1. #1

    WU Thread 20012 - For BrianDrab

    Hi everyone, hi BrianDrab,

    First thank you Brian for your reply.

    I first post in the windowsupdate section to explain my problems :
    Error 80073712 80072EFD 8007371B unable to download windows update

    Since Brian tell me to check for malware first, here it is :

    My data are backed up.
    I remove Deluge (P2P client) and restarted my computer.

    I wil put 3 others posts : one for the end of FRST.txt, another for Addition.txt and the last one for SALog.txt and checkup.txt.

    Regards

    Stephan


    FRST.txt :

    Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016
    Exécuté par pom (administrateur) sur ASUS (29-05-2016 10:20:53)
    Exécuté depuis C:\Users\pom\Desktop
    Profils chargés: pom (Profils disponibles: pom & lil & pom1 & DefaultAppPool)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
    Internet Explorer Version 9 (Navigateur par défaut: FF)
    Mode d'amorçage: Normal
    Tutoriel pour Farbar Recovery Scan Tool:


    ==================== Processus (Avec liste blanche) =================

    (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera

    pas déplacé.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine

    Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
    (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
    (ASUS) C:\Program Files\P4G\BatteryLife.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine

    Components\UNS\UNS.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Sonix Technology Co., Ltd.) C:\Windows\vsnp2uvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel

    \SRSPremiumPanel_64.exe
    (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
    (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe


    ==================== Registre (Avec liste blanche)

    ===========================

    (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la

    valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

    [11613288 2010-11-19] (Realtek Semiconductor)
    HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-

    06-10] (ELAN Microelectronic Corp.)
    HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [909824 2010-01-21] (Sonix

    Technology Co., Ltd.)
    HKLM\...\Run: [Ocster Backup] => "C:\Program Files\Ocster Backup\bin\backupClient-

    ox.exe" --hidden
    HKLM\...\Run: [BoxSyncHelper] => C:\Program Files\Box Sync\BoxSyncHelper.exe

    [393216 2013-06-07] (Box, Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast

    \AvastUI.exe [7400576 2016-05-12] (AVAST Software)
    HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless

    Console 3\wcourier.exe [1601536 2010-09-23] ()
    HKLM-x32\...\Run: [ATKMEDIA] => J:\ATK Media\DMedia.exe
    HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files

    \Java\Java Update\jusched.exe"
    HKLM-x32\...\Run: [HControlUser] => J:\ATK Hotkey\HControlUser.exe
    HKLM-x32\...\Run: [UpdateP2GoShortCut] => "C:\Program Files (x86)\CyberLink

    \Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink

    \Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    HKLM-x32\...\Run: [UpdateLBPShortCut] => "C:\Program Files (x86)\CyberLink

    \LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink

    \LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    HKLM-x32\...\Run: [SearchSettings] => "C:\Program Files (x86)\Common Files\Spigot

    \Search Settings\SearchSettings.exe"
    HKLM-x32\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime

    \QTTask.exe" -atboottime
    HKLM-x32\...\Run: [MMReminderService] => C:\Program Files (x86)\Mindjet

    \MindManager 10\MMReminderService.exe
    HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] => C:\Program Files

    (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2013-09-14]

    ()
    HKLM-x32\...\Run: [CLMLServer] => "C:\Program Files (x86)\CyberLink\Power2Go

    \CLMLSvc.exe"
    HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS

    WebStorage\3.0.84.161\AsusWSPanel.exe /S
    HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple

    \Apple Application Support\APSDaemon.exe"
    HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common

    Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe

    [152392 2013-02-20] (Apple Inc.)
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Google Update]

    => C:\Users\pom\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-

    29] (Google Inc.)
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run:

    [VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp

    \VideoDownloaderUltimate.exe /repair
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Syncables] => C:

    \Program Files (x86)\syncables\syncables desktop\Syncables.exe
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Skype] => "C:

    \Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Skitch] => C:

    \Program Files (x86)\Evernote\Skitch\\\Skitch.exe -start-on-hide
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Google Photos

    Backup] => "C:\Users\pom\AppData\Local\Programs\Google\Google Photos Backup

    \Google Photos Backup.exe" /autostart
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Cobian Backup 11

    interface] => "C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe" -service
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run: [Cobian Backup

    11] => "C:\Program Files (x86)\Cobian Backup 11\Cobian.exe"
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Control Panel\Desktop\

    \SCRNSAVE.EXE -> none
    HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2009-

    07-14] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {07b40172-9807-3c1c-ba59-

    6079a4aac108} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

    Corporation)
    ShellIconOverlayIdentifiers: [ BoxSyncFileLockedByOther] -> {04594f02-32ea-3587-

    9086-f41d8e0913ce} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

    Corporation)
    ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {89dd0924-32ad-3eef-af9e-

    47999ec8e5ea} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

    Corporation)
    ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {6186e773-c867-3e53-bafc-

    97618c51f764} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

    Corporation)
    ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {cb7cb4c9-490e-3599-b355-

    e16ba7b83aa6} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

    Corporation)
    ShellIconOverlayIdentifiers: [000BoxDesktopFileLocked] -> {C253B817-3A00-475f-

    A5A3-6F2DD704B48D} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

    Corporation)
    ShellIconOverlayIdentifiers: [000BoxDesktopNotSynced] -> {19ACC806-F7AA-46AA-

    A80A-726A07CA6637} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

    Corporation)
    ShellIconOverlayIdentifiers: [000BoxDesktopNotSyncedCollabs] -> {337D9DE0-3F8B-

    4430-AF0F-FFC24A95AE8F} => C:\Windows\system32\mscoree.dll [2010-11-05]

    (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [000BoxDesktopSynced] -> {B7AC9C6D-F15B-4B1A-

    A88D-F518D13861D9} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft

    Corporation)
    ShellIconOverlayIdentifiers: [000BoxDesktopSyncedCollab] -> {9E48C232-F601-4E41

    -BB3E-16CBAF317AA4} => C:\Windows\system32\mscoree.dll [2010-11-05]

    (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-

    00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-

    09] (AVAST Software)
    ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-

    9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage

    \3.0.84.161\ASUSWSShellExt64.dll Pas de fichier
    ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-

    4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage

    \3.0.84.161\ASUSWSShellExt64.dll Pas de fichier
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

    \AutorunsDisabled [2012-09-22] ()
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Sync.lnk

    [2013-06-29]
    ShortcutTarget: Box Sync.lnk -> C:\Program Files\Box Sync\BoxSync.exe (Box, Inc.)
    Startup: C:\Users\pom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs

    \Startup\AutorunsDisabled [2012-10-19] ()
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

    ==================== Internet (Avec liste blanche) ====================

    (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera

    supprimé ou restauré à la valeur par défaut.)

    ProxyEnable: [S-1-5-21-1363170374-948335828-1288231404-1000] => Proxy est

    activé.
    ProxyServer: [S-1-5-21-1363170374-948335828-1288231404-1000] =>

    http=127.0.0.1:8082
    Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
    Tcpip\..\Interfaces\{19171F79-8300-48A8-9B34-095551DCAF4B}: [DhcpNameServer]

    192.168.1.1 192.168.1.1
    ManualProxies: 1http=127.0.0.1:8082

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =

    hxxp://asus.msn.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Software\Microsoft\Internet

    Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Software\Microsoft\Internet

    Explorer\Main,Start Page = hxxps://fr.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

    URL = hxxp://www.bing.com/search?q={searchTerms}

    &form=ASUTDF&pc=NP06&src=IE-SearchBox
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

    hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-

    SearchBox
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-

    E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}

    &form=ASUTDF&pc=NP06&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

    hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-

    SearchBox
    SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =

    hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:

    {language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}

    &rlz=1I7ASUT
    SearchScopes: HKU\S-1-5-21-1363170374-948335828-1288231404-1000 ->

    DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1363170374-948335828-1288231404-1000 ->

    {ED16FF60-718F-4287-8C4D-6DC36A43D0D2} URL =

    hxxps://fr.search.yahoo.com/search?p={searchTerms}

    &fr=yset_ie_syc_oracle&type=orcl_default
    BHO: Complitly -> {0FB6A909-6086-458F-BD92-1F8EE10042A0} -> C:\Users\pom

    \AppData\Roaming\Complitly\64\Complitly64.dll => Pas de fichier
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:

    \Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-23] (AVAST

    Software)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-

    D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-27]

    (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} ->

    C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-23] (AVAST

    Software)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-

    9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-

    27] (Oracle Corporation)
    Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -

    Pas de fichier
    Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -

    Pas de fichier
    Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-

    D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04

    -23] (AVAST Software)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:

    \Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Pas de fichier

    FireFox:
    ========
    FF ProfilePath: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default
    FF Session Restore: -> est activé.
    FF NetworkProxy: "type", 4
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash

    \NPSWF64_21_0_0_242.dll [2016-05-14] ()
    FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf ->

    C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2012-08-

    14] (Tracker Software Products (Canada) Ltd.)
    FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft

    Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin: @tracker-software.com/PDF-XChange Viewer

    Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer

    \npPDFXCviewNPPlugin.dll [2012-08-14] (Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash

    \NPSWF32_21_0_0_242.dll [2016-05-14] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes

    \Mozilla Plugins\npitunes.dll [2013-02-20] ()
    FF Plugin-x32: @docu-track.com/PDF-XChange Viewer

    Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer

    \Win32\npPDFXCviewNPPlugin.dll [2012-08-14] (Tracker Software Products (Canada)

    Ltd.)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google

    \Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files

    (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java

    \jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-27] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java

    \jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-27] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft

    Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files

    (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files

    (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files

    (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files

    (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
    FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer

    Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer

    \Win32\npPDFXCviewNPPlugin.dll [2012-08-14] (Tracker Software Products (Canada)

    Ltd.)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN

    \VLC\npvlc.dll [2016-04-26] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN

    \VLC\npvlc.dll [2016-04-26] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN

    \VLC\npvlc.dll [2016-04-26] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN

    \VLC\npvlc.dll [2016-04-26] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN

    \VLC\npvlc.dll [2016-04-26] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN

    \VLC\npvlc.dll [2016-04-26] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN

    \VLC\npvlc.dll [2016-04-26] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN

    \VLC\npvlc.dll [2016-04-26] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN

    \VLC\npvlc.dll [2016-04-26] (VideoLAN)
    FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files

    \Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll [2011-10-03] (Wolfram

    Research, Inc.)
    FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader

    \bin\nppdf.dll [2010-12-14] (Zeon Corporation)
    FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000: @docu-

    track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files

    \Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-08-14] (Tracker

    Software Products (Canada) Ltd.)
    FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000:

    @talk.google.com/GoogleTalkPlugin -> C:\Users\pom\AppData\Roaming\Mozilla

    \plugins\npgoogletalk.dll [2015-12-08] (Google)
    FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000:

    @talk.google.com/O1DPlugin -> C:\Users\pom\AppData\Roaming\Mozilla\plugins

    \npo1d.dll [2015-12-08] (Google)
    FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000:

    @tools.google.com/Google Update;version=3 -> C:\Users\pom\AppData\Local\Google

    \Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
    FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000:

    @tools.google.com/Google Update;version=9 -> C:\Users\pom\AppData\Local\Google

    \Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
    FF Plugin HKU\S-1-5-21-1363170374-948335828-1288231404-1000:

    @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pom\AppData\LocalLow\Unity

    \WebPlayer\loader\npUnity3D32.dll [2013-04-03] (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Users\pom\AppData\Roaming\mozilla\plugins

    \npgoogletalk.dll [2015-12-08] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\pom\AppData\Roaming\mozilla\plugins

    \npo1d.dll [2015-12-08] (Google)
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\des.xml [2016-03-01]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\facebook-search.xml [2016-02-17]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\firefox-modules.xml [2016-02-17]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\ixquick-https.xml [2016-02-17]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\kickassto.xml [2016-02-17]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\knoema.xml [2016-02-16]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\linguee-fr-en.xml [2016-03-01]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\qwant.xml [2016-02-17]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\startpage-ssl.xml [2016-02-17]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\thepiratebayorg.xml [2016-02-17]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\torrents-search.xml [2016-02-17]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\twitter-search.xml [2016-02-17]
    FF SearchPlugin: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\searchplugins\wolfram-alpha.xml [2016-02-17]
    FF Extension: Zemanta - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\extensions\firefox@zemanta.com.xpi [2016-03-11]
    FF Extension: DownThemAll! - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

    \Profiles\ffedjd9k.default\extensions\{DDC359D1-844A-42a7-9AA1-

    88A850A938A8}.xpi [2016-04-14]
    FF Extension: ExportHTMLFolder - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

    \Profiles\ffedjd9k.default\extensions\ExportHTMLFolder@luc.pastisman.xpi [2016-04-

    29]
    FF Extension: Diigo Toolbar - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\extensions\{fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3} [2016-04-29]
    FF Extension: Google Shortcuts - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

    \Profiles\ffedjd9k.default\extensions\{5C46D283-ABDE-4dce-B83C-

    08881401921C}.xpi [2016-04-29]
    FF Extension: feedly - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\extensions\feedly@devhd.xpi [2016-04-29]
    FF Extension: FEBE - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-

    05-24]
    FF Extension: FeedlyTube - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\Extensions\@feedlytube.xpi [2016-02-16]
    FF Extension: Google Scholar Button - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

    \Profiles\ffedjd9k.default\Extensions\button@scholar.google.com.xpi [2016-04-27]
    FF Extension: Buffer for Firefox - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

    \Profiles\ffedjd9k.default\Extensions\firefox@buffer.xpi [2016-02-13]
    FF Extension: Ghostery - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\Extensions\firefox@ghostery.com.xpi [2016-05-04]
    FF Extension: HTTPS by default - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

    \Profiles\ffedjd9k.default\Extensions\https-by-default@robwu.nl.xpi [2016-04-27]
    FF Extension: Wordreference Translate In Page - C:\Users\pom\AppData\Roaming

    \Mozilla\Firefox\Profiles\ffedjd9k.default\Extensions\jid1-

    AIK1jwTdfcyYQw@jetpack.xpi [2016-04-28]
    FF Extension: Add to Feedly Plus - C:\Users\pom\AppData\Roaming\Mozilla\Firefox

    \Profiles\ffedjd9k.default\Extensions\jid1-lpXbkGi1kHPDGQ@jetpack.xpi [2016-02-16]
    FF Extension: Add to feedly - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\Extensions\jid1-YZsgHbPHarNxRg@jetpack.xpi [2016-04-28]
    FF Extension: Tab Groups - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\Extensions\tabgroups@quicksaver.xpi [2016-03-21]
    FF Extension: uBlock Origin - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\Extensions\uBlock0@raymondhill.net.xpi [2016-05-02]
    FF Extension: gtranslate - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2016-05-

    14]
    FF Extension: Video DownloadHelper - C:\Users\pom\AppData\Roaming\Mozilla

    \Firefox\Profiles\ffedjd9k.default\Extensions\{b9db16a4-6edc-47ec-a1f4-

    b86292ed211d}.xpi [2016-05-23]
    FF Extension: web_clipper - C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles

    \ffedjd9k.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016

    -04-27]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software

    \Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep

    \FF [2016-05-09]
    FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software

    \Avast\SafePrice\FF
    FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF

    [2016-05-09]
    FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files

    (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart

    Web Printing\MozillaAddOn3 [2011-09-02] [non signé]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST

    Software\Avast\WebRep\FF
    FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST

    Software\Avast\SafePrice\FF
    FF HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Firefox\Extensions:

    [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web

    Printing\MozillaAddOn3

    Chrome:
    =======
    CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?p=

    {searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
    CHR DefaultSearchKeyword: Default -> Yahoo
    CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/ie?

    output=fxjson&command={searchTerms}&nResults=10
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application

    \50.0.2661.102\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application

    \50.0.2661.102\ppGoogleNaClPluginChrome.dll => Pas de fichier
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome

    \Application\50.0.2661.102\pdf.dll => Pas de fichier
    CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files

    (x86)\Mozilla Firefox\plugins\np-mswmp.dll => Pas de fichier
    CHR Plugin: (PDF-XChange Viewer) - C:\Program Files (x86)\Mozilla Firefox\plugins

    \npPDFXCviewNPPlugin.dll => Pas de fichier
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

    \plugins\npqtplugin.dll => Pas de fichier
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

    \plugins\npqtplugin2.dll => Pas de fichier
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

    \plugins\npqtplugin3.dll => Pas de fichier
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

    \plugins\npqtplugin4.dll => Pas de fichier
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

    \plugins\npqtplugin5.dll => Pas de fichier
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

    \plugins\npqtplugin6.dll => Pas de fichier
    CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox

    \plugins\npqtplugin7.dll => Pas de fichier
    CHR Plugin: (Google Talk Plugin) - C:\Users\pom\AppData\Roaming\Mozilla\plugins

    \npgoogletalk.dll (Google)
    CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\pom\AppData\Roaming

    \Mozilla\plugins\npgtpo3dautoplugin.dll => Pas de fichier
    CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\pom\AppData\Roaming

    \Mozilla\plugins\npo1d.dll (Google)
    CHR Plugin: (Wolfram Mathematica) - C:\Program Files (x86)\Common Files\Wolfram

    Research\Browser\8.0.4.2609412\npmathplugin.dll (Wolfram Research, Inc.)
    CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth

    \plugin\npgeplugin.dll (Google)
    CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google,

    Inc.)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update

    \1.3.21.153\npGoogleUpdate3.dll => Pas de fichier
    CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin

    \plugin2\npjp2.dll => Pas de fichier
    CHR Plugin: (DocuCom PDF Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin

    \nppdf.dll (Zeon Corporation)
    CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

    (VideoLAN)
    CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live

    \Photo Gallery\NPWLPG.dll => Pas de fichier
    CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla

    Plugins\npitunes.dll ()
    CHR Plugin: (Unity Player) - C:\Users\pom\AppData\LocalLow\Unity\WebPlayer\loader

    \npUnity3D32.dll (Unity Technologies ApS)
    CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director

    \np32dsw_1203133.dll => Pas de fichier
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash

    \NPSWF32_11_8_800_94.dll => Pas de fichier
    CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows

    \SysWOW64\npDeployJava1.dll => Pas de fichier
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight

    \5.1.20513.0\npctrl.dll => Pas de fichier
    CHR Profile: C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\pom\AppData\Local\Google\Chrome\User

    Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
    CHR Extension: (Shortcuts for Google™) - C:\Users\pom\AppData\Local\Google

    \Chrome\User Data\Default\Extensions\baohinapilmkigilbbbcccncoljkdpnd [2016-05-07]
    CHR Extension: (JSONView) - C:\Users\pom\AppData\Local\Google\Chrome\User Data

    \Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2014-01-08]
    CHR Extension: (uBlock Origin) - C:\Users\pom\AppData\Local\Google\Chrome\User

    Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-05-07]
    CHR Extension: (Google Docs hors connexion) - C:\Users\pom\AppData\Local\Google

    \Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-

    20]
    CHR Extension: (Avast Online Security) - C:\Users\pom\AppData\Local\Google\Chrome

    \User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-07]
    CHR Extension: (Pocket) - C:\Users\pom\AppData\Local\Google\Chrome\User Data

    \Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-08-17]
    CHR Extension: (Ghostery) - C:\Users\pom\AppData\Local\Google\Chrome\User Data

    \Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-03-12]
    CHR Extension: (Save to Pocket) - C:\Users\pom\AppData\Local\Google\Chrome\User

    Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-05-09]
    CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pom\AppData\Local

    \Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

    [2015-08-13]
    CHR Extension: (Pdfy me!) - C:\Users\pom\AppData\Local\Google\Chrome\User Data

    \Default\Extensions\pbjlkllgdheclcbffnloofaoiiadkofd [2015-09-10]
    CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\pom\AppData

    \Local\Google\Chrome\User Data\Default\Extensions\pnhplgjpclknigjpccbcnmicgcieojbh

    [2016-03-12]
    CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:

    \Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx <non trouvé(e)>
    CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:

    \Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx <non trouvé(e)>
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:

    \Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-

    04-23]
    CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <pas de

    Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program

    Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx <non

    trouvé(e)>
    CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] -

    hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Avec liste blanche)

    ========================

    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

    ne sera pas déplacé, sauf s'il est inscrit séparément.)

    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296

    2016-05-09] (AVAST Software)
    R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

    [5570272 2016-05-09] (Avast Software)
    S3 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [231936 2009-02-17] ()

    [Fichier non signé]
    S3 GSService; C:\Windows\SysWOW64\GSService.exe [450272 2013-03-28] ()
    R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832

    2009-05-21] (Hewlett-Packard Co.) [Fichier non signé]
    R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009

    -09-20] (Hewlett-Packard Co.) [Fichier non signé]
    R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS

    \LMS.exe [262144 2009-10-01] (Intel Corporation) [Fichier non signé]
    S3 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2768720

    2014-01-08] (CybelSoft)
    S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13]

    (Microsoft Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06]

    (Hewlett-Packard) [Fichier non signé]
    S4 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service

    \OUCore.exe [1081984 2012-04-13] (France Telecom SA)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06]

    (Hewlett-Packard) [Fichier non signé]
    S3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
    R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS

    \UNS.exe [2314240 2009-10-01] (Intel Corporation) [Fichier non signé]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14]

    (Microsoft Corporation)

    ===================== Pilotes (Avec liste blanche)

    ==========================

    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

    ne sera pas déplacé, sauf s'il est inscrit séparément.)

    S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft

    Inc.)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-09] (AVAST

    Software)
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-09] (AVAST

    Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-09]

    (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-09] (AVAST

    Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-09] (AVAST

    Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-09] (AVAST

    Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-09] (AVAST

    Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-09] (AVAST

    Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-09] (AVAST

    Software)
    S3 DrmCAudio; C:\Windows\System32\drivers\DrmCAudio.sys [34528 2013-03-28]

    (Windows (R) Win 7 DDK provider)
    S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom

    Corporation)
    R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
    R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
    S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys

    [17568 2013-10-23] (CybelSoft)
    R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-04-23] (AVAST

    Software)
    R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies,

    Inc.)
    R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2010-09-07]

    (Sonix Technology Co., Ltd.)
    R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
    S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-10-07]

    (Windows (R) 2000 DDK provider)
    S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-10-07]

    (Paragon)
    S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-10-07]

    (Paragon)
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys

    [323392 2016-05-09] (Avast Software)
    S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-

    01-25] (Wondershare)
    S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-

    01-25] (Wondershare)
    S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-

    01-25] (Wondershare)
    S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-

    01-25] (Wondershare)
    S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-

    01-25] (Wondershare)
    S3 cpuz134; \??\C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [X]
    U2 TMAgent; pas de ImagePath
    S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

    ========================== MD5 Pilotes =======================

    C:\Windows\system32\drivers\1394ohci.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\ACPI.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\acpipmi.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\adp94xx.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\adpahci.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\adpu320.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
    C:\Windows\system32\drivers\agp440.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\aliide.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\amdide.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\amdk8.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\atikmdag.sys

    3F47D92F6D54263BF2CDEDAA6284D27C
    C:\Windows\System32\DRIVERS\atikmpag.sys

    A171B311BAFF865AEEE3635D1226898E
    C:\Windows\system32\drivers\amdppm.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
    C:\Windows\system32\drivers\amdsbs.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
    C:\Windows\System32\drivers\AmUStor.SYS

    9C7F164B49CADC658D1B3C575782F346
    C:\Windows\System32\drivers\anvsnddrv.sys

    E71711D37C48AC40FD3E2866A5ABBA51
    C:\Windows\system32\drivers\appid.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\arc.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\arcsas.sys ==> Le MD5 est légitime
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

    4C016FD76ED5C05E84CA8CAB77993961
    C:\Windows\system32\drivers\aswHwid.sys 1694434F5B9AB16772C7A8E2EF9134CA
    C:\Windows\system32\drivers\aswKbd.sys 786E8BCDFF674068F3C950615FC2E71C
    C:\Windows\system32\drivers\aswMonFlt.sys

    33D0DD0471FDF449C81338863FC63978
    C:\Windows\system32\drivers\aswRdr2.sys

    DF190688D993A3DB227BFB0BB40BD7D4
    C:\Windows\System32\Drivers\aswRvrt.sys D873455DFA27680585AE238503917DF5
    C:\Windows\system32\drivers\aswSnx.sys A371A06EC8F4830C263D3F5CA5A11B65
    C:\Windows\system32\drivers\aswSP.sys 6B7F6CE19A16240EE9DE2C528897ED9C
    C:\Windows\system32\drivers\aswStm.sys 3575F9226251DE48E065ED5C384A21EF
    C:\Windows\System32\Drivers\aswVmm.sys

    BA4CDCD8C0395E91C38CD2C5CE3E7FA2
    C:\Windows\System32\DRIVERS\asyncmac.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\atapi.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\athrx.sys F8633CDD09647A64EE8DB550630427FF
    C:\Windows\System32\drivers\AtihdW76.sys

    4BF5BCA6E2608CD8A00BC4A6673A9F47
    C:\Windows\system32\drivers\bxvbda.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\b57nd60a.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\Beep.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\blbdrive.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\bowser.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\BrFiltLo.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\BrFiltUp.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\Brserid.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\BrSerWdm.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\BrUsbMdm.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\BrUsbSer.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
    C:\Windows\system32\drivers\bthmodem.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\bthpan.sys

    02DD601B708DD0667E1331FA8518E9FF
    C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
    C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
    C:\Windows\System32\DRIVERS\cdfs.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\cdrom.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\circlass.sys ==> Le MD5 est légitime
    C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
    C:\Windows\System32\DRIVERS\CmBatt.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\cmdide.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\cng.sys CA3FB5A6B626D8A00A89E049CF95954E
    C:\Windows\System32\drivers\compbatt.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\CompositeBus.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\crcdisk.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\dfsc.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\discache.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\disk.sys 616387BBD83372220B09DE95F4E67BBC
    C:\Windows\System32\DRIVERS\Dot4.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\Dot4Prt.sys

    E9F5969233C5D89F3C35E3A66A52A361
    C:\Windows\System32\DRIVERS\dot4usb.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\DrmCAudio.sys

    0CFC491A2A428E42262B8CBCFAF8DAB2
    C:\Windows\system32\drivers\drmkaud.sys 26FE888505E5A945B0536AF9A2A27A6F
    C:\Windows\System32\drivers\dxgkrnl.sys

    3A9D7D464BDB3B70D7ECF689ADABBD4D
    C:\Windows\system32\drivers\evbda.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\elxstor.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\errdev.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\ETD.sys

    05B0DCDA418E297A1B4CD8D7B8ADE403
    C:\Windows\System32\Drivers\exfat.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\fastfat.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\fdc.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\fileinfo.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\filetrace.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\flpydisk.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\fltmgr.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\FsDepends.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
    C:\Windows\System32\DRIVERS\fvevol.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\gagp30kx.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\GEARAspiWDM.sys

    8E98D21EE06192492A5671A6144D092F
    C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys

    7D66EBDE8B7F9B4E00BEEFEEE82670D4
    C:\Windows\system32\drivers\hcw85cir.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
    C:\Windows\System32\DRIVERS\HDAudBus.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\HECIx64.sys

    B6AC71AAA2B10848F57FC49D55A651AF
    C:\Windows\system32\drivers\HidBatt.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\hidbth.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\hidir.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\hidusb.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\HpSAMD.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
    C:\Windows\System32\drivers\hwpolicy.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\i8042prt.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\iaStor.sys 2064090C9FAAD92C090D77E50E735B2E
    C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
    C:\Windows\system32\drivers\iirsp.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\Impcd.sys

    DD587A55390ED2295BCE6D36AD567DA9
    C:\Windows\System32\drivers\RTKVHD64.sys

    589B94A9B73A0E819FF873743A480834
    C:\Windows\system32\drivers\intelide.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\intelppm.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\IPMIDrv.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\ipnat.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\irenum.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\isapnp.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
    C:\Windows\System32\DRIVERS\kbdclass.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\kbdhid.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\kbfiltr.sys E63EF8C3271D014F14E2469CE75FECB4
    C:\Windows\System32\Drivers\ksecdd.sys A8B94B5FE392C5AD92EA2CC8E4876887
    C:\Windows\System32\Drivers\ksecpkg.sys 49F1533E36B9E9719A2BB6761680E4C5
    C:\Windows\system32\drivers\ksthunk.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\L1C62x64.sys

    48686C29856F46443952A831424F8D6F
    C:\Windows\System32\DRIVERS\lltdio.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\lsi_fc.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\lsi_sas.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\lsi_sas2.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\lsi_scsi.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\luafv.sys ==> Le MD5 est légitime
    C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys

    8506CD0516D03955BC3C23FCF051C0C9
    C:\Windows\system32\drivers\megasas.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\MegaSR.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\modem.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\monitor.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\mouclass.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\mouhid.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\mountmgr.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\mpio.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\mpsdrv.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\mrxdav.sys D7ADC2B83CA0B0381F75A98351F72CEE
    C:\Windows\System32\DRIVERS\mrxsmb.sys

    355E6E6B432892A5B20750EA5B317F3C
    C:\Windows\System32\DRIVERS\mrxsmb10.sys

    0631CC5098CC713568BCE103D8CB9575
    C:\Windows\System32\DRIVERS\mrxsmb20.sys

    448E1B0809DEECC5A37E64E80FFA7597
    C:\Windows\System32\drivers\msahci.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\msdsm.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\Msfs.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\mshidkmdf.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\msisadrv.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\MSKSSRV.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\MSPCLOCK.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\MSPQM.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\MsRPC.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\mssmbios.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\MSTEE.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\MTConfig.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\ATK64AMD.sys

    032D35C996F21D19A205A7C8F0B76F3C
    C:\Windows\System32\Drivers\mup.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\nwifi.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\ndis.sys F7309F42555F8AAB7144A51A1F2585B0
    C:\Windows\System32\DRIVERS\ndiscap.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\ndistapi.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\ndisuio.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\ndiswan.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\NDProxy.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\netbios.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\netbt.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\nfrd960.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\ngvss.sys 2C0EA76EAF7FBF99AF0A2F8C9BD4A556
    C:\Windows\System32\drivers\npf.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\Npfs.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\nsiproxy.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\Ntfs.sys 47B2D0B31BDC3EBE6090228E2BA3764D
    C:\Windows\System32\Drivers\Null.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
    C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
    C:\Windows\system32\drivers\nv_agp.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\ohci1394.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\parport.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
    C:\Windows\System32\drivers\pci.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\pciide.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\pcmcia.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\pcw.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\peauth.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\raspptp.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\processr.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\pacer.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\ql2300.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\ql40xx.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\qwavedrv.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\rasacd.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\AgileVpn.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\rasl2tp.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\raspppoe.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\rassstp.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\rdbss.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\rdpbus.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\RDPCDD.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\rdpencdd.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\rdprefmp.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
    C:\Windows\System32\drivers\rdyboost.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\rfcomm.sys

    3DD798846E2C28102B922C56E71B7932
    C:\Windows\System32\DRIVERS\rspndr.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\sbp2port.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\scfilter.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\secdrv.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\serenum.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\serial.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\sermouse.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\sffdisk.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\sffp_mmc.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\sffp_sd.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\sfloppy.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\SiSG664.sys

    1BC348CF6BAA90EC8E533EF6E6A69933
    C:\Windows\system32\drivers\SiSRaid2.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\sisraid4.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\smb.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\snp2uvc.sys

    C98375D19F9E9966F6201BAE65FB3728
    C:\Windows\System32\Drivers\spldr.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
    C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
    C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
    C:\Windows\system32\drivers\stexstor.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\swenum.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
    C:\Windows\System32\DRIVERS\tcpip.sys

    04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
    C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
    C:\Windows\System32\drivers\tdpipe.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
    C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
    C:\Windows\System32\DRIVERS\termdd.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\tssecsrv.sys

    E232A3B43A894BB327FC161529BD9ED1
    C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
    C:\Windows\system32\drivers\TsUsbGD.sys

    9CC2CCAE8A84820EAECB886D477CBCB8
    C:\Windows\System32\DRIVERS\tunnel.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\TurboB.sys

    C45A3E051C65106A28982CAED125F855
    C:\Windows\system32\drivers\uagp35.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\udfs.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\uimx64.sys

    6640110398438BDC6CC8D48EEC8EDDC5
    C:\Windows\System32\Drivers\Uim_IMx64.sys

    20BABEFA37F38B3CC26C0E9A26B844FF
    C:\Windows\System32\Drivers\uim_vimx64.sys

    441E8BC5E68200038F0F1941A10C85F4
    C:\Windows\system32\drivers\uliagpkx.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\umbus.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\umpass.sys ==> Le MD5 est légitime
    C:\Windows\System32\Drivers\usbaapl64.sys

    C9E9D59C0099A9FF51697E9306A44240
    C:\Windows\System32\drivers\usbaudio.sys

    B0435098C81D04CAFFF80DDB746CD3A2
    C:\Windows\System32\DRIVERS\usbccgp.sys

    ACCEA6BC68D0C9A78EB97EE159028B4E
    C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
    C:\Windows\system32\drivers\usbehci.sys 311C1DD1088E55BEAE15954D17F50646
    C:\Windows\System32\DRIVERS\usbhub.sys

    280E90CBF4B2DDD169F0728CB44D726F
    C:\Windows\system32\drivers\usbohci.sys 9406D801042FAF859CF81B2C886413DC
    C:\Windows\System32\DRIVERS\usbprint.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
    C:\Windows\system32\drivers\USBSTOR.SYS

    D029DD09E22EB24318A8FC3D8138BA43
    C:\Windows\system32\drivers\usbuhci.sys A83D0EC9AE4C31704442099D40BA2471
    C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
    C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys

    821A1C09F51152BDF753B59E50B36AF1
    C:\Windows\System32\DRIVERS\VBoxNetAdp.sys

    9B9F3754DBEB263766D06B0F1556E2B5
    C:\Windows\System32\drivers\vdrvroot.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\vgapnp.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\vga.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\vhdmp.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\viaide.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\volmgr.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\volmgrx.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\volsnap.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\vsmraid.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\vwifibus.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\vwififlt.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\vwifimp.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\wacompen.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\wanarp.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\wanarp.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\wd.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\Wdf01000.sys

    442783E2CB0DA19873B7A63833FF4CB4
    C:\Windows\System32\DRIVERS\wfplwf.sys ==> Le MD5 est légitime
    C:\Windows\System32\DRIVERS\wimfltr.sys

    52DED146E4797E6CCF94799E8E22BB2A
    C:\Windows\System32\drivers\wimmount.sys ==> Le MD5 est légitime
    C:\Windows\SysWOW64\drivers\wimmount.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
    C:\Windows\system32\drivers\wmiacpi.sys ==> Le MD5 est légitime
    C:\Windows\system32\drivers\ws2ifsl.sys ==> Le MD5 est légitime
    C:\Windows\System32\drivers\VirtualAudio1.sys

    ADD2FE1A9F4EE41A6D724819550D4E1F
    C:\Windows\System32\drivers\VirtualAudio2.sys

    ADD2FE1A9F4EE41A6D724819550D4E1F
    C:\Windows\System32\drivers\VirtualAudio3.sys

    ADD2FE1A9F4EE41A6D724819550D4E1F
    C:\Windows\System32\drivers\VirtualAudio4.sys

    ADD2FE1A9F4EE41A6D724819550D4E1F
    C:\Windows\System32\drivers\VirtualAudio5.sys

    ADD2FE1A9F4EE41A6D724819550D4E1F
    C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
    C:\Windows\system32\drivers\WUDFRd.sys

    DDA4CAF29D8C0A297F886BFE561E6659

    ==================== NetSvcs (Avec liste blanche) ===================

    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

    ne sera pas déplacé, sauf s'il est inscrit séparément.)


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2

    Re: WU Thread 20012 - For BrianDrab

    Second part of FRST.txt:

    ==================== Trois mois - Créés - fichiers et dossiers ========

    (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

    2016-05-29 10:20 - 2016-05-29 10:21 - 00056230 _____ C:\Users\pom\Desktop

    \FRST.txt
    2016-05-29 10:19 - 2016-05-29 10:20 - 00000000 ____D C:\FRST
    2016-05-29 10:02 - 2016-05-29 10:02 - 00898560 _____ C:\Users\pom\Desktop

    \RGSA.exe
    2016-05-29 10:00 - 2016-05-29 10:00 - 02383872 _____ (Farbar) C:\Users\pom

    \Desktop\FRST64.exe
    2016-05-27 14:30 - 2016-05-27 14:30 - 00097856 _____ (Oracle Corporation) C:

    \Windows\SysWOW64\WindowsAccessBridge-32.dll
    2016-05-27 14:30 - 2016-05-27 14:30 - 00000000 ____D C:\ProgramData\Microsoft

    \Windows\Start Menu\Programs\Java
    2016-05-27 14:29 - 2016-05-27 14:29 - 00000000 ____D C:\Users\Default\AppData

    \Roaming\Sun
    2016-05-27 14:29 - 2016-05-27 14:29 - 00000000 ____D C:\Users\Default User

    \AppData\Roaming\Sun
    2016-05-27 12:51 - 2016-05-27 12:51 - 00354195 _____ C:\Users\pom\Desktop\Fete

    du velo 5 juin 2016.pdf
    2016-05-26 19:44 - 2016-05-26 19:44 - 00000078 _____ C:\Windows

    \system32\ASUS.Windows 7 Home Premium, 64-bit Service Pack 1 (build 7601).txt
    2016-05-26 19:44 - 2016-05-26 19:44 - 00000000 ____D C:\Windows\RegBak
    2016-05-26 19:40 - 2016-05-26 19:40 - 00000000 ____D C:\Program Files\Acelogix
    2016-05-26 19:02 - 2016-05-26 19:02 - 00000000 ____D C:\Users\Default\AppData

    \Local\Apple
    2016-05-26 19:02 - 2016-05-26 19:02 - 00000000 ____D C:\Users\Default User

    \AppData\Local\Apple
    2016-05-26 18:50 - 2016-05-27 13:14 - 00000000 ____D C:\Users\pom\Desktop

    \windows update error resolution
    2016-05-26 18:24 - 2016-05-26 18:24 - 02884096 _____ (niemiro) C:\Users\pom

    \Downloads\SFCFix.exe
    2016-05-26 17:57 - 2016-05-26 17:57 - 00000000 ____D C:\Program Files

    (x86)\Secunia
    2016-05-26 17:51 - 2016-05-26 17:51 - 00738880 _____ (Oracle Corporation) C:

    \Users\pom\Downloads\jxpiinstall.exe
    2016-05-26 16:53 - 2016-05-26 16:53 - 00000000 ____D C:\Windows\ERDNT
    2016-05-26 14:54 - 2016-05-26 18:38 - 00000000 ____D C:\SFCFix
    2016-05-26 14:45 - 2016-05-26 18:38 - 00000000 ____D C:\Users\pom\AppData

    \Local\niemiro
    2016-05-25 23:39 - 2016-05-25 23:39 - 00003544 ____N C:\bootsqm.dat
    2016-05-25 16:25 - 2016-05-25 16:25 - 00001146 _____ C:\Users\pom\Desktop

    \Utilitaires & MAINTENANCE - Raccourci.lnk
    2016-05-25 15:15 - 2016-05-25 15:17 - 00000000 ___RD C:\Users\pom\Skitch
    2016-05-25 12:46 - 2016-05-25 12:46 - 00001001 _____ C:\Users\pom\Desktop

    \budget.ods - Raccourci.lnk
    2016-05-25 12:46 - 2016-05-25 12:46 - 00000967 _____ C:\Users\pom\Desktop\revenu

    et activités.ods - Raccourci.lnk
    2016-05-24 16:00 - 2016-05-24 16:00 - 00001490 _____ C:\Users\pom\Desktop

    \ADMINISTRATIF INTENDANCE - Raccourci.lnk
    2016-05-22 22:31 - 2016-05-22 22:31 - 00000218 _____ C:\Users\pom\AppData\Local

    \recently-used.xbel
    2016-05-21 22:19 - 2016-05-21 22:19 - 00000000 ____D C:\Windows

    \SysWOW64\vbox
    2016-05-21 22:19 - 2016-05-21 22:19 - 00000000 ____D C:\Windows\system32\vbox
    2016-05-18 12:05 - 2016-05-18 15:58 - 00173747 _____ C:\Users\pom\Desktop

    \2016_CvNourry_vendeur-wurth.odt
    2016-05-15 16:10 - 2016-05-15 16:10 - 00001497 _____ C:\Users\pom\Desktop

    \calendrier juin college.txt
    2016-05-14 17:14 - 2016-05-17 13:49 - 00000000 ____D C:\Users\lil\AppData

    \Roaming\.lifecraft
    2016-05-14 17:11 - 2016-05-14 17:11 - 00282277 _____ C:\Users\lil\Desktop\Lifecraft

    (1).exe
    2016-05-14 17:09 - 2016-05-14 17:09 - 00282277 _____ C:\Users\lil\Downloads

    \Lifecraft.exe
    2016-05-14 16:56 - 2016-05-14 16:56 - 00093003 _____ C:\Users\lil\Desktop

    \Mineshafter-launcher(1).jar
    2016-05-13 21:07 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:

    \Windows\system32\msxml3.dll
    2016-05-13 21:07 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:

    \Windows\system32\msxml3r.dll
    2016-05-13 21:07 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\msxml3.dll
    2016-05-13 21:07 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\msxml3r.dll
    2016-05-13 21:07 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:

    \Windows\system32\wucltux.dll
    2016-05-13 21:07 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:

    \Windows\system32\wuwebv.dll
    2016-05-13 21:07 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:

    \Windows\system32\wudriver.dll
    2016-05-13 21:07 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:

    \Windows\system32\WinSetupUI.dll
    2016-05-13 21:07 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\wuwebv.dll
    2016-05-13 21:07 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:

    \Windows\system32\wuaueng.dll
    2016-05-13 21:07 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:

    \Windows\system32\wuapi.dll
    2016-05-13 21:07 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:

    \Windows\system32\wuauclt.exe
    2016-05-13 21:07 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:

    \Windows\system32\wups2.dll
    2016-05-13 21:07 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:

    \Windows\system32\wuapp.exe
    2016-05-13 21:07 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:

    \Windows\system32\wups.dll
    2016-05-13 21:07 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:

    \Windows\system32\wu.upgrade.ps.dll
    2016-05-13 21:07 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\wuapi.dll
    2016-05-13 21:07 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\wudriver.dll
    2016-05-13 21:07 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\wuapp.exe
    2016-05-13 21:07 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\wups.dll
    2016-05-13 21:07 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:

    \Windows\system32\tbs.dll
    2016-05-13 21:07 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:

    \Windows\system32\fveapibase.dll
    2016-05-13 21:07 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\tbs.dll
    2016-05-13 21:07 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:

    \Windows\system32\rpcss.dll
    2016-05-13 21:07 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\disk.sys
    2016-05-13 21:07 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\ntfs.sys
    2016-05-13 21:07 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:

    \Windows\system32\ucrtbase.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-private-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-math-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-string-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-time-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-core-localization-l1-2-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-process-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-core-synch-l1-2-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-core-file-l2-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:

    \Windows\system32\api-ms-win-core-file-l1-2-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\ucrtbase.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
    2016-05-13 21:07 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
    2016-05-13 21:07 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:

    \Windows\system32\mapistub.dll
    2016-05-13 21:07 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:

    \Windows\system32\mapi32.dll
    2016-05-13 21:07 - 2015-11-14 01:08 - 00017920 _____ (Microsoft Corporation) C:

    \Windows\system32\fixmapi.exe
    2016-05-13 21:07 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\mapistub.dll
    2016-05-13 21:07 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\mapi32.dll
    2016-05-13 21:07 - 2015-11-14 00:49 - 00014336 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\fixmapi.exe
    2016-05-13 21:07 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:

    \Windows\system32\fveapi.dll
    2016-05-13 21:07 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:

    \Windows\system32\perftrack.dll
    2016-05-13 21:07 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:

    \Windows\system32\wdi.dll
    2016-05-13 21:07 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:

    \Windows\system32\powertracker.dll
    2016-05-13 21:07 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\wdi.dll
    2016-05-13 21:06 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\d3d10level9.dll
    2016-05-13 21:06 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:

    \Windows\system32\d3d10level9.dll
    2016-05-13 21:06 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\dxgkrnl.sys
    2016-05-13 21:06 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\dxgmms1.sys
    2016-05-13 21:06 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:

    \Windows\system32\gdi32.dll
    2016-05-13 21:06 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:

    \Windows\system32\cdd.dll
    2016-05-13 21:06 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\gdi32.dll
    2016-05-13 21:06 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:

    \Windows\system32\CompatTelRunner.exe
    2016-05-13 21:06 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:

    \Windows\system32\aeinv.dll
    2016-05-13 21:06 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:

    \Windows\system32\appraiser.dll
    2016-05-13 21:06 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:

    \Windows\system32\aepic.dll
    2016-05-13 21:06 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:

    \Windows\system32\generaltel.dll
    2016-05-13 21:06 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:

    \Windows\system32\devinv.dll
    2016-05-13 21:06 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:

    \Windows\system32\invagent.dll
    2016-05-13 21:06 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:

    \Windows\system32\acmigration.dll
    2016-05-13 21:06 - 2016-03-16 02:22 - 00154344 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\ksecpkg.sys
    2016-05-13 21:06 - 2016-03-16 02:22 - 00095464 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\ksecdd.sys
    2016-05-13 21:06 - 2016-03-16 02:16 - 01212928 _____ (Microsoft Corporation) C:

    \Windows\system32\rpcrt4.dll
    2016-05-13 21:06 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:

    \Windows\system32\samsrv.dll
    2016-05-13 21:06 - 2016-03-16 02:16 - 00344064 _____ (Microsoft Corporation) C:

    \Windows\system32\schannel.dll
    2016-05-13 21:06 - 2016-03-16 02:16 - 00210432 _____ (Microsoft Corporation) C:

    \Windows\system32\wdigest.dll
    2016-05-13 21:06 - 2016-03-16 02:16 - 00190464 _____ (Microsoft Corporation) C:

    \Windows\system32\rpchttp.dll
    2016-05-13 21:06 - 2016-03-16 02:16 - 00135680 _____ (Microsoft Corporation) C:

    \Windows\system32\sspicli.dll
    2016-05-13 21:06 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:

    \Windows\system32\samlib.dll
    2016-05-13 21:06 - 2016-03-16 02:16 - 00086528 _____ (Microsoft Corporation) C:

    \Windows\system32\TSpkg.dll
    2016-05-13 21:06 - 2016-03-16 02:16 - 00028672 _____ (Microsoft Corporation) C:

    \Windows\system32\sspisrv.dll
    2016-05-13 21:06 - 2016-03-16 02:16 - 00028160 _____ (Microsoft Corporation) C:

    \Windows\system32\secur32.dll
    2016-05-13 21:06 - 2016-03-16 02:15 - 00316416 _____ (Microsoft Corporation) C:

    \Windows\system32\msv1_0.dll
    2016-05-13 21:06 - 2016-03-16 02:15 - 00312320 _____ (Microsoft Corporation) C:

    \Windows\system32\ncrypt.dll
    2016-05-13 21:06 - 2016-03-16 02:15 - 00060416 _____ (Microsoft Corporation) C:

    \Windows\system32\msobjs.dll
    2016-05-13 21:06 - 2016-03-16 02:14 - 01464320 _____ (Microsoft Corporation) C:

    \Windows\system32\lsasrv.dll
    2016-05-13 21:06 - 2016-03-16 02:14 - 00731136 _____ (Microsoft Corporation) C:

    \Windows\system32\kerberos.dll
    2016-05-13 21:06 - 2016-03-16 02:14 - 00146432 _____ (Microsoft Corporation) C:

    \Windows\system32\msaudite.dll
    2016-05-13 21:06 - 2016-03-16 02:13 - 00463872 _____ (Microsoft Corporation) C:

    \Windows\system32\certcli.dll
    2016-05-13 21:06 - 2016-03-16 02:13 - 00043520 _____ (Microsoft Corporation) C:

    \Windows\system32\cryptbase.dll
    2016-05-13 21:06 - 2016-03-16 02:13 - 00022016 _____ (Microsoft Corporation) C:

    \Windows\system32\credssp.dll
    2016-05-13 21:06 - 2016-03-16 02:12 - 00690688 _____ (Microsoft Corporation) C:

    \Windows\system32\adtschema.dll
    2016-05-13 21:06 - 2016-03-16 01:54 - 00666112 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\rpcrt4.dll
    2016-05-13 21:06 - 2016-03-16 01:54 - 00171520 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\wdigest.dll
    2016-05-13 21:06 - 2016-03-16 01:54 - 00096768 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\sspicli.dll
    2016-05-13 21:06 - 2016-03-16 01:54 - 00065536 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\TSpkg.dll
    2016-05-13 21:06 - 2016-03-16 01:53 - 00251392 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\schannel.dll
    2016-05-13 21:06 - 2016-03-16 01:53 - 00141312 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\rpchttp.dll
    2016-05-13 21:06 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\samlib.dll
    2016-05-13 21:06 - 2016-03-16 01:53 - 00022016 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\secur32.dll
    2016-05-13 21:06 - 2016-03-16 01:52 - 00553984 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\kerberos.dll
    2016-05-13 21:06 - 2016-03-16 01:52 - 00260608 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\msv1_0.dll
    2016-05-13 21:06 - 2016-03-16 01:52 - 00223232 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\ncrypt.dll
    2016-05-13 21:06 - 2016-03-16 01:52 - 00146432 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\msaudite.dll
    2016-05-13 21:06 - 2016-03-16 01:52 - 00060416 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\msobjs.dll
    2016-05-13 21:06 - 2016-03-16 01:51 - 00690688 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\adtschema.dll
    2016-05-13 21:06 - 2016-03-16 01:51 - 00342528 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\certcli.dll
    2016-05-13 21:06 - 2016-03-16 01:51 - 00017408 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\credssp.dll
    2016-05-13 21:06 - 2016-03-16 01:16 - 00064000 _____ (Microsoft Corporation) C:

    \Windows\system32\auditpol.exe
    2016-05-13 21:06 - 2016-03-16 01:05 - 00050176 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\auditpol.exe
    2016-05-13 21:06 - 2016-03-16 01:03 - 00159744 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\mrxsmb.sys
    2016-05-13 21:06 - 2016-03-16 01:02 - 00291328 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\mrxsmb10.sys
    2016-05-13 21:06 - 2016-03-16 01:02 - 00129536 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\mrxsmb20.sys
    2016-05-13 21:06 - 2016-03-16 01:00 - 00030720 _____ (Microsoft Corporation) C:

    \Windows\system32\lsass.exe
    2016-05-13 21:06 - 2016-03-16 00:52 - 00036352 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\cryptbase.dll
    2016-05-13 21:06 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:

    \Windows\system32\wmp.dll
    2016-05-13 21:06 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:

    \Windows\system32\wmploc.DLL
    2016-05-13 21:06 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:

    \Windows\system32\msdxm.ocx
    2016-05-13 21:06 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:

    \Windows\system32\dxmasf.dll
    2016-05-13 21:06 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:

    \Windows\system32\seclogon.dll
    2016-05-13 21:06 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:

    \Windows\system32\spwmp.dll
    2016-05-13 21:06 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\wmploc.DLL
    2016-05-13 21:06 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\wmp.dll
    2016-05-13 21:06 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\spwmp.dll
    2016-05-13 21:06 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\msdxm.ocx
    2016-05-13 21:06 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\dxmasf.dll
    2016-05-13 21:06 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:

    \Windows\system32\mfds.dll
    2016-05-13 21:06 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\mfds.dll
    2016-05-13 21:06 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:

    \Windows\system32\oleaut32.dll
    2016-05-13 21:06 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:

    \Windows\system32\asycfilt.dll
    2016-05-13 21:06 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\oleaut32.dll
    2016-05-13 21:06 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\asycfilt.dll
    2016-05-13 21:06 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\USBSTOR.SYS
    2016-05-13 21:06 - 2016-01-22 08:19 - 14179840 _____ (Microsoft Corporation) C:

    \Windows\system32\shell32.dll
    2016-05-13 21:06 - 2016-01-22 08:15 - 01866752 _____ (Microsoft Corporation) C:

    \Windows\system32\ExplorerFrame.dll
    2016-05-13 21:06 - 2016-01-22 08:12 - 01940992 _____ (Microsoft Corporation) C:

    \Windows\system32\authui.dll
    2016-05-13 21:06 - 2016-01-22 08:05 - 12877824 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\shell32.dll
    2016-05-13 21:06 - 2016-01-22 08:00 - 01498624 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\ExplorerFrame.dll
    2016-05-13 21:06 - 2016-01-22 07:59 - 01805824 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\authui.dll
    2016-05-13 21:06 - 2016-01-22 07:19 - 03231232 _____ (Microsoft Corporation) C:

    \Windows\explorer.exe
    2016-05-13 21:06 - 2016-01-22 07:12 - 02973184 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\explorer.exe
    2016-05-13 21:06 - 2016-01-07 19:42 - 00141312 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\mrxdav.sys
    2016-05-13 21:06 - 2015-12-08 23:54 - 02285056 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\msmpeg2vdec.dll
    2016-05-13 21:06 - 2015-12-08 23:54 - 01620992 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\WMVDECOD.DLL
    2016-05-13 21:06 - 2015-12-08 23:54 - 01568768 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\WMVENCOD.DLL
    2016-05-13 21:06 - 2015-12-08 23:54 - 01325056 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\WMSPDMOE.DLL
    2016-05-13 21:06 - 2015-12-08 23:54 - 00902144 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\WMADMOD.DLL
    2016-05-13 21:06 - 2015-12-08 23:54 - 00815616 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\WMADMOE.DLL
    2016-05-13 21:06 - 2015-12-08 23:54 - 00740352 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\wmpmde.dll
    2016-05-13 21:06 - 2015-12-08 23:54 - 00739328 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\WMSPDMOD.DLL
    2016-05-13 21:06 - 2015-12-08 23:54 - 00665088 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\WMVXENCD.DLL
    2016-05-13 21:06 - 2015-12-08 23:54 - 00541184 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\WMVSDECD.DLL
    2016-05-13 21:06 - 2015-12-08 23:54 - 00358400 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\WMVSENCD.DLL
    2016-05-13 21:06 - 2015-12-08 23:54 - 00154112 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\VIDRESZR.DLL
    2016-05-13 21:06 - 2015-12-08 23:53 - 03209728 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\mf.dll
    2016-05-13 21:06 - 2015-12-08 23:53 - 01329664 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\quartz.dll
    2016-05-13 21:06 - 2015-12-08 23:53 - 00970240 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\msmpeg2adec.dll
    2016-05-13 21:06 - 2015-12-08 23:53 - 00829952 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\MSMPEG2ENC.DLL
    2016-05-13 21:06 - 2015-12-08 23:53 - 00609280 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\MFWMAAEC.DLL
    2016-05-13 21:06 - 2015-12-08 23:53 - 00519680 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\qdvd.dll
    2016-05-13 21:06 - 2015-12-08 23:53 - 00509952 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\qedit.dll
    2016-05-13 21:06 - 2015-12-08 23:53 - 00489984 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\evr.dll
    2016-05-13 21:06 - 2015-12-08 23:53 - 00415744 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\MP4SDECD.DLL
    2016-05-13 21:06 - 2015-12-08 23:53 - 00354816 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\mfplat.dll
    2016-05-13 21:06 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\MPG4DECD.DLL
    2016-05-13 21:06 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\MP43DECD.DLL
    2016-05-13 21:06 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\RESAMPLEDMO.DLL
    2016-05-13 21:06 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\qasf.dll
    2016-05-13 21:06 - 2015-12-08 23:53 - 00193536 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\ksproxy.ax
    2016-05-13 21:06 - 2015-12-08 23:53 - 00153600 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\COLORCNV.DLL
    2016-05-13 21:06 - 2015-12-08 23:53 - 00103424 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\mfps.dll
    2016-05-13 21:06 - 2015-12-08 23:53 - 00079872 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\MP3DMOD.DLL
    2016-05-13 21:06 - 2015-12-08 23:53 - 00067584 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\devenum.dll
    2016-05-13 21:06 - 2015-12-08 23:53 - 00053248 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\mfvdsp.dll
    2016-05-13 21:06 - 2015-12-08 23:53 - 00050176 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\rrinstaller.exe
    2016-05-13 21:06 - 2015-12-08 23:53 - 00023040 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\mfpmp.exe
    2016-05-13 21:06 - 2015-12-08 23:53 - 00004608 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\ksuser.dll
    2016-05-13 21:06 - 2015-12-08 23:50 - 00002048 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\mferror.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 04121600 _____ (Microsoft Corporation) C:

    \Windows\system32\mf.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 02777088 _____ (Microsoft Corporation) C:

    \Windows\system32\msmpeg2vdec.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 01955328 _____ (Microsoft Corporation) C:

    \Windows\system32\WMVENCOD.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 01888768 _____ (Microsoft Corporation) C:

    \Windows\system32\WMVDECOD.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 01575424 _____ (Microsoft Corporation) C:

    \Windows\system32\WMSPDMOE.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 01573888 _____ (Microsoft Corporation) C:

    \Windows\system32\quartz.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 01307136 _____ (Microsoft Corporation) C:

    \Windows\system32\msmpeg2adec.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 01232896 _____ (Microsoft Corporation) C:

    \Windows\system32\WMADMOD.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 01160192 _____ (Microsoft Corporation) C:

    \Windows\system32\MSMPEG2ENC.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 01153024 _____ (Microsoft Corporation) C:

    \Windows\system32\WMADMOE.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 01026048 _____ (Microsoft Corporation) C:

    \Windows\system32\wmpmde.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 01010688 _____ (Microsoft Corporation) C:

    \Windows\system32\mcmde.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 00978944 _____ (Microsoft Corporation) C:

    \Windows\system32\WMSPDMOD.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00666112 _____ (Microsoft Corporation) C:

    \Windows\system32\WMVSDECD.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00653824 _____ (Microsoft Corporation) C:

    \Windows\system32\MP4SDECD.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00642048 _____ (Microsoft Corporation) C:

    \Windows\system32\WMVXENCD.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00632320 _____ (Microsoft Corporation) C:

    \Windows\system32\evr.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 00624640 _____ (Microsoft Corporation) C:

    \Windows\system32\qedit.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 00484864 _____ (Microsoft Corporation) C:

    \Windows\system32\MFWMAAEC.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00447488 _____ (Microsoft Corporation) C:

    \Windows\system32\WMVSENCD.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00432128 _____ (Microsoft Corporation) C:

    \Windows\system32\mfplat.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 00378880 _____ (Microsoft Corporation) C:

    \Windows\system32\SysFxUI.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 00371712 _____ (Microsoft Corporation) C:

    \Windows\system32\qdvd.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 00292352 _____ (Microsoft Corporation) C:

    \Windows\system32\VIDRESZR.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00254464 _____ (Microsoft Corporation) C:

    \Windows\system32\qasf.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 00225792 _____ (Microsoft Corporation) C:

    \Windows\system32\RESAMPLEDMO.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00224768 _____ (Microsoft Corporation) C:

    \Windows\system32\MPG4DECD.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00223744 _____ (Microsoft Corporation) C:

    \Windows\system32\MP43DECD.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00206848 _____ (Microsoft Corporation) C:

    \Windows\system32\mfps.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 00189952 _____ (Microsoft Corporation) C:

    \Windows\system32\COLORCNV.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00100864 _____ (Microsoft Corporation) C:

    \Windows\system32\MP3DMOD.DLL
    2016-05-13 21:06 - 2015-12-08 21:07 - 00076288 _____ (Microsoft Corporation) C:

    \Windows\system32\devenum.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 00070144 _____ (Microsoft Corporation) C:

    \Windows\system32\mfvdsp.dll
    2016-05-13 21:06 - 2015-12-08 21:07 - 00055808 _____ (Microsoft Corporation) C:

    \Windows\system32\rrinstaller.exe
    2016-05-13 21:06 - 2015-12-08 21:07 - 00005120 _____ (Microsoft Corporation) C:

    \Windows\system32\ksuser.dll
    2016-05-13 21:06 - 2015-12-08 21:06 - 00250880 _____ (Microsoft Corporation) C:

    \Windows\system32\ksproxy.ax
    2016-05-13 21:06 - 2015-12-08 21:06 - 00024576 _____ (Microsoft Corporation) C:

    \Windows\system32\mfpmp.exe
    2016-05-13 21:06 - 2015-12-08 21:04 - 00002048 _____ (Microsoft Corporation) C:

    \Windows\system32\mferror.dll
    2016-05-13 21:06 - 2015-12-08 20:54 - 00116736 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\drmk.sys
    2016-05-13 21:06 - 2015-12-08 20:12 - 00230400 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\portcls.sys
    2016-05-13 21:06 - 2015-12-08 20:11 - 00005632 _____ (Microsoft Corporation) C:

    \Windows\system32\Drivers\drmkaud.sys
    2016-05-13 21:05 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:

    \Windows\system32\jnwmon.dll
    2016-05-13 21:05 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:

    \Windows\system32\InkEd.dll
    2016-05-13 21:05 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\InkEd.dll
    2016-05-13 20:47 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:

    \Windows\SysWOW64\WindowsCodecs.dll
    2016-05-13 20:47 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:

    \Windows\system32\WindowsCodecs.dll
    2016-05-09 18:12 - 2016-05-23 15:16 - 00016046 _____ C:\Users\pom\Desktop

    \paquerette.ods
    2016-05-09 12:41 - 2016-05-09 12:40 - 00398152 _____ (AVAST Software) C:

    \Windows\system32\aswBoot.exe
    2016-05-09 12:40 - 2016-05-09 12:40 - 00052184 _____ (AVAST Software) C:

    \Windows\avastSS.scr
    2016-05-08 19:08 - 2016-05-08 23:34 - 00000000 ____D C:\Users\pom\Desktop\tests

    de personnalité
    2016-05-05 20:52 - 2016-05-06 23:56 - 00000000 ____D C:\Program Files

    (x86)\Mozilla Firefox
    2016-05-05 20:51 - 2016-05-05 20:51 - 01239383 _____ C:\Users\pom\Desktop

    \Maison Lil SweetHome3D.sh3d
    2016-05-05 20:23 - 2016-05-05 20:23 - 00000000 ____D C:\Users\pom\AppData

    \Roaming\eTeks
    2016-05-05 20:16 - 2016-05-05 20:16 - 00000000 ____D C:\ProgramData\Microsoft

    \Windows\Start Menu\Programs\eTeks Sweet Home 3D
    2016-05-05 20:15 - 2016-05-05 20:16 - 00000000 ____D C:\Program Files\Sweet

    Home 3D
    2016-05-05 20:04 - 2016-05-05 20:05 - 133996320 _____ (Trimble Navigation Limited)

    C:\Users\pom\Downloads\SketchUpMake-fr-x64.exe
    2016-05-01 11:54 - 2016-05-01 11:54 - 00218207 _____ C:\Users\pom\Desktop

    \ardeche.pdf
    2016-04-24 08:31 - 2016-05-09 12:57 - 00003908 _____ C:\Windows\System32\Tasks

    \SafeZone scheduled Autoupdate 1454875948
    2016-04-23 13:38 - 2016-04-23 13:38 - 00000000 ____D C:\ProgramData\Microsoft

    \Windows\Start Menu\Programs\AVAST Software
    2016-04-21 21:49 - 2016-04-21 21:50 - 57666112 _____ (Oracle Corporation) C:

    \Users\pom\Downloads\jre-8u91-windows-x64.exe
    2016-04-21 12:52 - 2016-05-16 17:23 - 00000000 ____D C:\Users\lil\AppData

    \Roaming\TS3Client
    2016-04-21 12:51 - 2016-04-21 12:51 - 00001201 _____ C:\Users\lil\Desktop

    \TeamSpeak 3 Client.lnk
    2016-04-21 12:51 - 2016-04-21 12:51 - 00001159 _____ C:\Users\lil\AppData

    \Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
    2016-04-21 12:51 - 2016-04-21 12:51 - 00000000 ____D C:\Users\lil\AppData\Local

    \TeamSpeak 3 Client
    2016-04-21 12:50 - 2016-04-21 12:51 - 29265912 _____ (TeamSpeak Systems GmbH)

    C:\Users\lil\Downloads\TeamSpeak3-Client-win32-3.0.19.exe
    2016-04-20 19:32 - 2016-04-20 19:33 - 01285469 _____ C:\Users\lil\Downloads

    \Launcher_EN (6).jar
    2016-04-20 19:30 - 2016-04-20 19:31 - 01285469 _____ C:\Users\lil\Downloads

    \Launcher_EN (5).jar
    2016-04-20 15:08 - 2016-04-20 15:08 - 01285469 _____ C:\Users\lil\Downloads

    \Launcher_EN (4).jar
    2016-04-20 15:06 - 2016-04-20 15:07 - 01285469 _____ C:\Users\lil\Downloads

    \Launcher_EN (3).jar
    2016-04-20 15:05 - 2016-04-20 15:05 - 01285469 _____ C:\Users\lil\Downloads

    \Launcher_EN (2).jar
    2016-04-20 15:01 - 2016-05-17 13:57 - 01225080 _____ C:\Users\lil\Desktop

    \Launcher_EN (1).jar
    2016-04-20 14:59 - 2016-04-20 14:59 - 00675988 _____ C:\Users\lil\Downloads

    \Minecraft (1).exe
    2016-04-20 14:57 - 2016-04-20 14:57 - 00675988 _____ C:\Users\lil\Downloads

    \Minecraft.exe
    2016-04-20 14:43 - 2016-04-20 14:44 - 01285469 _____ C:\Users\lil\Downloads

    \Launcher_EN.jar
    2016-04-17 17:10 - 2016-04-17 17:10 - 07454720 _____ C:\Users\pom\Downloads

    \LibreOffice_5.0.5_Win_x86_helppack_fr.msi
    2016-04-17 17:09 - 2016-04-17 17:12 - 224387072 _____ C:\Users\pom\Downloads

    \LibreOffice_5.0.5_Win_x86.msi
    2016-04-10 20:21 - 2016-04-10 20:21 - 00001066 _____ C:\Users\pom\Desktop

    \hardy.txt
    2016-03-31 23:44 - 2016-03-31 23:44 - 00000223 _____ C:\Users\pom\Desktop

    \Macaroni Beach ( Mustique Island ) SVG - YouTube.URL
    2016-03-31 23:29 - 2016-03-31 23:29 - 02047299 _____ C:\Users\pom\Desktop

    \Lintelligence-Émotionnelle-.swf
    2016-03-31 23:07 - 2016-03-31 23:10 - 00002160 _____ C:\Users\pom\Desktop

    \Domaine d'intérêt.vue - Raccourci.lnk
    2016-03-30 23:57 - 2016-03-30 23:57 - 00000099 _____ C:\Users\pom\Desktop

    \mustique.txt
    2016-03-23 21:57 - 2016-03-23 22:02 - 00001230 _____ C:\Users\pom\Desktop

    \Moon+ Reader - Raccourci.lnk
    2016-03-23 11:28 - 2016-03-23 11:28 - 00000252 _____ C:\Users\pom\Desktop

    \Traditional Economics Failed. Here's a New Blueprint. - Evonomics.URL
    2016-03-21 23:51 - 2016-03-28 13:53 - 00005735 _____ C:\Users\pom\Desktop

    \polanyi.txt
    2016-03-21 16:43 - 2016-03-21 16:43 - 00000000 ____D C:\Users\pom\Desktop\P2p
    2016-03-20 17:43 - 2016-03-26 21:23 - 00000000 ____D C:\Users\pom\Desktop\Les

    limites de la création monétaire
    2016-03-20 16:06 - 2016-03-20 16:06 - 00001346 _____ C:\Users\pom\Desktop

    \ECONOMIE - Raccourci.lnk
    2016-03-20 15:47 - 2016-03-20 15:47 - 00000251 _____ C:\Users\pom\Desktop\Next

    System Project Comparative Framework - The Next System Project.URL
    2016-03-20 11:19 - 2016-03-20 11:19 - 00000000 ____D C:\Users\lil\AppData

    \Roaming\Sun
    2016-03-20 11:19 - 2016-03-20 11:19 - 00000000 ____D C:\Users\lil\.oracle_jre_usage
    2016-03-18 02:24 - 2016-05-05 20:16 - 00000000 ____D C:\Users\pom

    \.oracle_jre_usage
    2016-03-18 02:24 - 2016-03-18 02:24 - 00000000 ____D C:\Users\pom\AppData

    \Roaming\Sun
    2016-03-16 18:53 - 2016-03-16 21:47 - 00010020 _____ C:\Users\pom\Desktop\les

    idées de la grande transformation expliquée par maucourant.txt
    2016-03-16 16:10 - 2016-03-16 16:10 - 00001312 _____ C:\Users\pom\Desktop\La-

    Grande-Transformation-table-matieres.txt
    2016-03-11 10:51 - 2016-03-11 10:51 - 00000255 _____ C:\Users\pom\Desktop\Notes

    on the Next Bust The Economy Simply Explained.URL
    2016-03-09 12:10 - 2016-03-09 12:10 - 00000273 _____ C:\Users\pom\Desktop\Does

    the United States have a productivity slowdown or a measurement problem.URL
    2016-03-08 12:05 - 2016-03-08 12:05 - 00000313 _____ C:\Users\pom\Desktop

    \Review of “Ultrasociety How 10,000 Years of War Made Humans the Greatest

    Cooperators on Earth” The Evolution Institute.URL
    2016-03-06 16:01 - 2016-03-06 16:01 - 00000264 _____ C:\Users\pom\Desktop\“Great

    and mighty things which thou knowest not” [] – Perry G Mehrling.URL
    2016-03-01 17:23 - 2016-03-31 23:07 - 00001309 _____ C:\Users\pom\Desktop

    \0MonApprentissage - Raccourci.lnk
    2016-03-01 17:23 - 2016-03-26 13:19 - 00001615 _____ C:\Users\pom\Desktop

    \Objectifs vie apprentissage - contenu apprentissage - Raccourci.lnk
    2016-02-29 13:39 - 2016-02-29 13:39 - 00001275 _____ C:\Users\pom\Desktop

    \ARCHIVES - Raccourci.lnk

    ==================== Trois mois - Modifiés - fichiers et dossiers ========

    (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

    2016-05-29 10:19 - 2012-03-19 22:13 - 00003912 _____ C:\Windows\System32\Tasks

    \User_Feed_Synchronization-{A623D0E0-3B18-49C3-A8F1-B864B4755857}
    2016-05-29 10:16 - 2012-07-08 23:22 - 00004182 _____ C:\Windows\System32\Tasks

    \avast! Emergency Update
    2016-05-29 10:16 - 2011-06-29 20:04 - 00000000 ____D C:\Program Files\P4G
    2016-05-29 10:16 - 2011-04-13 04:33 - 00001066 _____ C:\Windows\Tasks

    \GoogleUpdateTaskMachineCore.job
    2016-05-29 10:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-05-29 09:51 - 2011-02-19 06:29 - 00831454 _____ C:\Windows

    \system32\perfh00C.dat
    2016-05-29 09:51 - 2011-02-19 06:29 - 00179042 _____ C:\Windows

    \system32\perfc00C.dat
    2016-05-29 09:51 - 2009-07-14 07:13 - 01867632 _____ C:\Windows

    \system32\PerfStringBackup.INI
    2016-05-29 09:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
    2016-05-29 09:36 - 2011-04-13 04:33 - 00001070 _____ C:\Windows\Tasks

    \GoogleUpdateTaskMachineUA.job
    2016-05-29 09:33 - 2012-10-10 13:55 - 00001070 _____ C:\Windows\Tasks

    \GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000UA.job
    2016-05-29 09:31 - 2012-10-10 13:55 - 00001018 _____ C:\Windows\Tasks

    \GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000Core.job
    2016-05-29 09:26 - 2014-01-17 23:29 - 00001002 _____ C:\Windows\Tasks\Adobe

    Flash Player Updater.job
    2016-05-29 00:08 - 2011-09-10 20:45 - 00000000 ____D C:\Users\pom\AppData

    \Roaming\VLC
    2016-05-28 23:52 - 2015-12-15 20:01 - 00000000 ____D C:\Users\pom\captvty
    2016-05-28 23:25 - 2009-07-14 06:45 - 00018736 ____H C:\Windows

    \system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-

    8115-601632D005A0
    2016-05-28 23:25 - 2009-07-14 06:45 - 00018736 ____H C:\Windows

    \system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-

    8115-601632D005A0
    2016-05-28 19:38 - 2011-10-23 14:26 - 00000000 ____D C:\Users\pom\Documents

    \ADMINISTRATIF INTENDANCE
    2016-05-27 20:47 - 2012-11-27 14:57 - 00000000 ____D C:\Users\pom\Documents\A

    LIRE
    2016-05-27 16:00 - 2012-08-24 16:47 - 00000000 ____D C:\Windows\pss
    2016-05-27 15:36 - 2011-10-23 14:05 - 00000000 ____D C:\ProgramData\Apple
    2016-05-27 15:25 - 2011-06-29 20:03 - 00001961 _____ C:\Windows

    \system32\ServiceFilter.ini
    2016-05-27 14:29 - 2012-10-30 23:47 - 00000000 ____D C:\Program Files (x86)\Java
    2016-05-27 14:10 - 2011-06-29 20:03 - 00002403 _____ C:\Windows

    \system32\AutoRunFilter.ini
    2016-05-27 03:04 - 2016-01-06 02:45 - 00000000 ___SD C:\Windows

    \SysWOW64\GWX
    2016-05-27 03:04 - 2016-01-06 02:45 - 00000000 ___SD C:\Windows\system32\GWX
    2016-05-26 17:43 - 2012-10-19 12:11 - 00000000 ___RD C:\Users\pom\Utilitaires &

    MAINTENANCE
    2016-05-26 16:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
    2016-05-26 16:26 - 2011-06-29 20:02 - 00000000 ____D C:\Windows

    \SysWOW64\K_Series_ScreenSaver_EN dir
    2016-05-26 12:17 - 2014-01-05 11:35 - 01966840 _____ C:\Windows\ntbtlog.txt
    2016-05-25 16:26 - 2011-09-02 07:01 - 00000000 ____D C:\Users\pom
    2016-05-25 16:01 - 2012-07-22 20:15 - 00000000 ____D C:\Users\pom\Documents

    \GOOGLE EARTH
    2016-05-25 15:53 - 2012-01-07 15:55 - 00000000 ___RD C:\Users\lil
    2016-05-25 15:18 - 2013-09-20 09:59 - 00000000 ____D C:\Users\pom\AppData

    \Local\ElevatedDiagnostics
    2016-05-25 12:56 - 2014-01-17 14:12 - 00000000 ____D C:\Users\pom\Downloads

    \INSTALLE
    2016-05-25 12:53 - 2014-01-02 00:56 - 00000000 ____D C:\Users\lil\Documents

    \Bibliothèque Lilouan
    2016-05-25 02:27 - 2013-06-29 14:57 - 00000000 ____D C:\ProgramData\Microsoft

    \Windows\Start Menu\Programs\Box Sync
    2016-05-24 21:13 - 2014-11-11 00:52 - 00000000 ____D C:\Windows\rescache
    2016-05-24 15:58 - 2013-06-29 14:56 - 00000000 ____D C:\Program Files\Box Sync
    2016-05-24 15:44 - 2012-04-07 15:04 - 00000000 ____D C:\Users\pom\Documents

    \EURO EUROPE
    2016-05-24 14:05 - 2013-06-29 14:59 - 00000000 ____D C:\Users\pom\Documents\My

    Box Files
    2016-05-23 22:02 - 2014-01-27 09:05 - 00000000 ____D C:\Users\pom\AppData

    \Roaming\MusicBee
    2016-05-23 21:30 - 2009-07-14 06:45 - 00349760 _____ C:\Windows

    \system32\FNTCACHE.DAT
    2016-05-23 21:23 - 2012-11-27 17:58 - 00000000 ____D C:\Users\pom\Documents

    \DVPT PERSO
    2016-05-23 21:18 - 2013-08-06 19:32 - 00078536 _____ C:\Users\pom\AppData\Local

    \GDIPFONTCACHEV1.DAT
    2016-05-23 19:53 - 2014-01-23 09:18 - 00000000 ____D C:\Users\pom\Documents

    \Bibliothèque Fictions
    2016-05-23 18:46 - 2013-09-06 13:29 - 00000000 ____D C:\Program Files

    (x86)\Cobian Backup 11
    2016-05-23 18:45 - 2012-10-15 16:32 - 00000000 ____D C:\Program Files

    (x86)\Evernote
    2016-05-23 18:34 - 2013-08-21 15:24 - 00000000 ____D C:\ProgramData\34BE82C4

    -E596-4e99-A191-52C6199EBF69
    2016-05-23 18:06 - 2013-06-23 18:43 - 00000000 ____D C:\Users\pom\KAG
    2016-05-23 17:38 - 2013-01-14 17:58 - 00000000 ____D C:\Program Files

    (x86)\QuickTime
    2016-05-23 17:27 - 2013-07-21 14:02 - 00000000 ____D C:\Program Files

    (x86)\SpeedFan
    2016-05-23 17:26 - 2012-03-09 19:51 - 00000000 ____D C:\ProgramData\BigBrainz
    2016-05-20 18:29 - 2013-11-02 10:54 - 00000000 ____D C:\Users\DefaultAppPool
    2016-05-19 21:38 - 2014-09-04 13:48 - 00000000 ____D C:\Users\lil\Documents

    \collège
    2016-05-18 12:33 - 2014-11-29 18:32 - 00000000 ____D C:\Users\pom\Documents

    \Mes numérisations
    2016-05-17 14:29 - 2015-09-12 17:58 - 00001133 _____ C:\Users\lil\Desktop

    \nativelog.txt
    2016-05-17 14:29 - 2014-05-25 13:32 - 00000000 ____D C:\Users\lil\AppData

    \Roaming\.minecraft
    2016-05-15 03:01 - 2015-02-27 17:44 - 00000000 ____D C:\Windows

    \system32\appraiser
    2016-05-14 16:56 - 2012-11-10 13:04 - 00000000 ____D C:\Users\lil\AppData

    \Roaming\vlc
    2016-05-14 15:26 - 2014-01-17 23:29 - 00797376 _____ (Adobe Systems Incorporated)

    C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-05-14 15:26 - 2014-01-17 23:29 - 00142528 _____ (Adobe Systems Incorporated)

    C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-05-14 15:26 - 2014-01-17 23:29 - 00003940 _____ C:\Windows\System32\Tasks

    \Adobe Flash Player Updater
    2016-05-14 09:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
    2016-05-14 09:24 - 2014-05-23 11:57 - 00000000 ___SD C:\Windows

    \system32\CompatTel
    2016-05-14 09:22 - 2013-10-23 15:31 - 00000000 ____D C:\Program Files\Windows

    Journal
    2016-05-14 03:43 - 2011-09-02 19:24 - 01842700 _____ C:\Windows

    \SysWOW64\PerfStringBackup.INI
    2016-05-14 03:29 - 2013-08-05 18:08 - 00000000 ____D C:\Windows\system32\MRT
    2016-05-14 03:05 - 2011-10-20 11:37 - 139319312 _____ (Microsoft Corporation) C:

    \Windows\system32\MRT.exe
    2016-05-13 10:09 - 2014-01-18 01:24 - 00002195 _____ C:\ProgramData\Microsoft

    \Windows\Start Menu\Programs\Google Chrome.lnk
    2016-05-11 07:31 - 2011-04-13 04:33 - 00004066 _____ C:\Windows\System32\Tasks

    \GoogleUpdateTaskMachineUA
    2016-05-11 07:31 - 2011-04-13 04:33 - 00003814 _____ C:\Windows\System32\Tasks

    \GoogleUpdateTaskMachineCore
    2016-05-11 07:28 - 2012-10-10 13:55 - 00004036 _____ C:\Windows\System32\Tasks

    \GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000UA
    2016-05-11 07:28 - 2012-10-10 13:55 - 00003640 _____ C:\Windows\System32\Tasks

    \GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000Core
    2016-05-09 12:40 - 2016-02-05 22:03 - 00037144 _____ (AVAST Software) C:

    \Windows\system32\Drivers\aswKbd.sys
    2016-05-09 12:40 - 2014-05-02 14:50 - 00037656 _____ (AVAST Software) C:

    \Windows\system32\Drivers\aswHwid.sys
    2016-05-09 12:40 - 2014-01-16 12:25 - 01070904 _____ (AVAST Software) C:

    \Windows\system32\Drivers\aswSnx.sys
    2016-05-09 12:40 - 2014-01-16 12:25 - 00465792 _____ (AVAST Software) C:

    \Windows\system32\Drivers\aswSP.sys
    2016-05-09 12:40 - 2014-01-16 12:25 - 00287528 _____ (AVAST Software) C:

    \Windows\system32\Drivers\aswVmm.sys
    2016-05-09 12:40 - 2014-01-16 12:25 - 00166432 _____ (AVAST Software) C:

    \Windows\system32\Drivers\aswStm.sys
    2016-05-09 12:40 - 2014-01-16 12:25 - 00107792 _____ (AVAST Software) C:

    \Windows\system32\Drivers\aswMonFlt.sys
    2016-05-09 12:40 - 2014-01-16 12:25 - 00103064 _____ (AVAST Software) C:

    \Windows\system32\Drivers\aswRdr2.sys
    2016-05-09 12:40 - 2014-01-16 12:25 - 00074544 _____ (AVAST Software) C:

    \Windows\system32\Drivers\aswRvrt.sys
    2016-05-07 20:19 - 2012-11-27 18:39 - 00000000 ___RD C:\Users\pom\Documents

    \Pensée critique
    2016-05-06 23:56 - 2015-10-21 14:18 - 00000000 ____D C:\Program Files

    (x86)\Mozilla Maintenance Service

    ==================== Fichiers à la racine de certains dossiers =======

    2012-11-27 22:48 - 2012-11-27 22:48 - 0204496 _____ (Malwarebytes) C:\Program

    Files (x86)\startuplite-setup-1.07.exe
    2012-02-20 00:04 - 2012-02-20 00:04 - 0000006 _____ () C:\Program Files

    (x86)\Common Files\WPVersion.txt
    2013-07-03 21:10 - 2013-07-03 21:11 - 0001335 _____ () C:\Users\pom\AppData

    \Roaming\Bubble Dock.boostrap.log
    2013-07-03 21:10 - 2013-07-03 21:18 - 0015580 _____ () C:\Users\pom\AppData

    \Roaming\Bubble Dock.installation.log
    2013-11-15 16:38 - 2013-11-15 16:38 - 0001252 _____ () C:\Users\pom\AppData

    \Roaming\Launch Internet Explorer Browser.lnk
    2014-01-14 16:14 - 2014-01-14 16:14 - 0000005 _____ () C:\Users\pom\AppData

    \Roaming\mbam.context.scan
    2012-03-07 18:44 - 2012-03-14 10:29 - 0000041 _____ () C:\Users\pom\AppData

    \Roaming\Offre.ini
    2012-09-08 21:52 - 2012-09-09 20:43 - 0001053 _____ () C:\Users\pom\AppData

    \Roaming\Requiem.log
    2012-04-10 00:47 - 2014-11-03 19:30 - 0005632 _____ () C:\Users\pom\AppData

    \Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2016-05-22 22:31 - 2016-05-22 22:31 - 0000218 _____ () C:\Users\pom\AppData

    \Local\recently-used.xbel
    2012-02-27 23:03 - 2014-01-14 11:22 - 0007599 _____ () C:\Users\pom\AppData

    \Local\resmon.resmoncfg
    2015-02-22 19:10 - 2015-02-22 19:10 - 0000000 _____ () C:\Users\pom\AppData

    \Local\{73B9DEB4-B0E7-4B36-A210-72AA04AE72A2}
    2015-03-20 21:41 - 2015-03-20 21:41 - 0000000 _____ () C:\Users\pom\AppData

    \Local\{8561641C-9DC7-4D18-A93A-8E0350C0BF7B}
    2011-04-13 04:48 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData

    \FullRemove.exe
    2012-05-18 17:46 - 2012-03-19 17:46 - 0000032 ____R () C:\ProgramData\hash.dat
    2011-09-02 20:42 - 2012-03-26 16:45 - 0001263 _____ () C:\ProgramData

    \hpzinstall.log
    2012-11-07 23:16 - 2012-11-07 23:16 - 0000192 _____ () C:\ProgramData

    \Microsoft.SqlServer.Compact.351.64.bc
    2011-06-29 20:07 - 2011-06-29 20:07 - 0000105 _____ () C:\ProgramData

    \{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    2011-06-29 20:06 - 2011-06-29 20:06 - 0000107 _____ () C:\ProgramData

    \{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

    Fichiers à déplacer ou supprimer:
    ====================
    C:\ProgramData\hash.dat
    C:\Users\pom\libeay32.dll
    C:\Users\pom\libgcc_s_dw2-1.dll
    C:\Users\pom\libssl32.dll
    C:\Users\pom\libstdc++-6.dll
    C:\Users\pom\mingwm10.dll
    C:\Users\pom\QtCore4.dll
    C:\Users\pom\QtGui4.dll
    C:\Users\pom\QtNetwork4.dll
    C:\Users\pom\QtSvg4.dll
    C:\Users\pom\QtWebKit4.dll
    C:\Users\pom\QtXml4.dll


    Certains fichiers dans TEMP:
    ====================
    C:\Users\lil\AppData\Local\Temp\jre-8u45-windows-au.exe
    C:\Users\lil\AppData\Local\Temp\jshortcut-1691344604840352521.dll
    C:\Users\lil\AppData\Local\Temp\jshortcut-3341333916126528912.dll
    C:\Users\lil\AppData\Local\Temp\jshortcut-5210347850661295507.dll
    C:\Users\lil\AppData\Local\Temp\jshortcut-8029099041024461006.dll


    ==================== Bamital & volsnap =================

    (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la

    vérification.)

    C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
    C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
    C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
    C:\Windows\explorer.exe => Le fichier est signé numériquement
    C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
    C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
    C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
    C:\Windows\system32\services.exe => Le fichier est signé numériquement
    C:\Windows\system32\User32.dll => Le fichier est signé numériquement
    C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
    C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
    C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
    C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
    C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
    C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
    C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

    ==================== BCD ================================

    Gestionnaire de d‚marrage Windows
    ---------------------------------
    identificateur {bootmgr}
    device partition=C:
    description Windows Boot Manager
    locale fr-FR
    inherit {globalsettings}
    default {current}
    resumeobject {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
    displayorder {current}
    toolsdisplayorder {memdiag}
    timeout 30

    Chargeur de d‚marrage Windows
    -----------------------------
    identificateur {current}
    device partition=C:
    path \Windows\system32\winload.exe
    description Windows 7
    locale fr-FR
    inherit {bootloadersettings}
    recoverysequence {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
    recoveryenabled Yes
    osdevice partition=C:
    systemroot \Windows
    resumeobject {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
    nx OptOut

    Chargeur de d‚marrage Windows
    -----------------------------
    identificateur {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
    device ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa

    \Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
    path \windows\system32\winload.exe
    description Windows Recovery Environment
    inherit {bootloadersettings}
    osdevice ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa

    \Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
    systemroot \windows
    nx OptIn
    winpe Yes

    Reprendre … partir de la mise en veille prolong‚e
    -------------------------------------------------
    identificateur {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
    device partition=C:
    path \Windows\system32\winresume.exe
    description Windows Resume Application
    locale fr-FR
    inherit {resumeloadersettings}
    filedevice partition=C:
    filepath \hiberfil.sys
    debugoptionenabled No

    Testeur de m‚moire Windows
    --------------------------
    identificateur {memdiag}
    device partition=C:
    path \boot\memtest.exe
    description Windows Memory Diagnostic
    locale fr-FR
    inherit {globalsettings}
    badmemoryaccess Yes

    ParamŠtres EMS
    --------------
    identificateur {emssettings}
    bootems Yes

    ParamŠtres du d‚bogueur
    -----------------------
    identificateur {dbgsettings}
    debugtype Serial
    debugport 1
    baudrate 115200

    Erreurs de m‚moire RAM
    ----------------------
    identificateur {badmemory}

    ParamŠtres globaux
    ------------------
    identificateur {globalsettings}
    inherit {dbgsettings}
    {emssettings}
    {badmemory}

    ParamŠtres du chargeur de d‚marrage
    -----------------------------------
    identificateur {bootloadersettings}
    inherit {globalsettings}
    {hypervisorsettings}

    ParamŠtres de l'hyperviseur
    -------------------
    identificateur {hypervisorsettings}
    hypervisordebugtype Serial
    hypervisordebugport 1
    hypervisorbaudrate 115200

    ParamŠtres du chargeur de reprise
    ---------------------------------
    identificateur {resumeloadersettings}
    inherit {globalsettings}

    Options de p‚riph‚rique
    -----------------------
    identificateur {8cb2d9b5-7c05-11de-842e-b4611d44fefa}
    description Ramdisk Options
    ramdisksdidevice partition=C:
    ramdisksdipath \Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\boot.sdi



    LastRegBack: 2016-05-24 17:41

    ==================== Fin de FRST.txt ============================

  3. #3

    Re: WU Thread 20012 - For BrianDrab

    Addition.txt

    Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:29-05

    -2016
    Exécuté par pom (2016-05-29 10:23:07)
    Exécuté depuis C:\Users\pom\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2011-09-02 05:01:02)
    Mode d'amorçage: Normal
    ==========================================================


    ==================== Comptes: =============================

    Administrateur (S-1-5-21-1363170374-948335828-1288231404-500 - Administrator -

    Disabled)
    Invité (S-1-5-21-1363170374-948335828-1288231404-501 - Limited - Enabled)
    lil (S-1-5-21-1363170374-948335828-1288231404-1001 - Limited - Enabled) => C:

    \Users\lil
    pom (S-1-5-21-1363170374-948335828-1288231404-1000 - Administrator - Enabled)

    => C:\Users\pom
    pom1 (S-1-5-21-1363170374-948335828-1288231404-1081 - Administrator - Enabled)

    => C:\Users\pom1

    ==================== Centre de sécurité ========================

    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-

    94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-

    DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-

    AFE241D3E736}

    ==================== Programmes installés ======================

    (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont

    susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les

    programmes publicitaires devront être désinstallés manuellement.)

    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems

    Incorporated)
    Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version:

    21.0.0.242 - Adobe Systems Incorporated)
    Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version:

    21.0.0.242 - Adobe Systems Incorporated)
    Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-

    AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
    Assistance Livebox (HKLM-x32\...\Assistance Livebox) (Version: 1.2.0.1 - Orange)
    ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E})

    (Version: 1.0.13 - ASUS)
    ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158})

    (Version: 3.0.20 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-

    51E30DB1A9AA}) (Version: 1.1.40 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00

    -9406-43599238DE0D}) (Version: - )
    ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-

    4A52B30041A1}) (Version: 1.0.20 - asus)
    ATI AVIVO64 Codecs (Version: 11.6.0.51005 - ATI Technologies Inc.) Hidden
    ATI Catalyst Install Manager (HKLM\...\{363836F9-D52D-8976-EC20-

    8C6965A4D045}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
    ATI Catalyst Install Manager (HKLM\...\{583EE643-CF83-A1F2-A90F-

    ADB75F7B532D}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE})

    (Version: 1.0.0007 - ASUS)
    Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: -

    Audacity Team)
    Avast Antivirus Gratuit (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
    Box Sync (64 bit) (HKLM\...\{6C45E7AD-4A4F-4AEB-9788-C5A483EFCA2F})

    (Version: 3.2.65.0 - Box.net, Inc)
    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
    C4400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
    Calcul Mental version 1.0.9 (HKLM-x32\...\{62974C8F-0013-4262-AF5E-

    7F46C992672E}_is1) (Version: 1.0.9 - RyXéo SARL)
    calibre 64bit (HKLM\...\{103BE372-2B02-43DB-AEE9-B94E59BBE60F}) (Version:

    2.21.0 - Kovid Goyal)
    CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
    Compare Advance 1.4.0.0 (HKLM-x32\...\Compare Advance_is1) (Version: - BauerApps)
    ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21})

    (Version: 1.0.8 - ASUS)
    Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
    Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
    Dictionnaire le Littré 2.0 (HKLM-x32\...\{2575CF76-C88A-4B97-AC0F-

    62FFA453FD08}_is1) (Version: - Murielle Descerisiers)
    DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Enjoy 5e (HKLM-x32\...\Enjoy 5e) (Version: 1.0.00 - Editions Didier)
    Enjoy6 (HKLM-x32\...\{B6EC7F1E-973B-44C3-88D7-9262A36DF03F}}_is1)

    (Version: - -)
    ETDWare PS/2-x64 7.0.5.16_WHQL (HKLM\...\Elantech) (Version: 7.0.5.16 - ELAN

    Microelectronics Corp.)
    e-verbe version 1.7 (HKLM\...\e-verbe_is1) (Version: - )
    Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.6 -

    ASUS)
    FeedDemon (HKLM-x32\...\FeedDemon_is1) (Version: 4.5.0.0 - NewsGator

    Technologies, Inc.)
    Folder Colorizer version 1.0.2 (HKLM\...\{A133E9CD-2879-4F30-87D4-

    1604AFD5C5CC}_is1) (Version: 1.0.2 - Softorino)
    Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version: - )
    FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version:

    0.9.0 - )
    FreeOCR v4.2 (HKLM-x32\...\freeocr_is1) (Version: - )
    Freeplane (HKLM\...\{D3941722-C4DD-4509-88C4-0E87F675A859}_is1) (Version:

    1.2.20 - Open source)
    Fresh Memory 1.1.1 (HKLM-x32\...\Fresh Memory) (Version: - )
    Fubuki version 1.0 (HKLM-x32\...\{F4866E24-2529-4516-8E45-474F72B4BCB7}_is1)

    (Version: 1.0 - AbulEdu.org)
    GCompris Uninstall (HKLM-x32\...\GCompris) (Version: - )
    GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.9.0 - International GeoGebra

    Institute)
    GEONExT 1.74 (HKLM-x32\...\GEONExT_is1) (Version: 1.74 - GEONExT Group)
    GnuPG For Windows (HKLM-x32\...\GPG4Win) (Version: 1.1.4 - The Gpg4win Project)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1})

    (Version: 7.1.5.1557 - Google)
    Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4})

    (Version: 5.41.3.0 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
    Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-

    B0C576B313D1}) (Version: 1.0.21.81 - Google)
    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard)

    Hidden
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version:

    13.0 - HP)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version:

    13.0 - HP)
    HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-

    2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)
    HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
    HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF})

    (Version: 11.14.0001 - HP)
    HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools)

    (Version: 13.0 - HP)
    HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version:

    5.005.000.001 - Hewlett-Packard)
    HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
    HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
    HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-

    000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
    Instrumenpoche (HKLM-x32\...\net.instrumenpoche.iep) (Version: v2.6 - UNKNOWN)
    Instrumenpoche (x32 Version: 2.6 - UNKNOWN) Hidden
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-

    857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562

    -DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
    Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-

    6BD661174E32}) (Version: 1.0.115.11 - Intel)
    Interlex 2.5 (HKLM-x32\...\Interlex_is1) (Version: 2.5 - Andrew Quilley)
    iPrint (HKLM-x32\...\iPrint_is1) (Version: 6.1 - Inzone Software Limited)
    iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version:

    10.6.3.25 - Apple Inc.)
    Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0})

    (Version: 8.0.910.14 - Oracle Corporation)
    Klavaro-1.9.4 (HKLM-x32\...\Klavaro_is1) (Version: - )
    L&H TTS3000 Français (HKLM-x32\...\LHTTSFRF) (Version: - )
    LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
    Le Terrier d'AbulEdu - Calculs 8.4.1 (HKLM-x32\...\{A2A947FC-5B7F-11DE-C687-

    000E2EB85B1E}_is1) (Version: - RyXéo SARL)
    LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO

    A/S)
    LibreOffice 4.0 Help Pack (French) (HKLM-x32\...\{8A8FFD7E-F670-4B7A-B553-

    C64A9EDA3CDB}) (Version: 4.0.4.2 - The Document Foundation)
    LibreOffice 4.0.4.2 (HKLM-x32\...\{FE88323B-9F0E-4596-8F56-37757C6918E9})

    (Version: 4.0.4.2 - The Document Foundation)
    Ma-Config.com (64 bits) (HKLM\...\{5DA27AE6-4460-4380-BABC-BB79E1D109D8})

    (Version: 7.1.2.0 - Cybelsoft)
    MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Mathematica Extras 8.0 (2609412) (HKLM\...\A-WIN-Extras 8.0.4 2609412_is1)

    (Version: 8.0.4 - Wolfram Research, Inc.)
    Maths à Gogo (HKLM-x32\...\Maths à Gogo) (Version: - )
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-

    CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64})

    (Version: 1.0.0100 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})

    (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-

    8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...

    \{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 -

    Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...

    \{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft

    Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...

    \{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 -

    Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-

    B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...

    \{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft

    Corporation)
    Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version:

    1.0.0.0 - Mojang)
    Miro (HKLM-x32\...\Miro) (Version: 5.0.2 - Participatory Culture Foundation)
    Mnemosyne 2.2a (HKLM-x32\...\Mnemosyne_is1) (Version: - )
    Mozilla Firefox 46.0.1 (x86 fr) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 fr)) (Version:

    46.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version:

    46.0.1.5966 - Mozilla)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-

    8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Multiplication (HKLM-x32\...\{09D2C433-2866-4F06-BAC5-14DD0DF9791A}_is1)

    (Version: 1.00.0024 - IAMANYS)
    MusicBee 2.2 (HKLM-x32\...\MusicBee) (Version: 2.2 - Steven Mayall)
    NB Probe (HKLM-x32\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version:

    - )
    Nombre Cible version 1.0 (HKLM-x32\...\{9AF1C48C-90D5-48EA-AF9B-

    9CEE541519C8}_is1) (Version: 1.0 - AbulEdu.org)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.5 - )
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    OOo4Kids 1.2 (HKLM-x32\...\{E8E5A668-C0D3-4B0A-AB0C-8E785106EA97})

    (Version: 1.2.122 - OOo4Kids)
    OpenAL (HKLM-x32\...\OpenAL) (Version: - )
    Open-Sankoré (HKLM-x32\...\{E63D17F8-D9DA-479D-B9B5-0D101A03703B}_is1)

    (Version: - Open-Sankore)
    Orange Installeur version 1.2.5.0 (HKLM-x32\...\{D13FE823-C575-4451-AC37-

    E645A67AA581}_1.2.5.0) (Version: - Orange)
    Orange update (HKLM-x32\...\OrangeUpdateManager) (Version: 2.0.7.0 - Orange)
    PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D})

    (Version: 1.7.0 - pdfforge)
    Pdfedit (HKLM-x32\...\{6C11089A-E23F-4E9B-B12C-316BF1A4376B}) (Version:

    4.5.0.0 - PdfEdit team)
    PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-

    457C-A0F7-73B9A2EF6902}) (Version: 10.0 - PlotSoft LLC)
    PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version:

    2.5.205.0 - Tracker Software Products Ltd)
    PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version: - Tracker Software)
    PhoXo (HKLM-x32\...\PhoXo) (Version: 7.1.0.0 - PhoXo)
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
    Pokémon Trading Card Game Online (HKLM-x32\...\{73550466-AE32-47D0-9868-

    C6066BDC0A3D}) (Version: 1.0.0 - The Pokémon Company International)
    PS_AIO_03_C4400_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard)

    Hidden
    Python 2.7 PyGTK 2.24.0 (HKLM-x32\...\{EF55A180-F177-4BF8-A711-

    FE297D480245}) (Version: 2.24.0 - hxxp://www.pygtk.org/)
    Python 2.7.2 (HKLM-x32\...\{2E295B5B-1AD4-4d36-97C2-A316084722CF}) (Version:

    2.7.2150 - Python Software Foundation)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-

    958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
    Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
    RetroShare (HKLM-x32\...\RetroShare) (Version: - )
    SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
    Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten

    Group)
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Skitch (HKLM-x32\...\Skitch 2.3.2.176) (Version: 2.3.2.176 - Evernote Corp.)
    SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
    Sokoban pour Windows (HKLM-x32\...\Sokoban pour Windows) (Version: Version RC de

    avril 2006 - Marc TERRIER)
    SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-

    7702C731D722}) (Version: 1.10.0500 - SRS Labs, Inc.)
    Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
    Stellarium 0.11.3 (HKLM-x32\...\Stellarium_is1) (Version: - )
    Sweet Home 3D version 5.2 (HKLM\...\Sweet Home 3D_is1) (Version: 5.2 - eTeks)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.22.0 - 2BrightSparks)
    Tcl/Tk AbulEdu 8.4 (HKLM-x32\...\Tcl/Tk AbulEdu_is1) (Version: - )
    TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
    Tetris (HKLM-x32\...\{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1) (Version:

    1.64 - Crystal Office Systems)
    Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-1363170374-948335828-1288231404

    -1000\...\TimeAdjuster) (Version: - IrekSoftware.com)
    ToKé'MaThS (HKLM-x32\...\ToKé'MaThS) (Version: - )
    ToKé'MoTs (HKLM-x32\...\ToKé'MoTs) (Version: - )
    ToK'eNgLiSh (HKLM-x32\...\ToK'eNgLiSh) (Version: - )
    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
    TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
    Tux of Math Command (remove only) (HKLM-x32\...\TuxMath) (Version: - )
    Unity Web Player (HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...

    \UnityWebPlayer) (Version: - Unity Technologies ApS)
    UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
    USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version:

    5.8.55133.207 - Sonix)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
    VUE 3.3.0 (HKLM-x32\...\VUE) (Version: 3.3.0 - Tufts University)
    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-

    867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version:

    2.30.3 - ASUS)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2})

    (Version: 3.0.19 - ASUS)

    ==================== Personnalisé CLSID (Avec liste blanche):

    ==========================

    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

    ne sera pas déplacé, sauf s'il est inscrit séparément.)

    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Pas de fichier
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Pas de fichier
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Pas de fichier
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Pas de fichier
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Pas de fichier
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Pas de fichier
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Pas de fichier
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Pas de fichier
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:

    \Users\pom\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Pas de fichier
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Pas de fichier
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Pas de fichier
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1363170374-948335828-1288231404-1000_Classes

    \CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users

    \pom\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Pas de fichier

    ==================== Tâches planifiées (Avec liste blanche) =============

    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

    ne sera pas déplacé, sauf s'il est inscrit séparément.)

    Task: {12FF6D56-2A7C-492B-9E46-5E455F8B2564} - System32\Tasks\AVAST

    Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus

    \backup.exe [2016-03-04] (AVAST Software)
    Task: {19D4A719-177E-43F1-BCA1-3EB6778F1789} - System32\Tasks\{F370624B-

    568C-47A4-8895-50F292526020} => Firefox.exe
    Task: {1EC99C14-D2FB-46AE-AC59-22C076C3ECE8} - System32\Tasks

    \{B7B50FC0-A2EE-4B6A-A442-972F71DD0694} => C:\Program Files (x86)\Skype

    \Phone\Skype.exe
    Task: {28AD10E8-4CF3-45C2-89A2-3677FBF88A24} - System32\Tasks\Net4Switch

    => C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
    Task: {2D5E4E4D-CF63-447E-8D36-08A5EF41A2B9} - System32\Tasks

    \GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000UA =>

    C:\Users\pom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google

    Inc.)
    Task: {4D37CCD1-552F-42FD-9890-A44BC47B69D8} - System32\Tasks\{3D6B6310

    -9A27-47DD-907F-E866992A6B54} => pcalua.exe -a C:\Users\pom\Downloads\defi-

    ortho-enfants_install.exe -d C:\Users\pom\Downloads
    Task: {533E1219-4056-4687-8B1E-ACE1C5031D88} - System32\Tasks\SRS Premium

    Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel

    \srspremiumpanel_64.exe [2010-11-20] (SRS Labs, Inc.)
    Task: {60F398C6-F009-4FEB-B4EF-955537F134F2} - System32\Tasks

    \GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update

    \GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {6D82BE5B-FA19-40A2-902E-281ABDED3ABD} - System32\Tasks

    \{7306E76B-BBB5-46DA-87DF-EB52A3FDFE60} => pcalua.exe -a C:\Users\pom

    \Desktop\AdobeAIRInstaller.exe -d C:\Users\pom\Desktop
    Task: {6E9A7883-9886-4149-B5AE-9F8F3356ABB8} - System32\Tasks\{45C5F2C5-

    BCB7-402A-9C82-1033C9041A08} => pcalua.exe -a C:\Users\pom\Downloads

    \spchapi.EXE -d C:\Users\pom\Downloads
    Task: {6F564842-A6C3-4E02-A06E-34070B6FDBF7} - System32\Tasks\ACMON =>

    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
    Task: {73A76E5F-A2CE-492E-8075-D1F13550238D} - System32\Tasks

    \AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
    Task: {769318F1-C1B1-40F5-8892-930100F5BB10} - System32\Tasks\ATKOSD2 =>

    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17]

    (ASUS)
    Task: {7DBD0769-3C63-4415-A777-2C7D77AE0F11} - System32\Tasks

    \{5B0DAFEF-199B-4000-B862-A81759BCDC5D} => Firefox.exe
    Task: {7E8ED9D1-737F-4539-B62F-4A5AAAE3D7AA} - System32\Tasks

    \{95C4528E-4FEE-476B-BF77-0AA21A15A2DE} => Firefox.exe
    Task: {80649BF9-1116-4E09-8A8B-9ECEBC9EFEDB} - System32\Tasks\ASUS P4G

    => C:\Program Files\P4G\BatteryLife.exe [2010-08-12] (ASUS)
    Task: {84A77F86-B445-48DE-B57F-B89B693CD5C2} - System32\Tasks

    \GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update

    \GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {8A7D4F59-B04D-4DE1-B908-140116966E15} - System32\Tasks\{4CC0AD81

    -3CFE-44EC-A318-ACE52C04711E} => Firefox.exe
    Task: {9B22C600-6635-4BB2-AE74-7530F1B20AE5} - System32\Tasks\{6B70EA02-

    18A9-420A-B375-553B07B424BE} => Firefox.exe

    hxxp://ui.skype.com/ui/0/5.8.0.154.261/fr/go/help.faq.installer?

    source=lightinstaller&amp;LastError=1618
    Task: {B06A1D91-5D64-4004-A7F6-7BAC9C3BA400} - System32\Tasks\essai => C:

    \Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe [2011-12-08] (The

    Audacity Team)
    Task: {B363ECB0-62BC-4B96-9FF7-1B6BD65E056C} - System32\Tasks\SafeZone

    scheduled Autoupdate 1454875948 => C:\Program Files\AVAST Software\SZBrowser

    \launcher.exe [2016-04-15] (Avast Software)
    Task: {B8260DDA-BFF6-4BC7-978E-055C6FFF6B70} - System32\Tasks\Adobe Flash

    Player Updater => C:\Windows\SysWOW64\Macromed\Flash

    \FlashPlayerUpdateService.exe [2016-05-14] (Adobe Systems Incorporated)
    Task: {C3788A3E-147E-4A4F-83F9-F29CCCD79C9B} - System32\Tasks\avast!

    Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

    [2016-05-09] (AVAST Software)
    Task: {C624FD83-8AB4-4B53-AAED-C0C92B86579E} - \Desk 365 RunAsStdUser ->

    Pas de fichier <==== ATTENTION
    Task: {CFBE72BE-CB90-4D7E-BC04-BD83D0529E9E} - System32\Tasks

    \{60B5477A-FF45-41EF-AC99-DA8BBE73B84C} => pcalua.exe -a "C:\Program Files

    (x86)\Mozilla Firefox\firefox.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {DC3C3D28-2D5B-4F37-BB20-6EFB62A5638E} - System32\Tasks

    \CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform

    Ltd)
    Task: {DFDC6240-527E-4492-93E5-9CE97569348E} - System32\Tasks\{B1A09B03-

    3D4A-46C0-84F0-D8D55ECACE3D} => Firefox.exe
    Task: {FE51DBB0-5153-4214-9837-CFDCEBE911FD} - System32\Tasks\{74CAE2B9

    -C421-4DE1-ACD2-84DF054FF5AA} => Firefox.exe

    hxxp://ui.skype.com/ui/0/6.11.0.102/fr/abandoninstall?page=tsProgressBar
    Task: {FE58D060-1AA7-45B4-83C9-B8168CCD0951} - System32\Tasks

    \GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-1288231404-1000Core =>

    C:\Users\pom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google

    Inc.)

    (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le

    fichier exécuté par la tâche ne sera pas déplacé.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows

    \SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files

    (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files

    (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-

    1288231404-1000Core.job => C:\Users\pom\AppData\Local\Google\Update

    \GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1363170374-948335828-

    1288231404-1000UA.job => C:\Users\pom\AppData\Local\Google\Update

    \GoogleUpdate.exe

    ==================== Raccourcis =============================

    (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés

    ou restaurés.)

    ==================== Modules chargés (Avec liste blanche) ==============

    2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G

    \DevMng.dll
    2010-09-23 17:53 - 2010-09-23 17:53 - 01601536 _____ () C:\Program Files

    (x86)\ASUS\Wireless Console 3\wcourier.exe
    2016-05-09 12:40 - 2016-05-09 12:40 - 00123344 _____ () C:\Program Files\AVAST

    Software\Avast\log.dll
    2016-05-09 12:40 - 2016-05-09 12:40 - 00135816 _____ () C:\Program Files\AVAST

    Software\Avast\JsonRpcServer.dll
    2016-05-29 09:27 - 2016-05-29 09:27 - 02982040 _____ () C:\Program Files\AVAST

    Software\Avast\defs\16052900\algo.dll
    2016-05-09 12:40 - 2016-05-09 12:40 - 00479680 _____ () C:\Program Files\AVAST

    Software\Avast\ffl2.dll
    2016-05-09 12:40 - 2016-05-09 12:40 - 00309912 _____ () C:\Program Files\AVAST

    Software\Avast\browser_pass.dll
    2016-02-05 22:02 - 2016-02-05 22:02 - 40539648 _____ () C:\Program Files\AVAST

    Software\Avast\libcef.dll
    2013-06-11 23:28 - 2013-06-11 23:28 - 01005744 _____ () C:\Program Files

    (x86)\LibreOffice 4.0\program\libxml2.dll
    2013-06-11 23:28 - 2013-06-11 23:28 - 00102064 _____ () C:\Program Files

    (x86)\LibreOffice 4.0\program\librdf.dll
    2013-06-11 23:28 - 2013-06-11 23:28 - 00289968 _____ () C:\Program Files

    (x86)\LibreOffice 4.0\program\raptor.dll
    2013-06-11 23:28 - 2013-06-11 23:28 - 00158384 _____ () C:\Program Files

    (x86)\LibreOffice 4.0\program\rasqal.dll
    2013-06-11 23:28 - 2013-06-11 23:28 - 00175280 _____ () C:\Program Files

    (x86)\LibreOffice 4.0\program\libxslt.dll
    2013-06-11 23:28 - 2013-06-11 23:28 - 00077488 _____ () C:\Program Files

    (x86)\LibreOffice 4.0\program\python3.dll
    2013-06-11 06:09 - 2013-06-11 06:09 - 00049152 _____ () C:\Program Files

    (x86)\LibreOffice 4.0\program\python-core-3.3.0\lib\_socket.pyd

    ==================== Alternate Data Streams (Avec liste blanche) =========

    (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS

    - Alternate Data Stream) sera supprimé.)

    AlternateDataStreams: C:\ProgramData\Temp:3E7393FC [120]
    AlternateDataStreams: C:\ProgramData\Temp:5D458568 [133]

    ==================== Mode sans échec (Avec liste blanche)

    ===================

    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le

    "AlternateShell" sera restauré.)


    ==================== Association (Avec liste blanche) ===============

    (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la

    valeur par défaut ou supprimé.)


    ==================== Internet Explorer sites de confiance/sensibles

    ===============

    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)


    ==================== Hosts contenu: ==========================

    (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de

    réinitialiser le fichier hosts.)

    2009-07-14 04:34 - 2014-01-17 00:04 - 04168956 ____N C:\Windows

    \system32\Drivers\etc\hosts

    127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
    127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
    127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
    127.0.0.1 2010-fr.com # hosts anti-adware / pups
    127.0.0.1 2012-new.biz # hosts anti-adware / pups
    127.0.0.1 212link.com # hosts anti-adware / pups
    127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
    127.0.0.1 24h00business.com # hosts anti-adware / pups
    127.0.0.1 a.adorika.net # hosts anti-adware / pups
    127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
    127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
    127.0.0.1 ad.adn360.com # hosts anti-adware / pups
    127.0.0.1 adeartss.eu # hosts anti-adware / pups
    127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
    127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
    127.0.0.1 adm.soft365.com # hosts anti-adware / pups
    127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
    127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
    127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
    127.0.0.1 ads.aff.co # hosts anti-adware / pups
    127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
    127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
    127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
    127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
    127.0.0.1 ads.pornerbros.com # hosts anti-adware / pups
    127.0.0.1 ads.realken.com # hosts anti-adware / pups
    127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups
    127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups
    127.0.0.1 ads.tersecta.com # hosts anti-adware / pups
    127.0.0.1 a.dungtank.com # hosts anti-adware / pups

    Il y a 70902 plus de lignes.


    ==================== Autres zones ============================

    (Actuellement, il n'y a pas de correction automatique pour cette section.)

    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Control Panel\Desktop\

    \Wallpaper -> C:\Users\pom\AppData\Roaming\Microsoft\Windows\Themes

    \TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =>

    (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Le Pare-feu est activé.

    ==================== MSCONFIG/TASK MANAGER éléments désactivés ==

    (Actuellement, il n'y a pas de correction automatique pour cette section.)

    MSCONFIG\Services: #UpdateService => 2
    MSCONFIG\Services: AFBAgent => 2
    MSCONFIG\Services: Apple Mobile Device Service => 2
    MSCONFIG\Services: ASLDRService => 2
    MSCONFIG\Services: ATKGFNEXSrv => 2
    MSCONFIG\Services: cbVSCService11 => 3
    MSCONFIG\Services: HOSTS Anti-PUPs => 3
    MSCONFIG\Services: MBAMScheduler => 2
    MSCONFIG\Services: MBAMService => 2
    MSCONFIG\Services: ocster_backup => 2
    MSCONFIG\Services: PDF Architect Helper Service => 2
    MSCONFIG\Services: PDF Architect Service => 2
    MSCONFIG\Services: Steam Client Service => 3
    MSCONFIG\Services: TeamViewer7 => 2
    MSCONFIG\Services: TeamViewer9 => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start

    Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss

    \AsusVibeLauncher.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start

    Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart

    daemon.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start

    Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital

    Imaging Monitor.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start

    Menu^Programs^Startup^iPrint.lnk => C:\Windows\pss\iPrint.lnk.CommonStartup
    MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun

    \AmIcoSinglun64.exe
    MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
    MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software

    Update\HPWuSchd2.exe
    MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin

    \hpqSRMon.exe
    MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
    MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies

    \ATI.ACE\Core-Static\CLIStart.exe" MSRun

    ==================== RèglesPare-feu (Avec liste blanche) ===============

    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier

    ne sera pas déplacé, sauf s'il est inscrit séparément.)

    FirewallRules: [{50D76052-134E-46DB-AF8E-63827F883C0F}] => (Allow) C:

    \Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}] => (Allow)

    LPort=2869
    FirewallRules: [{B827E1C7-5A7A-484C-9653-2FE388A8B888}] => (Allow)

    LPort=1900
    FirewallRules: [{25BDD843-A815-48A8-A216-66D065687049}] => (Allow) C:

    \Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}] => (Allow) C:

    \Program Files (x86)\Windows Live\Mesh\MOE.exe
    FirewallRules: [{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}] => (Allow)

    LPort=5353
    FirewallRules: [{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}] => (Allow)

    LPort=8182
    FirewallRules: [{188F5D90-A615-47D3-B75C-60EF520FA4F4}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    FirewallRules: [{C84F0668-387F-42E1-A403-F0165C88FE67}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    FirewallRules: [{2CE10764-942F-4EE8-9109-DD56293058E6}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
    FirewallRules: [{99A0D41F-670B-4E03-942B-87DE476F6CE1}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
    FirewallRules: [{0EF215AF-1069-431C-9397-A43C7F2D80E9}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
    FirewallRules: [{C3626C7D-6C0E-4D93-98BC-DCEE46A47FDA}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
    FirewallRules: [{0F7D2EE8-1F3D-40A1-8C52-3CE2305B9DA8}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
    FirewallRules: [{CDF9206C-EB32-41FB-9ED4-D4D3823D5434}] => (Allow) C:

    \Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
    FirewallRules: [{1AB49DF1-EE62-4885-AC92-CCBA3A2484F7}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
    FirewallRules: [{16FE488B-87A8-4C5D-95D0-C07236BCB055}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
    FirewallRules: [{881D5E4C-C3EF-4838-81B8-460D10E4C5B4}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
    FirewallRules: [{C2032BC2-4F14-4674-830E-FF188F8B3EC4}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
    FirewallRules: [{B6D6FCE0-C89F-4876-A457-59FEE2086769}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    FirewallRules: [{9BA9F757-4B5D-4967-A016-168F977E90F7}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
    FirewallRules: [{3DD938D1-C1C8-4736-871C-5E5EA044D8E6}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
    FirewallRules: [{0FC9FE57-10CC-47B8-88BD-6D56A74A3C7E}] => (Allow) C:

    \Program Files (x86)\HP\hp software update\hpwucli.exe
    FirewallRules: [{557BC608-78D9-4474-8A41-D39C5678E4B7}] => (Allow) C:

    \Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
    FirewallRules: [TCP Query User{E2B2FC1C-874F-4AF9-B7F8-8BF997686175}C:

    \program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files

    (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [UDP Query User{0CCEC0AD-BDF9-4B50-8FA5-DAA05888E3E5}C:

    \program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files

    (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [{D852EB04-3B86-4512-9BCF-1359AA2317F2}] => (Allow) C:

    \Program Files (x86)\Common Files\Apple\Apple Application Support

    \WebKit2WebProcess.exe
    FirewallRules: [{3D8DEB4B-F926-49F5-AD9E-3BB32ADBA2D2}] => (Allow) C:

    \Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{99D0D7C9-B50B-4FC9-9599-059A4E5CCCF1}] => (Allow) C:

    \Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{EF24816D-955E-4280-8E56-BE84265E3843}] => (Allow) C:

    \Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{538B7E63-8E5D-4A94-8D94-6EBD4A67E02F}] => (Allow) C:

    \Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{42360C14-1DF0-4178-A071-71B5A49026B0}C:

    \program files (x86)\participatory culture foundation\miro\miro_downloader.exe] =>

    (Allow) C:\program files (x86)\participatory culture foundation\miro

    \miro_downloader.exe
    FirewallRules: [UDP Query User{1CC5BCBF-5EA4-4045-8490-B258E47B539A}C:

    \program files (x86)\participatory culture foundation\miro\miro_downloader.exe] =>

    (Allow) C:\program files (x86)\participatory culture foundation\miro

    \miro_downloader.exe
    FirewallRules: [TCP Query User{212CB18B-BE97-47EB-9695-29E7B7D56C68}C:

    \program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files

    (x86)\orbitdownloader\orbitnet.exe
    FirewallRules: [UDP Query User{F5218F46-29F9-4BDA-96A4-D8921D50CB98}C:

    \program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files

    (x86)\orbitdownloader\orbitnet.exe
    FirewallRules: [TCP Query User{55F7139F-133F-41D7-B82E-E5FF32F6E3C1}C:

    \program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc

    \vlc.exe
    FirewallRules: [UDP Query User{10E8190F-3B1E-4F04-A7CA-C183E0473C55}C:

    \program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc

    \vlc.exe
    FirewallRules: [{6674152E-0C4C-4100-95C6-DFE1B059F5F4}] => (Block) C:

    \program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [{BE613C53-3AF0-40B7-ADD2-D8E5B5C8BB85}] => (Block) C:

    \program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [{54538AE3-870F-406A-BB12-F6B374AEA857}] => (Allow) C:

    \program files (x86)\participatory culture foundation\miro\miro_downloader.exe
    FirewallRules: [{53FA8477-4647-4D48-B3A0-E57320A2624F}] => (Allow) C:

    \program files (x86)\participatory culture foundation\miro\miro_downloader.exe
    FirewallRules: [TCP Query User{72B28088-0F2B-4F99-854F-E1EED15D9CFF}C:

    \program files\urbanterror\iourbanterror.exe] => (Block) C:\program files\urbanterror

    \iourbanterror.exe
    FirewallRules: [UDP Query User{7A432BFA-F0EA-48FD-A621-FBD12E10720E}C:

    \program files\urbanterror\iourbanterror.exe] => (Block) C:\program files\urbanterror

    \iourbanterror.exe
    FirewallRules: [{43DCD8E9-0968-4947-8F13-9918573CA06A}] => (Allow) C:

    \Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\WolframCDFPlayer.exe
    FirewallRules: [{FD25DFF1-5700-4884-8264-0D629540CBAB}] => (Allow) C:

    \Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\WolframCDFPlayer.exe
    FirewallRules: [{E4724E16-4243-49E0-AE04-4531FF0EC099}] => (Allow) C:

    \Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\math.exe
    FirewallRules: [{F6420343-FBE5-4A54-A7EB-92423A4218FC}] => (Allow) C:

    \Program Files (x86)\Wolfram Research\Wolfram CDF Player\8.0\math.exe
    FirewallRules: [TCP Query User{962CC268-4EFC-443B-907D-BA9C9874EDF5}C:

    \program files (x86)\retroshare\retroshare.exe] => (Allow) C:\program files

    (x86)\retroshare\retroshare.exe
    FirewallRules: [UDP Query User{BCA31924-A9EA-4427-AD33-E4FC6CCFF93E}C:

    \program files (x86)\retroshare\retroshare.exe] => (Allow) C:\program files

    (x86)\retroshare\retroshare.exe
    FirewallRules: [TCP Query User{0F631139-C4A4-4E07-A88D-9F323C4B4CEC}C:

    \program files (x86)\retroshare\retroshare.exe] => (Allow) C:\program files

    (x86)\retroshare\retroshare.exe
    FirewallRules: [UDP Query User{E83A3538-BAEF-4449-A612-7A07D4AD60CE}C:

    \program files (x86)\retroshare\retroshare.exe] => (Allow) C:\program files

    (x86)\retroshare\retroshare.exe
    FirewallRules: [TCP Query User{C4619ED4-6582-4A7A-98BF-CB525C61F6EC}C:

    \program files (x86)\asebastudio\asebachallenge.exe] => (Allow) C:\program files

    (x86)\asebastudio\asebachallenge.exe
    FirewallRules: [UDP Query User{7FF36E7F-9FD0-46DF-AB57-5371CB146AE1}C:

    \program files (x86)\asebastudio\asebachallenge.exe] => (Allow) C:\program files

    (x86)\asebastudio\asebachallenge.exe
    FirewallRules: [{E1CFF55E-A2C6-4ABD-9F4B-7B699E431551}] => (Allow) C:

    \Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
    FirewallRules: [{A0876E9A-E75A-4884-AE26-69086BB9A4CF}] => (Allow) C:

    \Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
    FirewallRules: [TCP Query User{F8E874EF-8A0F-41E7-AF6A-34C6CC7C5A06}C:

    \program files\winpcap\rpcapd.exe] => (Block) C:\program files\winpcap\rpcapd.exe
    FirewallRules: [UDP Query User{D2F9B5F4-F3D3-4872-8496-89FE4DCDE773}C:

    \program files\winpcap\rpcapd.exe] => (Block) C:\program files\winpcap\rpcapd.exe
    FirewallRules: [{E8D49345-FF23-49D0-88DB-ABBC041FF573}] => (Allow) C:

    \Users\pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{37D7E76B-D44F-4668-8735-865D85C73F14}] => (Allow) C:\Users

    \pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [TCP Query User{3FEA70D7-39A3-4297-90EE-FC9970D1E863}C:

    \program files (x86)\mnemosyne\mnemosyne-webserver.exe] => (Allow) C:\program files

    (x86)\mnemosyne\mnemosyne-webserver.exe
    FirewallRules: [UDP Query User{677CDCB7-364E-43CF-9B31-E1625AA96A2F}C:

    \program files (x86)\mnemosyne\mnemosyne-webserver.exe] => (Allow) C:\program files

    (x86)\mnemosyne\mnemosyne-webserver.exe
    FirewallRules: [{46219781-7234-47D8-9BE9-25A7FBE14D86}] => (Allow) C:

    \Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{1E2B61E2-4EAF-4AF8-8525-A5326D117634}] => (Allow) C:

    \Program Files (x86)\Steam\Steam.exe
    FirewallRules: [TCP Query User{7B53CFA8-4D3F-4CE9-BCFD-448D846BC970}C:

    \users\pom\kag\kag.exe] => (Allow) C:\users\pom\kag\kag.exe
    FirewallRules: [UDP Query User{59C49D4B-26E6-47DF-B55B-E11D6F783E77}C:

    \users\pom\kag\kag.exe] => (Allow) C:\users\pom\kag\kag.exe
    FirewallRules: [{2EF19C9E-B94C-4857-A763-FB135B4E212D}] => (Allow)

    LPort=48113
    FirewallRules: [{DABC2EBC-FF36-4829-9A07-8C52C399A801}] => (Allow)

    LPort=48114
    FirewallRules: [{9C6ED9A2-A62C-4615-AFF3-E08DCDFE7084}] => (Allow) C:

    \Program Files\ma-config.com\MaConfigAgent.exe
    FirewallRules: [{D11338B9-9A7A-41D7-B3C8-7917A6A0974A}] => (Allow) C:

    \Program Files\ma-config.com\MaConfigAgent.exe
    FirewallRules: [{21C8781A-6379-4988-A5C7-E4FCC2A8A545}] => (Allow) C:

    \Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [TCP Query User{8D9C1964-1E28-403B-A2A9-1DB54243021E}C:

    \program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin

    \javaw.exe
    FirewallRules: [UDP Query User{C2B04AF1-8E71-43D9-B121-6EBD675E9A0F}C:

    \program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin

    \javaw.exe
    FirewallRules: [{05700B26-8560-4D3B-951B-859B43CDD0B6}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    FirewallRules: [{B3AA4D1D-ACBE-413E-B889-DF1F88F89645}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    FirewallRules: [{F0AE8FDE-0AEF-4C66-9502-0D6C8952AFBA}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    FirewallRules: [{EEC634E1-69C8-47F4-BAD4-DF23B531C1F2}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%

    \Microsoft.NET\Framework64\v3.0\Windows Communication Foundation

    \SMSvcHost.exe
    FirewallRules: [{CBD2BCF0-38E0-49FD-A2B2-D0F4F3C331D8}] => (Allow)

    %ProgramFiles% (x86)\Deluge\deluge.exe
    FirewallRules: [TCP Query User{FB201529-294A-4DC7-BA24-805F7DF8C757}C:

    \program files (x86)\deluge\deluged-debug.exe] => (Allow) C:\program files (x86)\deluge

    \deluged-debug.exe
    FirewallRules: [UDP Query User{2DBA24C0-D814-4913-BFC4-C22A50627B81}C:

    \program files (x86)\deluge\deluged-debug.exe] => (Allow) C:\program files (x86)\deluge

    \deluged-debug.exe
    FirewallRules: [TCP Query User{1E9CFBFD-1327-441B-B6CB-514C617B4C5D}C:

    \program files (x86)\deluge\deluge-web-debug.exe] => (Allow) C:\program files

    (x86)\deluge\deluge-web-debug.exe
    FirewallRules: [UDP Query User{C192753B-5EE9-4DE4-BA42-37EE45BAA911}C:

    \program files (x86)\deluge\deluge-web-debug.exe] => (Allow) C:\program files

    (x86)\deluge\deluge-web-debug.exe
    FirewallRules: [TCP Query User{A96CAD79-5929-461F-BD79-64689904399C}C:

    \program files\calibre2\calibre.exe] => (Allow) C:\program files\calibre2\calibre.exe
    FirewallRules: [UDP Query User{96B93A7C-D990-4556-BD98-9995FDCFC110}C:

    \program files\calibre2\calibre.exe] => (Allow) C:\program files\calibre2\calibre.exe
    FirewallRules: [{E51B963C-07FC-47FD-AA5D-83967B25B164}] => (Allow)

    LPort=54982
    FirewallRules: [{BDA56FA0-648F-471F-AD40-2BD16268A0A1}] => (Allow)

    LPort=8080
    FirewallRules: [{7478F5D2-ED9D-480D-96C7-9F21E542A263}] => (Allow)

    %ProgramFiles%\Calibre2\calibre.exe
    FirewallRules: [{1E5B2C7B-D67B-4356-AD49-DF148FA951EC}] => (Allow)

    %ProgramFiles%\Calibre2\calibre-server.exe
    FirewallRules: [{CD609019-E49F-46F1-96F4-2CFE996EF7FC}] => (Allow)

    %ProgramFiles%\Calibre2\calibre.exe
    FirewallRules: [{B27CDA40-3520-4B1E-B47A-9A75ABD2FC40}] => (Allow)

    %ProgramFiles%\Calibre2\calibre-server.exe
    FirewallRules: [{0781B04A-F678-4B7B-BB46-2B77F0EDC8BB}] => (Allow) C:

    \program files (x86)\asebastudio\asebachallenge.exe
    FirewallRules: [{61D1D7FF-AB4B-4B12-BA44-E38C750BD601}] => (Allow) C:

    \program files (x86)\asebastudio\asebachallenge.exe
    FirewallRules: [{E5895E6D-E878-4364-8186-52A8D56FEF97}] => (Allow) C:

    \program files (x86)\deluge\deluged-debug.exe
    FirewallRules: [{5C437C7E-30DC-4A8D-A49D-F2CA4562EDE2}] => (Allow) C:

    \program files (x86)\deluge\deluged-debug.exe
    FirewallRules: [{5316B327-F230-4936-9E75-B5E9216719BC}] => (Allow) C:

    \program files (x86)\deluge\deluge-web-debug.exe
    FirewallRules: [{4171631A-8FDF-4D5C-884C-E93E4BEBB408}] => (Allow) C:

    \program files (x86)\deluge\deluge-web-debug.exe
    FirewallRules: [{1F365AC0-EBC0-488E-8C39-4A3A78588185}] => (Allow) C:\Users

    \pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{1DFD8306-C940-4020-9E60-B179A66DBD97}] => (Allow) C:\Users

    \pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{9EAE847D-A6EB-4039-AA36-8315A0E3A637}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
    FirewallRules: [{DEC85FC4-CE10-4C99-A918-03249DE5402D}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
    FirewallRules: [{1CFB3886-8621-4ECC-A649-30D91642B6F7}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
    FirewallRules: [{61DF78E3-8F24-4786-B752-B0ED70AEC44F}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
    FirewallRules: [{CA041A0A-8E8A-429F-982B-BD1386418750}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
    FirewallRules: [{8712E7DE-51C4-48E7-A8F6-CE4D408E0A9D}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
    FirewallRules: [{CD5BC8AF-B27E-4FB2-92B9-FBFE6477AF0C}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
    FirewallRules: [{5400ACBC-1B8C-467C-857C-FA0E66472D64}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
    FirewallRules: [{7692B5A6-24EE-4D02-BFEA-39122402A848}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    FirewallRules: [{FE86492D-2359-4D80-A88C-E2BF553CDD21}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    FirewallRules: [{42AD5127-8840-43C2-A44C-D40B460ACF66}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
    FirewallRules: [{9AB5DBD0-F237-4D65-B21C-5588683276B6}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
    FirewallRules: [{C67B4DAE-658C-465A-84FE-B5E19CEB8941}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
    FirewallRules: [{D3A6E382-0345-458A-90B5-1DE392AEDF9A}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
    FirewallRules: [{8AB6152B-3AEB-4B8C-A862-98E8626DFDCD}] => (Allow) C:

    \Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
    FirewallRules: [{2E96F3A1-C93C-44B8-9028-11D174CA2156}] => (Allow) C:

    \Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
    FirewallRules: [{697D1DF6-3033-4085-A3B7-EB3C1670C6BF}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
    FirewallRules: [{B7E07F3D-178F-482D-9C78-6A26EAEE8E47}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
    FirewallRules: [{B2B162C9-D31D-4427-837C-AD744FE88A3B}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
    FirewallRules: [{B46E2158-C532-4B3A-A32F-A470F1C0FE8F}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
    FirewallRules: [{50F70302-DF1D-4406-8225-11C806FC82F9}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    FirewallRules: [{1351C510-6842-4BD6-A261-BFD8BE53FD8D}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    FirewallRules: [{B108594E-8803-4E5A-A9BF-2E944A5AD575}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
    FirewallRules: [{4BCCEFA3-33A5-425F-85A8-9234632D3899}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
    FirewallRules: [{477ACCC1-5C5A-4EA4-8C33-3A417FC53348}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    FirewallRules: [{6F3D6EE0-63B4-4DEA-B5E4-933675616451}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    FirewallRules: [{6EE7527F-BF2C-42B2-ABCB-AD152247EDAE}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
    FirewallRules: [{31862449-2885-47DD-8744-B1106774BC5F}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
    FirewallRules: [{E7E86EEB-D603-41DB-B2D2-9FEBC342883A}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
    FirewallRules: [{0CE1C67D-719D-42FC-82C6-3E9DDABFE02A}] => (Allow) C:

    \Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
    FirewallRules: [{3831F32D-188D-4ED3-8301-443B5B3D1586}] => (Allow) C:

    \Program Files (x86)\HP\hp software update\hpwucli.exe
    FirewallRules: [{22E02307-6042-4C20-B0B1-0803A902B621}] => (Allow) C:

    \Program Files (x86)\HP\hp software update\hpwucli.exe
    FirewallRules: [{648A5D1B-A3D6-4ED4-8244-CDB284728055}] => (Block) C:

    \program files\urbanterror\iourbanterror.exe
    FirewallRules: [{53A60EC3-8F30-4949-8941-C146D58441D0}] => (Block) C:

    \program files\urbanterror\iourbanterror.exe
    FirewallRules: [{0735AD14-6697-4A09-BEDE-EC490415B278}] => (Allow)

    LPort=5353
    FirewallRules: [{FEEC9F8D-8028-4DD8-8D7C-F113675AD318}] => (Allow)

    LPort=8182
    FirewallRules: [{6F5F3F81-930E-4DE8-814F-BCA93BE61670}] => (Allow) C:

    \program files\java\jre7\bin\javaw.exe
    FirewallRules: [{3F49C93D-0299-4C98-BBBD-E260A61C5C6C}] => (Allow) C:

    \program files\java\jre7\bin\javaw.exe
    FirewallRules: [{9A426F8F-89CC-41DD-9576-A495F90ED8FA}] => (Allow) C:\users

    \pom\kag\kag.exe
    FirewallRules: [{A6A59621-CF3D-474C-8039-53D7AB885F63}] => (Allow) C:\users

    \pom\kag\kag.exe
    FirewallRules: [{21850DC3-C527-4635-874C-A155D8E97506}] => (Allow)

    LPort=48113
    FirewallRules: [{73F61C5B-311F-420B-ABE0-20B0A9203C4C}] => (Allow)

    LPort=48114
    FirewallRules: [{A1A6F118-033C-48E8-B2A9-A26219DC86EA}] => (Allow) C:

    \program files (x86)\participatory culture foundation\miro\miro_downloader.exe
    FirewallRules: [{255EC65A-809A-4C14-8B94-927451FDAF12}] => (Allow) C:

    \program files (x86)\participatory culture foundation\miro\miro_downloader.exe
    FirewallRules: [{CA04000B-D314-48A4-9443-507ADE870B05}] => (Allow) C:

    \program files (x86)\mnemosyne\mnemosyne-webserver.exe
    FirewallRules: [{232760DC-4BF9-4C42-ACE1-3928763420D3}] => (Allow) C:

    \program files (x86)\mnemosyne\mnemosyne-webserver.exe
    FirewallRules: [{7972FF11-002A-4BAA-9D7D-E1329954045F}] => (Allow) C:

    \Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
    FirewallRules: [{57F9B947-E31F-41A3-AECC-CFF858F12E7A}] => (Allow) C:

    \Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
    FirewallRules: [{6EA969DB-151C-4B5A-8F12-54C36D17BD92}] => (Allow) C:

    \program files (x86)\orbitdownloader\orbitnet.exe
    FirewallRules: [{D74B4813-A44E-4311-8C9B-5206E83B7DE8}] => (Allow) C:

    \program files (x86)\orbitdownloader\orbitnet.exe
    FirewallRules: [{79B1677B-2387-4407-B298-244C839E5DFD}] => (Block) C:

    \program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [{D86D8947-CF55-4073-9A70-4FE2040456B0}] => (Block) C:

    \program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [{53A1DC86-4423-4BDC-B2B6-E07A283A8B82}] => (Block) C:

    \program files\winpcap\rpcapd.exe
    FirewallRules: [{861C1BAD-4170-447A-BEDE-222D1D24A521}] => (Block) C:

    \program files\winpcap\rpcapd.exe
    FirewallRules: [{05EAD675-3D16-46C6-ADEE-CF7736E347E0}] => (Allow) C:

    \program files (x86)\retroshare\retroshare.exe
    FirewallRules: [{475EE96B-CF55-4C4A-B1B5-484E8DAD76DC}] => (Allow) C:

    \program files (x86)\retroshare\retroshare.exe
    FirewallRules: [{E5FC3CCD-5E80-47F8-9E5C-8C3FE06E5AF4}] => (Allow) C:

    \Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
    FirewallRules: [{25326382-B078-44B3-99D6-32AF6B64D7B8}] => (Allow) C:

    \Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
    FirewallRules: [{DD41BA1C-F4C0-4D3F-A1F2-47325291FAAF}] => (Allow) C:

    \Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{88A0E187-A561-4A43-BAAA-90774A5D34FB}] => (Allow) C:

    \Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{CC1A20F9-4140-47E5-8ED8-3FD3C4377C01}] => (Allow) C:

    \program files\calibre2\calibre.exe
    FirewallRules: [{8855FC3A-DE1B-4AD7-9092-3706726D058D}] => (Block) C:

    \program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [{CC200D3D-7DF2-4630-AD9D-CACE02E515EE}] => (Block) C:

    \program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [{043113BB-F18D-4E10-A86B-7F9E18EC606C}] => (Allow) C:

    \Program Files (x86)\Common Files\Apple\Apple Application Support

    \WebKit2WebProcess.exe
    FirewallRules: [{79494C24-BEF5-4B2C-9A00-51C6ACF5C3AB}] => (Allow) C:

    \Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{04D2DBF4-9CBF-4BE9-8FB6-60B2BB2FACCB}] => (Allow)

    LPort=1900
    FirewallRules: [{379560EA-B5E7-4DCE-9706-6C41845FE2BF}] => (Allow)

    LPort=2869
    FirewallRules: [{C1EDAB7B-D8A1-4C3A-924A-80EA416019C0}] => (Allow) C:

    \Program Files (x86)\Windows Live\Mesh\MOE.exe
    FirewallRules: [{2864F066-486E-4DD3-A5D9-81BFE7C334E8}] => (Allow) C:

    \Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{E8FEC331-11C1-4558-A5E8-EFEE82AE4901}] => (Allow) C:

    \program files (x86)\asebastudio\asebachallenge.exe
    FirewallRules: [{B6D6FB8E-FA00-493F-9712-B3841748F08D}] => (Allow) C:

    \program files (x86)\asebastudio\asebachallenge.exe
    FirewallRules: [{D9A4694B-1CDF-4CDE-A40B-EAE82EBE77AB}] => (Allow) C:

    \program files (x86)\deluge\deluged-debug.exe
    FirewallRules: [{925D4CD9-1783-4A96-A5D3-A1D68FC7A169}] => (Allow) C:

    \program files (x86)\deluge\deluged-debug.exe
    FirewallRules: [{5BE43F81-BA73-411D-A6C6-8F253162F44B}] => (Allow) C:

    \program files (x86)\deluge\deluge-web-debug.exe
    FirewallRules: [{8E0853B1-C1C0-481C-BEC7-02D8838D5E22}] => (Allow) C:

    \program files (x86)\deluge\deluge-web-debug.exe
    FirewallRules: [{C3AD196B-AD25-4E7A-A7B8-3801F00305B2}] => (Allow) C:

    \Users\pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{78EFD4DE-534D-4D47-99FC-2DD522AD769C}] => (Allow) C:

    \Users\pom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{D6021C09-BF44-4CB4-95C9-A31B9526FBD6}] => (Block) C:

    \program files\urbanterror\iourbanterror.exe
    FirewallRules: [{56FD09A4-C3A3-437F-BA14-EFC20643B266}] => (Block) C:

    \program files\urbanterror\iourbanterror.exe
    FirewallRules: [{28F6DE31-44CB-46BF-9814-A0C416937BE4}] => (Allow)

    LPort=5353
    FirewallRules: [{9F0670E0-C201-41A0-B938-0A5C52674DFB}] => (Allow)

    LPort=8182
    FirewallRules: [{C3A3057E-E46D-49ED-A136-8658409A561D}] => (Allow) C:

    \program files\java\jre7\bin\javaw.exe
    FirewallRules: [{6DD4F97E-8802-49E3-AA24-BBC682B66FA2}] => (Allow) C:

    \program files\java\jre7\bin\javaw.exe
    FirewallRules: [{F91D0710-3D15-42FB-A5F6-11B6F18B6EDD}] => (Allow) C:\users

    \pom\kag\kag.exe
    FirewallRules: [{1300708D-1356-4863-BBCC-8BA9E5DE56B7}] => (Allow) C:\users

    \pom\kag\kag.exe
    FirewallRules: [{44104ECB-580B-4392-894B-19DCAFC734AD}] => (Allow)

    LPort=48113
    FirewallRules: [{91CF2A0A-D41B-4BC4-885A-0C2BB47913BC}] => (Allow)

    LPort=48114
    FirewallRules: [{87560971-6138-45B6-8AA7-6DE5A56EAD76}] => (Allow) C:

    \program files (x86)\participatory culture foundation\miro\miro_downloader.exe
    FirewallRules: [{A9C8EB0F-F2EE-4836-B1DD-5839DDE2721E}] => (Allow) C:

    \program files (x86)\participatory culture foundation\miro\miro_downloader.exe
    FirewallRules: [{423FAC1F-3D92-4026-B2B0-D57BDE5712E7}] => (Allow) C:

    \program files (x86)\mnemosyne\mnemosyne-webserver.exe
    FirewallRules: [{6943EB71-04C3-4627-9040-C112D55BC68C}] => (Allow) C:

    \program files (x86)\mnemosyne\mnemosyne-webserver.exe
    FirewallRules: [{146E020F-3B04-4268-8E59-FF4591F7EAA3}] => (Allow) C:

    \Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
    FirewallRules: [{29CD363D-5600-4A02-9E94-C657997F0F6D}] => (Allow) C:

    \Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
    FirewallRules: [{1E0337AB-AC9F-4512-B414-1893D59060AC}] => (Block) C:

    \program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [{17DB035A-3C93-4F45-ABEC-E039F4859248}] => (Block) C:

    \program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [{2E787C8F-ED1E-41A4-82C8-FE29B073FD96}] => (Block) C:

    \program files\winpcap\rpcapd.exe
    FirewallRules: [{F9B5D926-BD10-477F-8385-AAC57D9DA41B}] => (Block) C:

    \program files\winpcap\rpcapd.exe
    FirewallRules: [{2B790A4A-1689-4F2B-BF78-53ED610101B5}] => (Allow) C:

    \program files (x86)\retroshare\retroshare.exe
    FirewallRules: [{4E0C51C6-64C0-4110-8414-08BB767329B3}] => (Allow) C:

    \program files (x86)\retroshare\retroshare.exe
    FirewallRules: [{BCFF81D7-B652-44E6-9858-7FD8D8E1C3D8}] => (Allow) C:

    \Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{EF715C55-D8BA-4AAA-8050-6EDAD548664D}] => (Allow) C:

    \Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{00659B8B-5EBE-4D89-AF87-261AC1F9B7F4}] => (Allow) C:

    \program files\calibre2\calibre.exe
    FirewallRules: [{1EB7BBB8-F091-4B2F-B9C4-99E8BDD7E381}] => (Block) C:

    \program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [{0AF73DB1-7D0D-4471-B344-B0977FD0A30D}] => (Block) C:

    \program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [{E1D6982E-6E45-4143-8642-1C97AC862B99}] => (Allow) C:

    \Program Files\ma-config.com\MaConfigAgent.exe
    FirewallRules: [{FC1942C4-1393-4E73-B4CA-E5AD1032A0F3}] => (Allow) C:

    \Program Files\ma-config.com\MaConfigAgent.exe
    FirewallRules: [{FE3DD8BB-DC28-48F1-8FC2-5546BCD86EBA}] => (Allow) C:

    \Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    FirewallRules: [{5EDF65EC-D83B-448C-90DB-F82B9B530FB9}] => (Allow) C:

    \Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    FirewallRules: [{AFB6CBFE-2B41-4AF4-9DAF-1FEE587D396F}] => (Allow) C:

    \Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    FirewallRules: [{AFD6199F-280A-48C2-AF2C-F60BD190F8DE}] => (Allow) C:

    \Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    FirewallRules: [TCP Query User{B2AD2A5C-5DDE-4386-98D4-A7B0E81FB508}C:

    \program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java

    \jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{A0E76551-8432-4146-AF7E-2D47A8B8F98A}C:

    \program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java

    \jre7\bin\javaw.exe
    FirewallRules: [{7727DB54-594F-4886-875C-9A7AAB436AE0}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
    FirewallRules: [{944959BB-1889-4620-A38A-613AC87350A2}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
    FirewallRules: [{1379C0CE-7A5D-4234-96E5-B37357A08F02}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    FirewallRules: [{46FFCCF1-869D-4CE1-9B23-264E959BEEA9}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    FirewallRules: [{247852C9-1ABB-4E0E-99F9-9D440F794C2D}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
    FirewallRules: [{8A4325D1-3916-43A2-94A7-7272CD04DAD5}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
    FirewallRules: [{67AE59A3-51A5-42B5-90CC-68AA99B612B9}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    FirewallRules: [{F17D6C7E-F0C7-417B-9DC2-989615C6747F}] => (Allow) C:

    \Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    FirewallRules: [{9910B06A-7E36-4F07-B2AF-040803EF4E06}] => (Allow) C:

    \Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{A4166761-A563-493A-83FD-93970EC8F28D}] => (Allow) C:

    \Program Files\Andy\Andy.exe
    FirewallRules: [{BF10BCD0-F7DE-4585-ACE1-767CC56B901F}] => (Allow) C:

    \Program Files\Andy\Andy.exe
    FirewallRules: [{0548A974-8E34-4B58-8731-4802378FBB0D}] => (Allow) C:

    \Program Files\Andy\HandyAndy.exe
    FirewallRules: [{6D82048D-AE7D-4942-8E88-8BE0D6E81F07}] => (Allow) C:

    \Program Files\Andy\HandyAndy.exe
    FirewallRules: [{35F8F8BB-4629-4B40-A264-A20AB6E3D941}] => (Allow) C:

    \Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{BB19D4A3-62A7-422F-B926-F30CDA9612B2}] => (Allow) C:

    \Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{EF91A272-913F-455C-8758-6C6D456B2000}] => (Allow) C:

    \Program Files\Andy\Setup.exe
    FirewallRules: [{544918C1-5D07-4E45-8A9A-ACDA9892B606}] => (Allow) C:

    \Program Files\Andy\Setup.exe
    FirewallRules: [{C080C4DC-5F27-4F6A-8142-8FE4CD249393}] => (Allow) C:

    \Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{F6D5D4F7-B1CD-4928-921E-37FB9D510F12}] => (Allow) C:

    \Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{B3626FB2-DD9D-4BEE-B899-378B9C9424F6}C:

    \program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:

    \program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [UDP Query User{33D3FF87-F0C0-4723-8717-E47D249D8484}C:

    \program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:

    \program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [TCP Query User{1257290A-9F98-452B-8F2D-F944DD5EB1F8}C:

    \program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:

    \program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [UDP Query User{82F8B1F1-E1F6-4706-A2D5-87190A895F24}C:

    \program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:

    \program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [TCP Query User{99B2B64C-00BB-4400-AE12-4D6937055A98}C:

    \program files (x86)\java\jre1.8.0_74\bin\javaw.exe] => (Block) C:\program files

    (x86)\java\jre1.8.0_74\bin\javaw.exe
    FirewallRules: [UDP Query User{195E9D87-6FE5-4F58-BA90-51C0337322FB}C:

    \program files (x86)\java\jre1.8.0_74\bin\javaw.exe] => (Block) C:\program files

    (x86)\java\jre1.8.0_74\bin\javaw.exe
    FirewallRules: [{0160A57F-EEEB-42DA-AC17-FD12EBE497AE}] => (Allow) C:

    \Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{3D5DEA20-D31E-42AB-A307-6B4141B7D50A}] => (Allow) C:

    \Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{6356E43C-5C49-41CA-A25D-8C67D46D5ACC}] => (Allow) C:

    \Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{D297ABB1-00FD-4631-8481-FBA8067ED0A7}] => (Allow) C:

    \Program Files (x86)\Sokoban pour Windows\sokoban.exe
    FirewallRules: [{B7A3C54E-B5E4-40E7-9019-BB062D209F69}] => (Allow) C:

    \Program Files (x86)\Sokoban pour Windows\sokoban.exe
    FirewallRules: [{3C0C04E7-89E9-4F75-AF7A-D6EBEDB1CDEA}] => (Allow) C:

    \Program Files\Andy\Andy.exe
    FirewallRules: [{923A7659-5C0D-4558-8541-9FE0135E4D38}] => (Allow) C:

    \Program Files\Andy\Setup.exe
    FirewallRules: [{EA559D47-F320-4B8F-94BF-1A0717B30AE1}] => (Allow) C:

    \Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{0DD0AF59-1597-48CE-9758-1364D7F303B4}] => (Allow)

    LPort=1900
    FirewallRules: [{C4231114-DE59-4D64-8ADA-51F99DE0FAB4}] => (Allow)

    LPort=2869
    FirewallRules: [{BFFB9AB1-2CA8-4330-B187-E5A65F395117}] => (Allow) C:

    \Program Files (x86)\Windows Live\Mesh\MOE.exe
    FirewallRules: [{D36980D3-85F5-4137-B87B-04AD3C43D898}] => (Allow) C:

    \Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

    ==================== Points de restauration =========================

    27-05-2016 14:51:39 Removed 7-Zip 9.20 (x64 edition)
    27-05-2016 15:30:47 Removed Bonjour
    27-05-2016 15:33:08 Removed Apple Application Support (32 bits)
    27-05-2016 15:35:10 Removed Apple Application Support (64 bits)
    27-05-2016 15:36:46 Removed Apple Software Update
    27-05-2016 15:37:55 Removed Apple Mobile Device Support
    28-05-2016 03:00:33 Windows Update
    29-05-2016 03:00:17 Windows Update

    ==================== Éléments en erreur du Gestionnaire de périphériques

    =============


    ==================== Erreurs du Journal des événements:

    =========================

    Erreurs Application:
    ==================
    Error: (05/27/2016 03:29:32 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.19135,

    horodatage : 0x56a1bbe2
    Nom du module défaillant : msi.dll, version : 5.0.7601.18896, horodatage : 0x557f4749
    Code d’exception : 0xc0000005
    Décalage d’erreur : 0x00000000001f1132
    ID du processus défaillant : 0x%9
    Heure de début de l’application défaillante : 0xExplorer.EXE0
    Chemin d’accès de l’application défaillante : Explorer.EXE1
    Chemin d’accès du module défaillant: Explorer.EXE2
    ID de rapport : Explorer.EXE3

    Error: (05/27/2016 03:29:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: Explorer.EXE
    Framework Version: v4.0.30319
    Description: The

    process was terminated due to an unhandled exception.
    Exception Info: exception code

    c0000005, exception address 000007FEF9CB1132

    Error: (05/27/2016 03:13:31 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.19135,

    horodatage : 0x56a1bbe2
    Nom du module défaillant : msi.dll, version : 5.0.7601.18896, horodatage : 0x557f4749
    Code d’exception : 0xc0000005
    Décalage d’erreur : 0x00000000001f1132
    ID du processus défaillant : 0x%9
    Heure de début de l’application défaillante : 0xExplorer.EXE0
    Chemin d’accès de l’application défaillante : Explorer.EXE1
    Chemin d’accès du module défaillant: Explorer.EXE2
    ID de rapport : Explorer.EXE3

    Error: (05/27/2016 03:13:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: Explorer.EXE
    Framework Version: v4.0.30319
    Description: The

    process was terminated due to an unhandled exception.
    Exception Info: exception code

    c0000005, exception address 000007FEF9D51132

    Error: (05/27/2016 03:53:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3120

    Error: (05/27/2016 03:53:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 3120

    Error: (05/27/2016 03:53:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (05/27/2016 03:53:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 2060

    Error: (05/27/2016 03:53:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 2060

    Error: (05/27/2016 03:53:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    Erreurs système:
    =============
    Error: (05/29/2016 10:21:55 AM) (Source: iaStor) (EventID: 9) (User: )
    Description: Le périphérique \Device\Ide\iaStor0 n'a pas répondu dans le délai imparti.

    Error: (05/29/2016 10:13:47 AM) (Source: Service Control Manager) (EventID: 7026)

    (User: )
    Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger :
    UimBus
    Uim_IM
    Uim_VIM

    Error: (05/29/2016 10:13:37 AM) (Source: Service Control Manager) (EventID: 7011)

    (User: )
    Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de

    la réponse transactionnelle du service Dnscache.

    Error: (05/29/2016 10:13:03 AM) (Source: Service Control Manager) (EventID: 7000)

    (User: )
    Description: Le service FontCache n’a pas pu démarrer en raison de l’erreur :
    %%1083

    Error: (05/29/2016 10:11:13 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Error: (05/29/2016 09:21:50 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

    Error: (05/29/2016 09:21:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient)

    (EventID: 20) (User: AUTORITE NT)
    Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec

    l’erreur 0x8007371b : Mise à jour de sécurité pour Windows 7 pour ordinateurs à

    processeur x64 (KB2862330).

    Error: (05/29/2016 03:02:13 AM) (Source: Service Control Manager) (EventID: 7011)

    (User: )
    Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de

    la réponse transactionnelle du service Dnscache.

    Error: (05/29/2016 03:01:43 AM) (Source: Service Control Manager) (EventID: 7011)

    (User: )
    Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de

    la réponse transactionnelle du service Dnscache.

    Error: (05/29/2016 03:01:13 AM) (Source: Service Control Manager) (EventID: 7011)

    (User: )
    Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de

    la réponse transactionnelle du service LanmanWorkstation.


    ==================== Infos Mémoire ===========================

    Processeur: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
    Pourcentage de mémoire utilisée: 39%
    Mémoire physique - RAM - totale: 5996.54 MB
    Mémoire physique - RAM - disponible: 3618.3 MB
    Mémoire virtuelle totale: 11991.28 MB
    Mémoire virtuelle disponible: 9752 MB

    ==================== Lecteurs ================================

    Drive c: (OS) (Fixed) (Total:254.37 GB) (Free:18.67 GB) NTFS ==>[lecteur avec

    composants d'amorçage (obtenu depuis BCD)]
    Drive d: (DATA) (Fixed) (Total:316.8 GB) (Free:5.71 GB) NTFS

    ==================== MBR & Table des partitions ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: EF24B474)
    Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
    Partition 2: (Active) - (Size=254.4 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=316.8 GB) - (Type=OF Extended)

    ==================== Fin de Addition.txt ============================

  4. #4

    Re: WU Thread 20012 - For BrianDrab

    SALog.txt :

    Result of Security Analysis by Rocket Grannie (x86) Updated: 28th May 2016
    Running from:C:\Users\pom\Desktop (10:49:16 - 05/29/2016)
    ***---------------------------------------------------------***
    Microsoft Windows 7 Édition Familiale Premium X64 Service Pack 1
    UAC is Enabled!
    Internet Explorer 9.0.8112.16421 *Internet Explorer is out of Date*
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    ***-----------------Anti-Virus - Firewall-------------------***
    avast! Antivirus (Enabled - Up to Date)
    Windows Firewall is Enabled!
    Searching for any other Firewall
    *No other Firewall Installed*
    ***----------------AntiSpyware - Miscellaneous---------------***
    Adobe Flash Player Plugin (version 21.0.0.242)
    Java is not installed
    Adobe Flash Player ActiveX (version 21.0.0.242)
    CCleaner -- An older version than (5.18) is installed.
    Google Chrome (version 50)
    Microsoft Silverlight (version 5)
    Mozilla Firefox (version 46)
    CCleaner (version 3.24) is *out of Date*

    ***----------------Analysis Complete-------------------------***

    checkup.txt :

    Results of screen317's Security Check version 1.014 --- 12/23/15
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    avast! Antivirus
    Antivirus out of date!
    `````````Anti-malware/Other Utilities Check:`````````
    Java 8 Update 91
    Java version 32-bit out of Date!
    Adobe Flash Player 21.0.0.242
    Mozilla Firefox (46.0.1)
    Google Chrome (50.0.2661.102)
    Google Chrome (50.0.2661.94)
    Google Chrome (SetupMetrics.pma..)
    ````````Process Check: objlist.exe by Laurent````````
    AVAST Software Avast AvastSvc.exe
    AVAST Software Avast ng vbox\AvastVBoxSVC.exe
    AVAST Software Avast avastui.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: =
    ````````````````````End of Log``````````````````````

  5. #5
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    17,448

    Re: WU Thread 20012 - For BrianDrab

    Thanks for posting. Please read the following info and if agreeable continue with next steps.



    - General Instructions -

    • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
    • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
    • Any fixes provided by myself are for this log file only and should not be used on any other systems.
    • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
    • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
    • It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
    • You have 4 days to reply to each post or the topic will be closed.
    • Please feel free to ask any questions, especially if you are having problems with my instructions.


    - Save ALL Tools to your Desktop-
    All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

    Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
    Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the
    "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
    Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
    and the click the "Select Folder" button. Click OK to get out of the Options menu.
    Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and
    select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
    NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

    - Finally Before We Start-

    Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.


    Step#1- FRST Fix
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    1. Download attached file and save it to the Desktop.
    Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
    2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
    3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

    Step#2 - Fresh Set of Logs

    1. Right click on FRST64.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
    2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
    3. Press Scan button.
    4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
    5. Please attach the log to your next reply. Don't copy and paste the content as was done previously. For some reason it didn't format well.
    6. Because you selected the Addition.txt check box this log will be created as well. Please attach this log as well.


    Items for your next post
    1. Fixlog.txt
    2. Addition.txt
    Attached Files Attached Files
    stephan says thanks for this.

  6. #6

    Re: WU Thread 20012 - For BrianDrab

    Hello Brian,

    Thanks for your quick reply.
    I attached to this post Fixlog.txt FRST.txt and Addition.txt.

    Regards

    Stephan

    Résultats de correction de Farbar Recovery Scan Tool (x64) Version:29-05-2016
    Exécuté par pom (2016-05-31 12:19:20) Run:1
    Exécuté depuis C:\Users\pom\Desktop
    Profils chargés: pom & lil (Profils disponibles: pom & lil & pom1 & DefaultAppPool)
    Mode d'amorçage: Normal
    ==============================================

    fixlist contenu:
    *****************
    CreateRestorePoint:
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run:[VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe /repair
    RemoveProxy:
    EmptyTemp:
    *****************

    Le Point de restauration a été créé avec succès.
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\S-1-5-21-1363170374-948335828-1288231404-1000\...\Run:[VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe /repair => valeur non trouvé(e).

    ========= RemoveProxy: =========

    HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => valeur supprimé(es) avec succès
    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valeur supprimé(es) avec succès
    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valeur supprimé(es) avec succès
    HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valeur supprimé(es) avec succès
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => valeur supprimé(es) avec succès
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valeur supprimé(es) avec succès
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valeur supprimé(es) avec succès
    HKU\S-1-5-21-1363170374-948335828-1288231404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valeur supprimé(es) avec succès
    HKU\S-1-5-21-1363170374-948335828-1288231404-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valeur supprimé(es) avec succès
    HKU\S-1-5-21-1363170374-948335828-1288231404-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valeur supprimé(es) avec succès


    ========= Fin de RemoveProxy: =========

    EmptyTemp: => 2.5 GB données temporaires supprimées.


    Le système a dû redémarrer.

    ==== Fin de Fixlog 12:28:31 ====
    Attached Files Attached Files

  7. #7
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    17,448

    Re: WU Thread 20012 - For BrianDrab

    It was much easier to read, thank you.

    Step#1- Warnings
    Registry cleaners
    I see you are using a “Registry Cleaner”, Free Window Registry Repair. It's not a good idea to use registry cleaners/boosters.
    The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid and erroneous entries does not affect system performance but it can result in "unpredictable results". Unless you have a particular problem that requires a registry edit to correct it, (and you are expert in the registry), I would suggest you leave the registry alone. I also see that you use CCleaner which is a good tool but caution the use of the registry cleaning part for the same reasons.

    Further Information
    miekiemoes' Blog: Registry Cleaners and System Tweaking Tools
    Answers to common security questions - Best Practices - Anti-Virus, Anti-Malware, and Privacy Software

    Low Disk Space

    Two of your drives (C & D) are low on space. They have between 1 and 7 percent free disk space. This can adversely affect the performance of your computer. It's recommended to have at least 15% free disk space so that tools such as the automated defragger can keep your drive optimized.


    Step#2- FRST Fix
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    1. Download attached file and save it to the Desktop.
    Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
    2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
    3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.
    Attached Files Attached Files

  8. #8

    Re: WU Thread 20012 - For BrianDrab

    Hi Brian,

    I uninstalled Free Window Registry Repair and I have made room on drives C et D, almost 15%.

    This the last Fixlog.txt file :

    Résultats de correction de Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
    Exécuté par pom (2016-06-01 14:14:32) Run:2
    Exécuté depuis C:\Users\pom\Desktop
    Profils chargés: pom (Profils disponibles: pom & lil & pom1 & DefaultAppPool)
    Mode d'amorçage: Normal
    ==============================================

    fixlist contenu:
    *****************
    CreateRestorePoint:
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    BHO: Complitly -> {0FB6A909-6086-458F-BD92-1F8EE10042A0} -> C:\Users\pom\AppData\Roaming\Complitly\64\Complitly64.dll => Pas de fichier
    C:\Users\pom\AppData\Roaming\Complitly
    CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx <non trouvé(e)>
    CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx <non trouvé(e)>
    cmd: bitsadmin /reset /allusers
    EmptyTemp:
    *****************

    Le Point de restauration a été créé avec succès.
    "HKLM\SOFTWARE\Policies\Google" => clé supprimé(es) avec succès
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}" => clé supprimé(es) avec succès
    "HKCR\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}" => clé supprimé(es) avec succès
    "C:\Users\pom\AppData\Roaming\Complitly" => non trouvé(e).
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb" => clé supprimé(es) avec succès
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda" => clé supprimé(es) avec succès

    ========= bitsadmin /reset /allusers =========


    BITSADMIN version 3.0 [ 7.5.7601 ]
    BITS administration utility.
    (C) Copyright 2000-2006 Microsoft Corp.

    BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
    Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

    0 out of 0 jobs canceled.

    ========= Fin de CMD: =========

    EmptyTemp: => 208.3 MB données temporaires supprimées.


    Le système a dû redémarrer.

    ==== Fin de Fixlog 14:17:24 ====


    Enjoy your day

    Stephan

  9. #9
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    17,448

    Re: WU Thread 20012 - For BrianDrab

    Thanks. Can you let me know if the following two issues you reported are still happening?

    With chrome I can't access a lot of web pages : it tells me "proxy error" and I can't access "change the proxy settings"
    With Firefox all fine, except when I don't charge a web page for a couple of minutes after it takes time to access one
    Then please do the following.


    Step#1 - AdWCleaner
    1. Please download AdwCleaner by Xplode onto your desktop.
    2. Close all open programs and internet browsers.
    3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool. Click I agree if you agree with the terms of use.
    4. Click on Scan.
    5. After the scan is complete, if you get a message that states "AdwCleaner found no malicious program on your computer!" then you can click OK and then click the Logfile button. Notepad will open with some information. Copy/Paste this into your next reply. No need to continue with the rest of the steps for AdwCleaner.
    6. If you don't get that message then click on "Clean"
    7. Confirm each time with Ok.
    8. Your computer will be rebooted automatically. A text file will open after the restart.
    9. Please post the content of that logfile with your next answer.
    10. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[C1].txt as well.


    Step#2 - JRT by Malwarebytes
    1. Download Junkware Removal Tool to your desktop.
    2. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    3. The tool will open. Press any key at the Disclaimer screen and the program will create a restore point and then start scanning your system.
    4. Please be patient as this can take a while to complete depending on your system's specifications.
    5. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    6. Close the text file and reboot your machine.
    7. Post the contents of JRT.txt into your next message.


    Items for your next post
    1. Adwcleaner log
    2. JRT log

  10. #10

    Re: WU Thread 20012 - For BrianDrab

    Hi Brian,

    Chrome: I can charge any web pages, no more proxy error , thank you :-)
    I still can't access "change the proxy settings" but I don't have to use so it's ok.

    FF or Chrome still take a long time to access a web page if I do not use the internet a number of minutes before.

    Regards

    Stephan


    # AdwCleaner v5.119 - Rapport créé le 01/06/2016 à 20:34:20
    # Mis à jour le 30/05/2016 par Xplode
    # Base de données : 2016-05-30.3 [Serveur]
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (X64)
    # Nom d'utilisateur : pom - ASUS
    # Exécuté depuis : C:\Users\pom\Desktop\adwcleaner_5.119.exe
    # Option : Nettoyer
    # Support : ToolsLib - Forum: Ask for help or share your experience.

    ***** [ Services ] *****


    ***** [ Dossiers ] *****

    [-] Dossier supprimé : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
    [-] Dossier supprimé : C:\Users\pom\AppData\Local\YSearchUtil
    [-] Dossier supprimé : C:\Users\pom\AppData\Roaming\GrabPro
    [-] Dossier supprimé : C:\Users\pom\AppData\Roaming\ProgSense
    [-] Dossier supprimé : C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc
    [-] Dossier supprimé : C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Extensions\baohinapilmkigilbbbcccncoljkdpnd
    [-] Dossier supprimé : C:\Users\lil\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
    [-] Dossier supprimé : C:\Users\pom\AppData\Local\VirtualStore\Program Files (x86)\orbitdownloader
    [-] Dossier supprimé : C:\Users\pom\AppData\Local\CrashRpt

    ***** [ Fichiers ] *****

    [-] Fichier supprimé : C:\Users\pom\AppData\Roaming\Bubble Dock.boostrap.log
    [-] Fichier supprimé : C:\Users\pom\AppData\Roaming\Bubble Dock.installation.log
    [-] Fichier supprimé : C:\Windows\SysNative\roboot64.exe

    ***** [ DLLs ] *****


    ***** [ WMI ] *****


    ***** [ Raccourcis ] *****


    ***** [ Tâches planifiées ] *****

    [-] Tâche supprimée : Desk 365 RunAsStdUser

    ***** [ Registre ] *****

    [-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    [-] Clé supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
    [-] Clé supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\Prod.cap
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    [-] Clé supprimée : HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
    [-] Clé supprimée : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
    [-] Clé supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
    [-] Valeur supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
    [-] Valeur supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
    [-] Valeur supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
    [-] Clé supprimée : HKCU\Software\cacaoweb
    [-] Clé supprimée : HKCU\Software\ProgSense
    [-] Clé supprimée : HKCU\Software\Link64
    [-] Clé supprimée : HKLM\SOFTWARE\hdcode
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\11668D9C06DD0A64689920C3E9AA8BF6
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5BB8B2DE8E6BEBB47BBC322B82D20DF9
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\SearchSettings
    [-] Clé supprimée : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\VideoDownloaderUltimate
    [-] Clé supprimée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\eSafeSvc

    ***** [ Navigateurs ] *****

    [-] [C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\prefs.js] supprimée : user_pref("browser.pocket.settings.tags", "["webinfotools","libre","licences","protectionnisme","réseaux sociaux","energy","econ","vulgarisation","newecon","devperso","science",\[...]
    [-] [C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\prefs.js] supprimée : user_pref("de.soerenrinne.googlebuttons.wholeshebang", "3D Warehouse,Accounts,Ad Manager,Ad Planner,Adsense,Adwords,Analytics,Android Developers,Android Market,Android Market Developer Console,App Eng[...]
    [-] [C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\prefs.js] supprimée : user_pref("extensions.pocket.settings.tags", "["webinfotools","libre","licences","protectionnisme","réseaux sociaux","energy","econ","vulgarisation","newecon","devperso","science\[...]
    [-] [C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] supprimé : yahoo.com
    [-] [C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] supprimé : ask.com
    [-] [C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] supprimé : baohinapilmkigilbbbcccncoljkdpnd
    [-] [C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] supprimé : chklaanhfefbnpoihckbnefhakgolnmc
    [-] [C:\Users\pom\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] supprimé : npdicihegicnhaangkdmcgbjceoemeoo
    [-] [C:\Users\lil\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] supprimé : jbolfgndggfhhpbnkgnpjkfhinclbigj
    [-] [C:\Users\lil\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] supprimé : npdicihegicnhaangkdmcgbjceoemeoo

    *************************

    :: Clés "Tracing" supprimées
    :: Paramètres Winsock réinitialisés

    *************************

    C:\AdwCleaner\AdwCleaner[C1].txt - [10321 octets] - [01/06/2016 20:34:20]
    C:\AdwCleaner\AdwCleaner[R0].txt - [9103 octets] - [09/09/2013 23:55:57]
    C:\AdwCleaner\AdwCleaner[R1].txt - [1158 octets] - [10/09/2013 00:13:57]
    C:\AdwCleaner\AdwCleaner[R2].txt - [1315 octets] - [14/09/2013 22:52:20]
    C:\AdwCleaner\AdwCleaner[R3].txt - [6329 octets] - [23/10/2013 13:32:14]
    C:\AdwCleaner\AdwCleaner[R4].txt - [1709 octets] - [15/11/2013 18:17:35]
    C:\AdwCleaner\AdwCleaner[R5].txt - [2871 octets] - [10/01/2014 18:28:06]
    C:\AdwCleaner\AdwCleaner[S0].txt - [9179 octets] - [10/09/2013 00:06:07]
    C:\AdwCleaner\AdwCleaner[S1].txt - [17029 octets] - [23/10/2013 13:35:55]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [10989 octets] ##########


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.6 (04.25.2016)
    Operating System: Windows 7 Home Premium x64
    Ran by pom (Administrator) on 01/06/2016 at 20:51:28,60
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 67

    Successfully deleted: C:\ProgramData\Start Menu\Programs\free window registry repair (Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{06EEEE8F-CD9A-4B1C-837D-2E3933858ADB} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{0928BF14-81AF-4BC9-8BBC-681C4A35176E} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{0F208664-98A0-4A58-B479-78E1F8FC62DC} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{0F34703C-8BDE-47F4-A8A0-C1C532286DC1} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{102DF2FC-D9CA-4B10-A46F-64757B87E6B9} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{15479438-174F-4C3F-8628-97D0944690CE} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{1598A499-D695-4E4C-9E87-B32C3ECB1423} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{16D77D3C-C115-4864-A640-8D343B209AA3} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{1904A5A1-139D-49A5-BC94-F6034676E510} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{1D379F04-DD16-4D03-845D-5EC685556D65} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{1E40290A-81D3-41D7-A6A0-268E5DEA4071} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{28A3197C-8464-4493-B832-B5140F152AB2} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{3C0FBD25-940F-4964-9233-D40AA4BEAFB7} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{3E862DC9-1602-429F-8AD7-8F7365E87113} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{46F67A14-095E-4B1C-B587-132572857015} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{48A5E9AE-4874-4DAC-B984-F64E144BDCE7} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{48FA95EF-CE9C-4651-86DB-2B94E79C2B27} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{4EF2E150-6E6A-4546-A9A2-E59AFC2AC423} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{5121B430-02E5-4CF8-BC75-8702B0F4F27C} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{51E62C2F-AD68-4246-A0B2-AC50E852665B} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{52CC5EC8-9952-4D79-984F-25CA1C9F615E} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{5A8E314C-50FE-411C-A7B7-50FA6A5065C9} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{604D390A-284D-4B26-9178-D404C51F06FC} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{647003D4-09D2-4742-B2C0-E9A0F7E192AA} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{68DA6DF0-CF32-4D54-819E-983D0D2BCF3B} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{6B299A9A-A3E4-4F49-A790-4E57A241E807} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{6C3443DD-9789-4891-99E8-1FE3A04CC604} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{7AF3CD55-CD77-4D7E-A0C3-9828B385F33A} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{8218410A-1B64-43BE-99A3-510CC6E6C0ED} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{88805755-C98C-42E6-88E7-17BEAB0E5E9D} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{8C40377F-2318-4298-8FC4-8979A18B2493} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{8E3B07A8-06B6-4776-BE85-21E86B3D4975} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{9271DEDB-FCE4-4566-AEA7-966BF6501B78} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{92EF7C3E-4ADF-480E-ACBB-93FFCA788DBA} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{9EA85063-1693-48A3-B5CC-F7A362AFD35D} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{A51901D4-E420-49B7-BD3D-A3DC5285D196} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{B0FBFFA2-0333-4AA9-84D3-0605CFD83D9F} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{B303E346-085C-4227-8511-510600C1A965} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{B38526D6-B3C1-4967-AE5C-965A6071C10A} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{B72A8E73-8CD8-4582-8860-1E186929AFD0} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{B72F0889-AE6E-4793-AEBC-A1F33CD6E449} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{C26C55F5-FC3B-4855-9BB8-C02BE2D74A3F} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{CB4FF3C6-9D8B-4A47-8308-4CDF58A52869} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{D79D9270-C0F5-44DF-8541-A82542370CEE} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{DC900871-33F4-4B5A-A128-1FCFD0B1EF0E} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{DE4321A1-5C43-47AF-B93C-A4601800D40E} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{E29416C0-3967-474C-91A2-4597739B596D} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{E9BF2BE7-186D-4FAD-98FE-B3AA52493591} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{EC890B62-6417-48EF-96A7-D70CA77BC172} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{F585C832-5132-4A18-A09F-1CEE6BBEDA7F} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{F878DDD3-5209-4E10-B6F8-425EA14A4BA6} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{FA357C9D-C081-4DED-808A-899A9A1F26E0} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{FA660F5A-1D9D-460F-A5F6-A6A403FC0103} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\{FE706FF8-6A9C-419E-AD10-D8ED2DF64747} (Empty Folder)
    Successfully deleted: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\searchplugins\facebook-search.xml (File)
    Successfully deleted: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\searchplugins\torrents-search.xml (File)
    Successfully deleted: C:\Users\pom\AppData\Roaming\Mozilla\Firefox\Profiles\ffedjd9k.default\searchplugins\twitter-search.xml (File)
    Successfully deleted: C:\Program Files (x86)\dll-files.com fixer (Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\70XYZZN2 (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GLX2IZR4 (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IBMH9JYP (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\pom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1KRV9J8 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\70XYZZN2 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GLX2IZR4 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IBMH9JYP (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1KRV9J8 (Temporary Internet Files Folder)



    Registry: 0





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 01/06/2016 at 21:14:15,43
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  11. #11
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    17,448

    Re: WU Thread 20012 - For BrianDrab

    Excellent. I think we are done here. Let's clean up and go back to our other topic.

    1. Clean Up!
    We need to remove all the tools that we used so that should you ever be re-infected, you will download updated versions which may have updated detection logic.
    1. Download Delfix from here.
    2. Ensure everything is checked.
    3. Click Run.
    Note: The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
    Note: Delete any other .bat, .log, .reg, .txt, and any other files created during this process, and left on the desktop and empty the Recycle Bin.
    stephan says thanks for this.

  12. #12

    Re: WU Thread 20012 - For BrianDrab

    Hi Brian,

    I just post the delfix report in the other thread : Error 80073712 80072EFD 8007371B unable to download windows update

    Stephan

Similar Threads

  1. [SOLVED] WU Thread 17707 - For BrianDrab
    By mclevin88 in forum Security Arena
    Replies: 45
    Last Post: 11-12-2015, 05:31 PM

Log in

Log in