 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\SysWow64\CO2C40EN.DLL
    [2014/04/13 00:11:40 | 000,149,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSJInt35.dll
    [2014/04/13 00:11:40 | 000,087,040 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\SysWow64\P2BDAO.DLL
    [2014/04/13 00:11:40 | 000,025,600 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\SysWow64\CC245FR.DLL
    [2014/04/13 00:11:40 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSJtEr35.dll
    [2014/04/13 00:11:40 | 000,015,872 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\SysWow64\P3D4BDFR.DLL
    [2014/04/13 00:11:40 | 000,012,800 | ---- | C] (Seagate Software Information Management Group, Inc.) -- C:\Windows\SysWow64\P3BDAOFR.DLL
    [2014/04/13 00:11:40 | 000,000,000 | ---D | C] -- C:\Windows\Crystal
    [2014/04/13 00:11:39 | 000,200,704 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\THREED32.OCX
    [2014/04/13 00:11:39 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GRID32.OCX
    [2014/04/13 00:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Démarrage
    [2014/04/12 22:26:53 | 000,000,000 | ---D | C] -- C:\Users\Claude Alice\Documents\gegl-0.0
    [2014/04/12 22:26:53 | 000,000,000 | ---D | C] -- C:\Users\Claude Alice\.gimp-2.6
    [2014/04/12 22:13:37 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
    [2014/04/12 22:04:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
    [2014/04/12 21:59:20 | 018,302,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
    [2014/04/12 21:59:20 | 015,783,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
    [2014/04/12 21:59:19 | 031,474,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
    [2014/04/12 21:59:19 | 023,716,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
    [2014/04/12 21:59:19 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
    [2014/04/12 21:59:19 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
    [2014/04/12 21:59:18 | 017,755,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
    [2014/04/12 21:59:18 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433523.dll
    [2014/04/12 21:59:18 | 001,516,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433523.dll
    [2014/04/12 21:59:17 | 025,255,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
    [2014/04/12 21:59:17 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
    [2014/04/12 21:59:17 | 014,709,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
    [2014/04/12 21:59:17 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
    [2014/04/12 21:59:17 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
    [2014/04/12 21:59:17 | 003,143,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
    [2014/04/12 21:59:17 | 002,958,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
    [2014/04/12 21:59:17 | 002,783,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
    [2014/04/12 21:59:17 | 002,715,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
    [2014/04/12 21:59:17 | 002,411,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
    [2014/04/12 18:54:10 | 005,777,288 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    [2014/04/12 18:06:54 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2014/04/12 18:06:54 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2014/04/12 18:06:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2014/04/12 18:06:51 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2014/04/12 18:06:51 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2014/04/12 18:06:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2014/04/12 18:06:51 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2014/04/12 18:06:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2014/04/12 18:06:49 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2014/04/12 18:06:49 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2014/04/12 18:06:48 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2014/04/12 18:06:48 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2014/04/12 18:06:47 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2014/04/12 18:06:47 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2014/04/12 18:06:47 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2014/04/12 18:05:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    [2014/04/12 17:44:56 | 001,111,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
    [2014/04/12 17:44:56 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
    [2014/04/12 17:44:47 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
    [2014/04/12 17:44:47 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
    [2014/04/12 17:43:38 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
    [2014/04/12 17:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
    [2014/04/12 17:36:09 | 000,064,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
    [2014/04/12 17:36:07 | 002,558,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
    [2014/04/12 17:34:11 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
    [2014/04/12 17:34:11 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
    [2014/04/12 16:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
    [2014/04/12 16:25:14 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
    [2014/04/12 15:13:23 | 000,000,000 | ---D | C] -- C:\Sauvegardes_journalieres
    [2014/04/12 12:08:08 | 000,000,000 | ---D | C] -- C:\bcdi3
    [2014/04/12 11:32:51 | 000,000,000 | ---D | C] -- C:\Users\Claude Alice\Desktop\dewey tags
    [2014/04/12 08:08:18 | 000,000,000 | ---D | C] -- C:\Users\Claude Alice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Démarrage
    [2014/04/12 08:08:17 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB5FR.dll
    [2014/04/12 08:08:17 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST5UNST.EXE
    [2014/04/12 08:08:17 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB5StKit.dll
    [2014/04/12 08:08:16 | 000,000,000 | ---D | C] -- C:\TEMP_BCD32
    [2014/04/10 01:46:14 | 000,000,000 | ---D | C] -- C:\Users\Claude Alice\Documents\recettes
    [2014/04/10 00:08:45 | 000,000,000 | ---D | C] -- C:\Users\Claude Alice\Documents\argile
    [2014/04/09 22:24:31 | 000,000,000 | ---D | C] -- C:\Users\Claude Alice\Documents\G
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014/04/17 04:13:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/04/17 04:09:47 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/04/17 04:09:47 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/04/17 03:54:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/04/17 03:50:21 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2706979001-3739070881-315316544-1000UA.job
    [2014/04/17 02:17:37 | 000,000,501 | ---- | M] () -- C:\Users\Claude Alice\Desktop\adwcleaner.exe - Raccourci.lnk
    [2014/04/17 02:17:23 | 001,615,904 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2014/04/17 02:17:23 | 000,726,918 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2014/04/17 02:17:23 | 000,649,300 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2014/04/17 02:17:23 | 000,150,560 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2014/04/17 02:17:23 | 000,124,900 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2014/04/17 02:16:57 | 000,000,649 | ---- | M] () -- C:\Users\Claude Alice\Application Data\Microsoft\Internet Explorer\Quick Launch\adwcleaner.exe - Raccourci.lnk
    [2014/04/17 02:14:54 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/04/17 02:09:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/04/17 02:08:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
    [2014/04/17 01:31:09 | 000,075,595 | ---- | M] () -- C:\Users\Claude Alice\Desktop\RETOUR.pdf
    [2014/04/17 01:26:57 | 000,063,503 | ---- | M] () -- C:\Users\Claude Alice\Desktop\1105H7KHVW920122014041700261658ee7a4b.pdf
    [2014/04/16 22:56:32 | 000,206,042 | ---- | M] () -- C:\Users\Claude Alice\Desktop\superantispyware 2.jpg
    [2014/04/16 22:55:48 | 000,195,618 | ---- | M] () -- C:\Users\Claude Alice\Desktop\Superantispyware1.jpg
    [2014/04/16 20:51:23 | 001,426,178 | ---- | M] () -- C:\Users\Claude Alice\Desktop\adwcleaner.exe
    [2014/04/16 20:34:05 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
    [2014/04/16 20:07:15 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
    [2014/04/16 19:59:53 | 000,450,715 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2014/04/16 17:58:08 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2706979001-3739070881-315316544-1000Core.job
    [2014/04/14 00:00:33 | 000,000,792 | ---- | M] () -- C:\Users\Claude Alice\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyPHP-DevServer-14.1VC9.exe - Raccourci.lnk
    [2014/04/13 20:19:10 | 000,001,024 | ---- | M] () -- C:\.rnd
    [2014/04/13 17:27:08 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2014/04/13 17:27:08 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2014/04/12 22:43:59 | 000,002,049 | ---- | M] () -- C:\Users\Claude Alice\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2014/04/12 22:40:38 | 000,348,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2014/04/12 22:13:39 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
    [2014/04/12 22:13:39 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
    [2014/04/12 22:13:39 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
    [2014/04/12 22:13:39 | 000,208,928 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
    [2014/04/12 22:13:39 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
    [2014/04/12 22:13:39 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
    [2014/04/12 22:13:39 | 000,065,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
    [2014/04/12 22:13:38 | 000,064,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
    [2014/04/12 22:13:37 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2014/04/12 18:54:10 | 005,777,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    [2014/04/12 18:06:13 | 001,586,032 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2014/04/10 00:09:37 | 000,001,300 | ---- | M] () -- C:\Users\Claude Alice\AppData\Roaming\wklnhst.dat
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014/04/17 02:17:37 | 000,000,501 | ---- | C] () -- C:\Users\Claude Alice\Desktop\adwcleaner.exe - Raccourci.lnk
    [2014/04/17 02:16:57 | 000,000,649 | ---- | C] () -- C:\Users\Claude Alice\Application Data\Microsoft\Internet Explorer\Quick Launch\adwcleaner.exe - Raccourci.lnk
    [2014/04/17 01:31:09 | 000,075,595 | ---- | C] () -- C:\Users\Claude Alice\Desktop\RETOUR.pdf
    [2014/04/17 01:26:55 | 000,063,503 | ---- | C] () -- C:\Users\Claude Alice\Desktop\1105H7KHVW920122014041700261658ee7a4b.pdf
    [2014/04/16 22:56:32 | 000,206,042 | ---- | C] () -- C:\Users\Claude Alice\Desktop\superantispyware 2.jpg
    [2014/04/16 22:55:48 | 000,195,618 | ---- | C] () -- C:\Users\Claude Alice\Desktop\Superantispyware1.jpg
    [2014/04/16 20:51:16 | 001,426,178 | ---- | C] () -- C:\Users\Claude Alice\Desktop\adwcleaner.exe
    [2014/04/16 20:34:05 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
    [2014/04/14 00:00:33 | 000,000,792 | ---- | C] () -- C:\Users\Claude Alice\Application Data\Microsoft\Internet Explorer\Quick Launch\EasyPHP-DevServer-14.1VC9.exe - Raccourci.lnk
    [2014/04/13 00:11:41 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\P2SODBC.DLL
    [2014/04/13 00:11:41 | 000,054,272 | ---- | C] () -- C:\Windows\SysWow64\P2IRDAO.DLL
    [2014/04/13 00:11:40 | 000,050,176 | ---- | C] () -- C:\Windows\SysWow64\P2CTDAO.DLL
    [2014/04/13 00:11:40 | 000,036,352 | ---- | C] () -- C:\Windows\SysWow64\P2BBND.DLL
    [2014/04/13 00:11:40 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysWow64\IMPLODE.DLL
    [2014/04/12 18:29:10 | 000,002,049 | ---- | C] () -- C:\Users\Claude Alice\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2014/04/12 18:03:31 | 000,001,080 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/04/12 18:03:29 | 000,001,076 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/03/07 04:22:26 | 001,586,032 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013/10/24 16:10:31 | 000,000,879 | ---- | C] () -- C:\Users\Claude Alice\.recently-used.xbel
    [2013/08/19 20:37:54 | 000,000,417 | ---- | C] () -- C:\Windows\wininit.ini
    [2012/11/04 16:22:50 | 000,000,430 | ---- | C] () -- C:\Users\Claude Alice\AppData\Local\RAExpertHistory.xml
    [2011/11/03 04:37:46 | 000,000,408 | ---- | C] () -- C:\Users\Claude Alice\AppData\Roaming\CamShapes.ini
    [2011/11/03 04:37:46 | 000,000,408 | ---- | C] () -- C:\Users\Claude Alice\AppData\Roaming\CamLayout.ini
    [2011/11/03 04:37:46 | 000,000,114 | ---- | C] () -- C:\Users\Claude Alice\AppData\Roaming\Camdata.ini
    [2011/11/03 04:37:45 | 000,004,416 | ---- | C] () -- C:\Users\Claude Alice\AppData\Roaming\CamStudio.cfg
    [2011/08/04 04:59:12 | 000,745,422 | ---- | C] () -- C:\Users\Claude Alice\AppData\Local\census.cache
    [2011/08/04 04:58:24 | 000,141,301 | ---- | C] () -- C:\Users\Claude Alice\AppData\Local\ars.cache
    [2011/08/04 04:41:35 | 000,000,036 | ---- | C] () -- C:\Users\Claude Alice\AppData\Local\housecall.guid.cache
    [2011/07/29 18:08:13 | 000,000,291 | ---- | C] () -- C:\ProgramData\bdinstall.bin
    [2011/03/02 10:21:53 | 000,008,539 | ---- | C] () -- C:\Users\Claude Alice\merci.odt
    [2009/09/22 22:24:02 | 000,001,356 | ---- | C] () -- C:\Users\Claude Alice\AppData\Local\d3d9caps.dat
    [2009/09/22 19:24:35 | 000,000,732 | ---- | C] () -- C:\Users\Claude Alice\AppData\Local\d3d9caps64.dat
    [2009/06/20 21:10:39 | 000,064,910 | ---- | C] () -- C:\Users\Claude Alice\jess46.jpg
    [2009/04/26 12:12:11 | 000,031,049 | ---- | C] () -- C:\Users\Claude Alice\AppData\Roaming\UserTile.png
    [2009/03/15 01:04:50 | 000,003,202 | ---- | C] () -- C:\Users\Claude Alice\AppData\Roaming\QuickZip45.ini
    [2009/03/14 15:46:13 | 000,000,058 | ---- | C] () -- C:\Users\Claude Alice\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
    [2009/03/13 17:15:55 | 000,101,376 | ---- | C] () -- C:\Users\Claude Alice\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/03/13 00:46:48 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
    [2009/03/12 20:37:34 | 000,001,300 | ---- | C] () -- C:\Users\Claude Alice\AppData\Roaming\wklnhst.dat

    ========== ZeroAccess Check ==========

    [2006/11/02 17:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 19:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 09:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/21 04:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:BD36345D
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34


    < End of report >

  5. #5
    Member thaly's Avatar
    Join Date
    Aug 2005
    Location
    France
    Posts
    37
    Points
    0

    Default OTL Extras

    OTL Extras logfile created on: 17/04/2014 04:13:45 - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Claude Alice\Downloads
    64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 58,06% Memory free
    8,20 Gb Paging File | 6,30 Gb Available in Paging File | 76,85% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 582,24 Gb Total Space | 368,52 Gb Free Space | 63,29% Space Free | Partition Type: NTFS
    Drive D: | 13,93 Gb Total Space | 2,84 Gb Free Space | 20,37% Space Free | Partition Type: NTFS

    Computer Name: MARS | User Name: Claude Alice | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
    .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
    .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .reg [@ = regfile] -- regedit.exe "%1"
    .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- "%1" %*
    .html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- regedit.exe "%1"
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-2706979001-3739070881-315316544-1000\SOFTWARE\Classes\<extension>]
    .exe [@ = exefile] -- Reg Error: Key error. File not found
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1"
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V"
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1"
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V"
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "UacDisableNotify" = 0
    "InternetSettingsDisableNotify" = 0
    "AutoUpdateDisableNotify" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
    "VistaSp2" = B9 8A 95 F5 D4 3B CA 01 [binary data]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "oobe_av" = 1

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0CACB54C-070D-4408-B8C5-4AB552CE9921}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=partage de fichiers et d'imprimantes (service spouleur - rpc-epmap) |
    "{0CF9C09C-AA7F-4368-88F0-9FDA55B839F6}" = lport=12346 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe |
    "{1BA3025B-9F07-456F-86A2-6A1D5891669D}" = lport=19376 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe |
    "{21649FD2-B208-42AB-91BE-D227C070F484}" = lport=139 | protocol=6 | dir=in | app=system |
    "{26BB156B-D0CD-46AC-B619-9D3213279B5C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{3C03C184-76B7-4ADC-9BA1-AE6E1330A959}" = lport=138 | protocol=17 | dir=in | app=system |
    "{44E36554-FE46-45B0-9524-0054DAF4773B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{44E5A55C-8107-485F-B94E-09EAB76C88DB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{463F0B8C-5E9E-4EEF-8713-4FD4837D77BF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
    "{4DB8B75A-8EE7-47FA-8F62-F81E3DD4BE4A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{51C8D7F3-1E63-4C55-B298-77CF29C2BD09}" = lport=12345 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\easyshare\easyshare.exe |
    "{5FB17151-E931-49FD-A12C-E02F67564A6C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{79265C13-11CF-46CB-A4B5-61EDF1029B8A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{7B75FF78-0F84-4900-BFBC-E7179A69A431}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{8634C322-3B07-4D81-AC95-8AD326A06DA6}" = lport=137 | protocol=17 | dir=in | app=system |
    "{87B75561-BF03-427E-AFD4-064CF37B514A}" = rport=445 | protocol=6 | dir=out | app=system |
    "{9308C400-6411-4903-83F7-64F3C165484B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{95BA6C38-ECF7-4B7A-ABCE-7095908C0602}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{97E92B03-0428-45F9-902A-DBDB2E7CD9FC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A0FE02DF-CA57-4844-9BC0-9646ED1153D4}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe |
    "{AB4129A0-7C2F-4AC3-88BA-E2961DB89663}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{C183D484-F13C-4DEC-A458-AED9812D42A1}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{D1744097-E576-4A7C-88F9-507FFA459CAC}" = rport=138 | protocol=17 | dir=out | app=system |
    "{D5EE3E56-C83D-40F9-B2FF-4C4B70831D53}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
    "{D829E4A5-1632-478D-AAFC-7176E6830A11}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{DACF014D-E09A-4EAD-AF18-5386DC437E97}" = rport=137 | protocol=17 | dir=out | app=system |
    "{DF353A42-E4C1-475A-900E-9085ABACA679}" = rport=139 | protocol=6 | dir=out | app=system |
    "{F2C1C41F-B468-4CF9-A9B8-502AE9EDD2C6}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{F39849EE-0782-4C7D-884C-E91E21BC0AF4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{F6BDE14E-1774-45A8-9014-24B2C3CD4CBA}" = lport=445 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{01309BD0-FAF2-486C-BC80-0CF284754F97}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{02DB05C7-609B-4AB0-9BFD-81857D68596D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{07462472-4A21-4D5B-ACBD-57DD16C3E9EE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{14F66564-6B42-4CF5-9807-960FAB5FFF8D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{1782CA86-46F3-4CE7-BF23-EF04647E0AE5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
    "{1D4F85D3-80D5-4FAC-BC67-F0A591FE7A67}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
    "{249239D2-DADA-4792-B246-FC5C65A47C7C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
    "{26BD5AB5-93A9-46ED-9926-E325172BDBC6}" = protocol=1 | dir=in | name=partage de fichiers et d'imprimantes (demande d'écho - trafic entrant icmpv4) |
    "{277C5024-A8A3-4185-A844-4F9FE13D9A2E}" = protocol=58 | dir=in | name=partage de fichiers et d'imprimantes (demande d'écho - trafic entrant icmpv6) |
    "{27E00D95-4161-4468-9080-5681E62850C7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
    "{2B3F332D-434C-44B9-92CE-6506D9BF9104}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
    "{2F73E597-CA8D-49C8-B1B7-237D9AC75A6B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{319D2A5B-52A4-420B-BDEE-46AFD826D5F8}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
    "{38FA6ED3-5127-4C36-B347-A0E1AE6A7EE8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
    "{39D8DCE3-AE7F-4A8D-84E8-E01D8C2FA8CD}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
    "{3B9CE417-61EC-4EC9-BA31-EB3E3A0E2A0D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
    "{40C33CF0-37F1-4147-A2B7-09031B2CA1B1}" = protocol=6 | dir=out | app=system |
    "{46B4FA3B-D4B7-4653-A4EE-91096BAC8252}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
    "{48BF3691-08D9-4C88-956B-0A8D6BC949B6}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
    "{508082A2-AFAE-4B8F-8048-8FE837616006}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{50B94AF0-762F-4FC0-92B4-B7BDC343AC0E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
    "{537AC319-EBF2-4956-8B7F-A61BB605C595}" = protocol=17 | dir=in | app=c:\program files (x86)\sfr\media center\httpd\httpd.exe |
    "{5AE79DF5-6928-42C1-B130-CDD04842EDDB}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{6395DE57-660A-421A-846A-DDA03729F7EC}" = protocol=6 | dir=in | app=c:\users\claude alice\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{6B264A12-4B80-40F2-9241-AEB519776078}" = protocol=17 | dir=in | app=c:\users\claude alice\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{70958D5F-76E0-4444-BF2D-EF5833E48F8E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
    "{7330B5AD-5C33-4B84-8A8D-15B52725FD89}" = protocol=6 | dir=in | app=c:\program files (x86)\sfr\media center\httpd\httpd.exe |
    "{77B6BB6C-6363-4B89-8C48-10065925FF94}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
    "{7D70C164-180D-49E7-8172-E6F9FFB2A9CA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
    "{815E7539-BDAE-46E3-AD1A-E82A4E276D05}" = protocol=6 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe |
    "{866924FA-47DC-4BDB-B355-6867B24509CF}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{8A3BBB72-A27E-4B26-8DD8-8CAC721A6CFF}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
    "{90F6C970-6A4F-4EEB-9E30-11813C04A554}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{93A06C07-1E7A-45B4-9F3E-4E64AFCF14ED}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
    "{9D8654D4-9E6C-47A3-B72B-65A9CE8DAE78}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
    "{9DDFAA3E-9694-42C1-BE53-E737D55508B2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
    "{A2E230F5-1B72-40D3-B40B-E692DE196BA3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{A6FE0580-58C1-466C-AB85-C19ED2C7D2B0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
    "{A90EA5AF-BCCC-4046-8AB5-A40B06E607D1}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
    "{AD0F2C73-5A65-44CE-92B7-C855CF19E809}" = protocol=17 | dir=in | app=c:\users\claude alice\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{B9FAA708-F051-4290-AFE6-65D39AC0B424}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
    "{BBFF9003-CC0C-43EE-B17E-61C259DEA48F}" = dir=in | app=e:\setup\hpznui40.exe |
    "{C2721971-F32E-4DAD-ADB6-3A733E564892}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{C3AB9B26-F4D5-4AC0-B07C-82E57FD52278}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{D0041D09-C3B9-494C-B41D-7484273B7809}" = protocol=17 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe |
    "{D5E0614B-B5BE-4642-B119-ABD7FD84E241}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
    "{DB19A13F-501B-403D-9E89-D731980BC56B}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
    "{E1062A7A-70C9-4859-814A-FC981A77BF65}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{E45E0800-6284-4F4A-82F9-BA0BDA306B7D}" = protocol=17 | dir=in | app=c:\program files (x86)\windows media player\wmplayer.exe |
    "{E78930EF-057D-4058-9B79-D84A62F8FD7D}" = protocol=58 | dir=out | name=partage de fichiers et d'imprimantes (demande d'écho - trafic sortant icmpv6) |
    "{ED283EE8-AD64-4F66-9D26-9F0E467B817F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
    "{EFCCDECE-F744-4A05-A409-AAD5AEF589C4}" = protocol=1 | dir=out | name=partage de fichiers et d'imprimantes (demande d'écho - trafic sortant icmpv4) |
    "{F06C1BE1-ECE1-4B41-8B30-4621F8500208}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
    "{F56CB780-54B6-4859-920B-2D9219D896F5}" = protocol=6 | dir=in | app=c:\users\claude alice\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{FE41EF3F-8FB4-4D6D-8304-B0CD5118C58D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
    "TCP Query User{1833E9AD-E361-47A7-899A-FA213E0366CD}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
    "TCP Query User{215E9E9A-AAC0-44B7-9C65-E0D8634C0D6C}C:\program files\freemi upnp media server\freemi upnp media server.exe" = protocol=6 | dir=in | app=c:\program files\freemi upnp media server\freemi upnp media server.exe |
    "TCP Query User{3E899539-BD74-4E2A-A051-BECBD4D24FB1}C:\bitnami\wampstack-5.4.26-2\apache2\bin\httpd.exe" = protocol=6 | dir=in | app=c:\bitnami\wampstack-5.4.26-2\apache2\bin\httpd.exe |
    "TCP Query User{7CF427EF-B95F-4551-9971-E4DC4A0F1154}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
    "TCP Query User{A9EFDD3C-858F-46B9-9CEE-CF71E51F9A23}C:\users\claude alice\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\claude alice\appdata\local\google\chrome\application\chrome.exe |
    "TCP Query User{D4F339F2-A1E0-410A-A619-028378215E8E}C:\program files (x86)\freeplayer\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeplayer\vlc\vlc.exe |
    "TCP Query User{FEBE5966-B51E-491A-B4E0-7FC78D4E9075}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
    "UDP Query User{10A3FF34-BCB7-4F23-A4F1-0EB0DB7D1B65}C:\program files\freemi upnp media server\freemi upnp media server.exe" = protocol=17 | dir=in | app=c:\program files\freemi upnp media server\freemi upnp media server.exe |
    "UDP Query User{3A434327-BB6B-46A0-BF51-DDD79BDB2C8D}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
    "UDP Query User{87822E23-F126-43C6-8195-47A28EF18E28}C:\bitnami\wampstack-5.4.26-2\apache2\bin\httpd.exe" = protocol=17 | dir=in | app=c:\bitnami\wampstack-5.4.26-2\apache2\bin\httpd.exe |
    "UDP Query User{93630733-6B20-4CEC-9BE0-C50410FB4E3E}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
    "UDP Query User{A03AD400-AF15-496C-B181-4085826B4A04}C:\program files (x86)\freeplayer\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeplayer\vlc\vlc.exe |
    "UDP Query User{A8E9F789-4748-4A83-BAEE-99DD272C2CD6}C:\users\claude alice\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\claude alice\appdata\local\google\chrome\application\chrome.exe |
    "UDP Query User{EF4840B9-DF32-47D5-A3AC-898CAF53664A}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
    "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
    "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
    "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
    "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
    "{5EF92F52-FA16-4CA6-A204-811524BEE514}_is1" = Free Viewer
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Virtual Earth 3D (Beta)
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
    "{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
    "{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
    "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036" = Microsoft .NET Framework 4.5.1 (Français)
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 335.23
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 335.23
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Pilote du contrôleur 3D Vision 335.21
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.13.1220
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}" = HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4
    "{C22759DB-BA8B-30E7-99EE-8B47DB43AE56}" = Microsoft .NET Framework 4.5.1 (FRA)
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{DDEDFD63-E430-4b0c-8D61-5E4E7280F027}" = Network64
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "CCleaner" = CCleaner
    "FreeMi UPnP Media Server" = FreeMi UPnP Media Server
    "HP Imaging Device Functions" = HP Imaging Device Functions 11.0
    "HP Photosmart Essential" = HP Photosmart Essential 3.0
    "HP Smart Web Printing" = HP Smart Web Printing 4.60
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
    "HPExtendedCapabilities" = HP Customer Participation Program 11.0
    "HPOCR" = OCR Software by I.R.I.S. 11.0
    "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "OfficeTrial" = Version de démonstration de Microsoft Office Home and Student 2007
    "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
    "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
    "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
    "Shop for HP Supplies" = Shop for HP Supplies

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
    "{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
    "{057B1FBC-DA65-4FE3-ADC7-C1476E19F392}" = EPSON Photo Print
    "{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
    "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
    "{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
    "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.1
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
    "{23B59B9F-C360-11D7-875B-0090CC005647}" = PIF DESIGNER2.1
    "{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1
    "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
    "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
    "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
    "{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
    "{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
    "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
    "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
    "{43C0C354-A185-4D2D-A057-67C9160460E1}" = PS_AIO_04_C4580_Software_Min
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
    "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
    "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
    "{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
    "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
    "{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
    "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
    "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
    "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
    "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
    "{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
    "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
    "{66C8BE35-8BBB-472B-96C7-C7C9A499F988}" = ArcSoft Software Suite
    "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
    "{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
    "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
    "{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
    "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
    "{846E4C72-DF45-43ED-1680-EDF5F87F279E}" = dLAN Cockpit
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{876D774C-04D0-4796-B6A0-B7945340847D}" = SoftPlug V3.1.0
    "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
    "{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
    "{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
    "{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
    "{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
    "{A6A195F5-BCAB-4F38-8459-DF693303CD8D}" = PS_AIO_04_C4580_ProductContext
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.9)
    "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
    "{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0305}" = USB PC Camera VC305
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B69CC1A5-0404-11D6-ABCB-005004C21D30}" = EPSON Copy Utility
    "{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}" = muvee autoProducer 6.1
    "{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
    "{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
    "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
    "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
    "{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint Plus
    "{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
    "{D4278897-1541-493E-9D39-59CC6AB0FC09}" = PS_AIO_04_C4580_Software
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
    "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
    "{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E121A4FE-009B-385B-BB0D-B934E2A88288}" = Google Talk Plugin
    "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
    "{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
    "{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
    "{EB041636-9CD5-4D65-9604-37432FCAED91}" = Camera RAW Plug-In for EPSON Creativity Suite
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
    "{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
    "{EC64B779-10A2-448C-8104-00B6790836A9}" = Samsung PC Studio
    "{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
    "{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
    "{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}" = HP Easy Setup - Frontend
    "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
    "{FD27D456-ED8A-4027-A1E4-BBF95FAF4799}" = Easy Driver Pro
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "7-Zip" = 7-Zip 4.65
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "avast" = avast! Free Antivirus
    "CameraWindowDC8" = Canon Utilities CameraWindow DC 8
    "CameraWindowLauncher" = Canon Utilities CameraWindow Launcher
    "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
    "Canon MOV Decoder" = Canon MOV Decoder
    "Canon MOV Encoder" = Canon MOV Encoder
    "Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1" = dLAN Cockpit
    "dlancockpit" = devolo dLAN Cockpit
    "EasyBits Magic Desktop" = Magic Desktop
    "easyshare" = devolo EasyShare
    "EPSON Scanner" = EPSON Scan
    "ESPRX500 Guide de référence" = ESPRX500 Guide de référence
    "ESPRX500 Guide des logiciels" = ESPRX500 Guide des logiciels
    "ESPRX500 Guide fonctionnement" = ESPRX500 Guide fonctionnement
    "Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.93
    "FreeHideIP" = Free Hide IP
    "Freeplayer" = Freeplayer
    "Google Chrome" = Google Chrome
    "HMIP50_is1" = Hide My IP 5.3
    "iFinger 2.0" = iFinger 2.0
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
    "IrfanView" = IrfanView (remove only)
    "KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Standard)
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "MapUtility" = Canon Utilities Map Utility
    "Mobile Media Converter_is1" = MIKSOFT Mobile Media Converter
    "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
    "MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
    "MyCamera" = Canon Utilities MyCamera
    "MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
    "PC-Doctor for Windows" = Outils de diagnostic du matériel
    "PhotoFiltre" = PhotoFiltre
    "PhotoStitch" = Canon Utilities PhotoStitch
    "Phototool 1.8" = Phototool 1.8
    "SFR_Media Center" = SFR - Media Center
    "SpywareBlaster_is1" = SpywareBlaster 5.0
    "VLC media player" = VLC media player 2.1.3
    "WildTangent hp Master Uninstall" = My HP Games
    "Winamp" = Winamp
    "WinGimp-2.0_is1" = GIMP 2.6.11
    "WinLiveSuite" = Windows Live
    "WinPcapInst" = WinPcap 4.1.1
    "Wisdom-soft ScreenHunter 6.0 Free" = Wisdom-soft ScreenHunter 6.0 Free
    "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
    "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2706979001-3739070881-315316544-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
    "UnityWebPlayer" = Unity Web Player
    "Winamp Detect" = Détection de l'application Winamp
    "XBMC" = XBMC

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 12/12/2011 00:16:38 | Computer Name = Mars | Source = Perflib | ID = 1023
    Description =

    Error - 12/12/2011 00:16:38 | Computer Name = Mars | Source = Perflib | ID = 1008
    Description =

    Error - 12/12/2011 00:16:38 | Computer Name = Mars | Source = Perflib | ID = 1023
    Description =

    Error - 12/12/2011 00:31:32 | Computer Name = Mars | Source = Windows Search Service | ID = 3013
    Description =

    Error - 12/12/2011 11:12:23 | Computer Name = Mars | Source = WinMgmt | ID = 10
    Description =

    Error - 12/12/2011 11:13:19 | Computer Name = Mars | Source = Perflib | ID = 1008
    Description =

    Error - 13/12/2011 09:00:29 | Computer Name = Mars | Source = WinMgmt | ID = 10
    Description =

    Error - 13/12/2011 09:01:26 | Computer Name = Mars | Source = Perflib | ID = 1023
    Description =

    Error - 13/12/2011 09:01:26 | Computer Name = Mars | Source = Perflib | ID = 1008
    Description =

    Error - 13/12/2011 09:01:26 | Computer Name = Mars | Source = Perflib | ID = 1023
    Description =

    [ System Events ]
    Error - 16/04/2014 14:33:55 | Computer Name = Mars | Source = Service Control Manager | ID = 7034
    Description =

    Error - 16/04/2014 14:33:55 | Computer Name = Mars | Source = Service Control Manager | ID = 7034
    Description =

    Error - 16/04/2014 14:33:55 | Computer Name = Mars | Source = Service Control Manager | ID = 7034
    Description =

    Error - 16/04/2014 20:09:27 | Computer Name = Mars | Source = Application Popup | ID = 1060
    Description = Le chargement de \SystemRoot\SysWow64\Drivers\StarOpen.SYS a été bloqué
    en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel
    pour obtenir une version compatible du pilote.

    Error - 16/04/2014 20:10:08 | Computer Name = Mars | Source = Service Control Manager | ID = 7000
    Description =

    Error - 16/04/2014 20:10:08 | Computer Name = Mars | Source = Service Control Manager | ID = 7000
    Description =

    Error - 16/04/2014 20:10:08 | Computer Name = Mars | Source = Service Control Manager | ID = 7000
    Description =

    Error - 16/04/2014 20:10:08 | Computer Name = Mars | Source = Service Control Manager | ID = 7000
    Description =

    Error - 16/04/2014 20:11:32 | Computer Name = Mars | Source = Service Control Manager | ID = 7022
    Description =

    Error - 16/04/2014 20:11:33 | Computer Name = Mars | Source = Service Control Manager | ID = 7026
    Description =


    < End of report >

  6. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hi, your welcome

    Please run this next. Post the log. I'll get back to you after reviewing the OTL & Extra's log.

    Next

    Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.

    Please post the contents of JRT.txt into your reply.

    Joe