Virus rvzr-a. akamaihd 2013-11-12T14:55:19+00:00

Dépannage Informatique : Virus rvzr-a. akamaihd

  • Auteur
    Messages
  • popoutre
    Nombre d'articles : 0

    Bonjour,

    Je suis infecté par le virus rvzr-a. akamaihd, que dois-je faire ?

  • Anonyme
    Nombre d'articles : 1400

    :hello: popoutre et :welcome:

    pour ton problème, fais ceci et poste le rapport s’il te plaît

    • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
      1. Choisis l’option Scanner
      2. Choisis l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Accepte les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC

    ensuite, fais ceci (et poste aussi le rapport) :merci2:

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur Configurer
    • Clique sur l’icône représentant une loupe avec un + (« Lancer le diagnostic »)

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    :merci2:

  • popoutre
    Nombre d'articles : 0

    Merci beaucoup !

    Voici tout d’abord le rapport Adwcleaner

    # AdwCleaner v3.012 – Rapport créé le 12/11/2013 à 16:09:03
    # Mis à jour le 11/11/2013 par Xplode
    # Système d’exploitation : Windows 8 (64 bits)
    # Nom d’utilisateur : Mégane – PC-MEGANE
    # Exécuté depuis : C:UsersMéganeDesktopadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v10.0.9200.16537

    -\ Google Chrome v30.0.1599.101

    [ Fichier : C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [11767 octets] – [12/11/2013 15:57:14]
    AdwCleaner[R1].txt – [898 octets] – [12/11/2013 16:07:14]
    AdwCleaner[S0].txt – [11401 octets] – [12/11/2013 16:00:34]
    AdwCleaner[S1].txt – [820 octets] – [12/11/2013 16:09:03]

    ########## EOF – C:AdwCleanerAdwCleaner[S1].txt – [879 octets] ##########

  • popoutre
    Nombre d'articles : 0

    voici le 2° rapport

    ~ Rapport de ZHPDiag v2013.11.11.25 – Nicolas Coolman (11/11/2013)
    ~ Lancé par Mégane (12/11/2013 16:26:14)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v10.0.9200.16721
    GCIE: Google Chrome v30.0.1599.101 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 8 Home Premium Edition, 64-bit (Build 9200)
    Windows Server License Manager Script : OK
    ~ ion : Windows(R) Operating System, OEM_DM channel
    Windows ID Activation : OK
    ~ Windows Partial Key : 66JYG
    Windows License : OK
    ~ Windows Remaining Initializations Number : 998
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Bitdefender Antivirus Plus v17.20.0.883
    Windows Defender W8

    —\ Logiciels d’optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Reader XI
    Java 7 Update 45

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 6029 MB (71% free)
    System Restore: Activé (Enable)
    System drive C: has 215 GB (77%) free of 279 GB

    —\ Mode de connexion au système
    ~ Computer Name: PC-MEGANE
    ~ User Name: Mégane
    ~ All Users Names: UpdatusUser, Mégane, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d’environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersMéganeAppDataRoamingZHP
    ~ %AppData% : C:UsersMéganeAppDataRoaming
    ~ %Desktop% : C:UsersMéganeDesktop
    ~ %Favorites% : C:UsersMéganeFavorites
    ~ %LocalAppData% : C:UsersMéganeAppDataLocal
    ~ %StartMenu% : C:UsersMéganeAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 215 Go of 279 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 398 Go of 398 Go)
    E: CD-ROM drive (Not Inserted)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    ~ Security Center: 41 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.0E8E6463F81C80AFBED533E0F1F8895D] – (.Microsoft Corporation – Explorateur Windows.) (.01/06/2013 – 12:34:21.) — C:WindowsExplorer.exe [2391280]
    [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] – (.Microsoft Corporation – Application de démarrage de Windows.) (.26/07/2012 – 04:08:50.) — C:WindowsSystem32Wininit.exe [132608]
    [MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.22/09/2013 – 23:55:10.) — C:WindowsSystem32wininet.dll [2241024]
    [MD5.BCF2036A0DD579E47C008C133550283E] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.11/10/2012 – 06:46:58.) — C:WindowsSystem32Winlogon.exe [517120]
    [MD5.9448F5740A037EC0C18F0E9177232DD0] – (.Microsoft Corporation – Bibliothèque de licences.) (.26/07/2012 – 04:07:20.) — C:WindowsSystem32sppcomapi.dll [273408]
    [MD5.36D6A3201721558A8AFBCC09C2DA4C2C] – (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) (.06/11/2012 – 04:53:44.) — C:Windowssystem32DriversAFD.sys [560640]
    [MD5.A721FF570C2387E383BDDEA9632863C9] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.26/07/2012 – 06:00:48.) — C:Windowssystem32Driversatapi.sys [25840]
    [MD5.990B1BABE6E81FB18E65A87EBEFB1772] – (.Microsoft Corporation – CD-ROM File System Driver.) (.26/07/2012 – 03:30:10.) — C:Windowssystem32DriversCdfs.sys [108544]
    [MD5.339BFF85D788268752DA8C9644B188EE] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.26/07/2012 – 03:26:36.) — C:Windowssystem32DriversCdrom.sys [174080]
    [MD5.09D9EB9E7898F8E6561473A20CC808B9] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.26/07/2012 – 03:26:53.) — C:Windowssystem32DriversDfsC.sys [118784]
    [MD5.7D87B5B6C7188D553E11B59DC7F0B111] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.27/11/2012 – 13:56:51.) — C:Windowssystem32DriversHDAudBus.sys [71168]
    [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] – (.Microsoft Corporation – Pilote de port i8042.) (.26/07/2012 – 03:28:51.) — C:Windowssystem32Driversi8042prt.sys [112640]
    [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] – (.Microsoft Corporation – IP Network Address Translator.) (.26/07/2012 – 03:23:01.) — C:Windowssystem32DriversIpNat.sys [145920]
    [MD5.93179D48066918323628CB016D8C94DC] – (.Microsoft Corporation – Minirdr SMB Windows NT.) (.05/02/2013 – 23:29:09.) — C:Windowssystem32DriversMRxSmb.sys [370688]
    [MD5.7CEC25C682D319D484630B3952C31A11] – (.Microsoft Corporation – MBT Transport driver.) (.26/07/2012 – 03:24:28.) — C:Windowssystem32DriversnetBT.sys [331776]
    [MD5.76929F4A69E425911A63B407E26C2589] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.02/02/2013 – 11:54:54.) — C:Windowssystem32Driversntfs.sys [1933544]
    [MD5.4563DAF8C6A740AD7F501E219BD10766] – (.Microsoft Corporation – Pilote de port parallèle.) (.26/07/2012 – 03:29:53.) — C:Windowssystem32DriversParport.sys [105984]
    [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.26/07/2012 – 03:23:17.) — C:Windowssystem32DriversRasl2tp.sys [124928]
    [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] – (.Microsoft Corporation – Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 – 03:25:18.) — C:Windowssystem32Driversrdpdr.sys [179712]
    [MD5.73DC722CE5DF26D7638CE2446F2655C7] – (.Microsoft Corporation – TDI Translation Driver.) (.26/07/2012 – 06:26:47.) — C:Windowssystem32Driverstdx.sys [117248]
    [MD5.78A5BBA3819FFFC62FFEC3E2220D102D] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.01/06/2013 – 12:26:33.) — C:Windowssystem32Driversvolsnap.sys [327936]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/2456
    ~ Mes musiques (My Musics) : 1/994
    ~ Mes Videos (My Videos) : 1/26
    ~ Mes Favoris (My Favorites) : 1/7
    ~ Mes Documents (My Documents) : 1/69
    ~ Mon Bureau (My Desktop) : 1/15
    ~ Menu demarrer (Programs) : 1/21
    ~ Hidden Files: Scanned in 00mn 02s

    —\ Processus lancés
    [MD5.B07086D59443DAC6A668D691B27B968C] – (.ASUSTeK Computer Inc. – ASUS Color Engine.) — C:Program Files (x86)ASUSSplendidColorUService.exe [176240] [PID.1544]
    [MD5.C570FD825751F7805CE226F68C4605DE] – (.ASUS – ACMON.) — C:Program Files (x86)ASUSSplendidACMON.exe [54488] [PID.1124]
    [MD5.C6D3BB61E24F66EB976C6CC55346B5F2] – (.ASUS – ASUS InstantOn.) — C:Program Files (x86)ASUSASUS InstantOnInsOnCfg.exe [1196416] [PID.1996]
    [MD5.97432AB9F1B3B3E63E778C1E69E71E91] – (.ASUSTek Computer Inc. – ASUS USB Charger Plus.) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe [1124032] [PID.2976]
    [MD5.0B50F07E63EE15383CDFDC26D7A3D3E3] – (.ASUSTek Computer Inc. – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe [205184] [PID.3604]
    [MD5.2D32F0EF950AED6AD007D042676FD39E] – (.ASUSTek Computer Inc. – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [328064] [PID.3612]
    [MD5.498622161649098034DA1893F00E9762] – (.ASUSTeK Computer Inc. – ASUS Quick Gesture Exe.) — C:Program Files (x86)ASUSASUS Smart GestureQuickGesturex86QuickGesture.exe [20792] [PID.1588]
    [MD5.169A19284E9397EF95A5F36749301993] – (.CyberLink Corp. – Power2Go Desktop Burning Gadget.) — C:Program Files (x86)CyberLinkPower2GoPower2GoExpress.exe [2646504] [PID.4404]
    [MD5.077541A539C9454FA2077D0EBE1FD93D] – (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe [621448] [PID.4532]
    [MD5.B7995C675014EEBE77A0BEB7AFCCFC08] – (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe [91432] [PID.4820]
    [MD5.35048D8E8A0BF7A797CD5757ACD7EED0] – (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe [107816] [PID.4856]
    [MD5.B2387FD351A3D4780A917E4C00A83310] – (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe [152392] [PID.4876]
    [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [254336] [PID.4940]
    [MD5.B53B22F4BEDDF8D7AAC5DFC50097BC9B] – (.Microsoft Corp. – Bing Desktop Application.) — C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe [2258056] [PID.4956]
    [MD5.DB0C938BC311B31CF90C13821AE682B3] – (.ASUSTeK Computer Inc. – ASUS Live Update.) — C:Program Files (x86)ASUSASUS Live UpdateLiveUpdate.exe [1559936] [PID.4232]
    [MD5.32AE4864E55782B00CA6B213F8E383F0] – (.Microsoft Corp. – BDExtHost.exe.) — C:Program Files (x86)MicrosoftBingDesktopBDExtHost.exe [207496] [PID.4552]
    [MD5.6176E2630EA5759CA6E915AD0EB9F460] – (.Microsoft Corp. – BDAppHost.exe.) — C:Program Files (x86)MicrosoftBingDesktopBDAppHost.exe [153224] [PID.2196]
    [MD5.687C7EF01D3AF31D8844FB22BC6B88D4] – (.Microsoft Corp. – BDRuntimeHost.exe.) — C:Program Files (x86)MicrosoftBingDesktopBDRuntimeHost.exe [369800] [PID.5216]
    [MD5.3E399A1328181C2A352472369DE2A93A] – (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe [844752] [PID.4244]
    [MD5.0248882379D37F3DC3EA1C721803B645] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8202752] [PID.4548]
    [MD5.60A3399135BEFC6F4BADBD6C13A4AC24] – (.Microsoft Corporation – Hôte Microsoft WWA.) — C:Windowssyswow64wwahost.exe [333824] [PID.4048]
    ~ Processes Running: Scanned in 00mn 01s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultPreferences
    G2 – GCE: Preference [User DataDefault] [aaaaacalgebmfelllfiaoknifldpngjh] Avira SearchFree Toolbar plus Web Protection v.25.62074, (Désactivé) =>Toolbar.Avira
    G2 – GCE: Preference [User DataDefault] [ccahoghmggldkcdjiebjkidpfongdfbl] Bitdefender Wallet v.17.19.0 (Activé)
    G2 – GCE: Preference [User DataDefault] [jpmbfleldcgkldadpdinhjjopdfpjfjp] Wajam v.1.24 (Désactivé) =>PUP.Wajam
    ~ Google Browser: 16 Legitimates Filtered in 00mn 26s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 21

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Public]: ASUS Install.lnk . (.ASUSTek Computer INC. – AsInsWiz.) — C:eSupporteDriverAsInsWiz.exe
    O4 – GSDesktop [Public]: ASUS Instant Connect Installer.lnk . (…) — C:windowsInstaller{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}_77CD0D17CE4BC69D3FCD39.exe
    O4 – GSDesktop [Public]: ASUS Tutor.lnk . (…) — C:windowsInstaller{58172D66-2F69-4215-9AEC-ED8196023736}_E2D96973328BFA48EC703B.exe
    O4 – GSDesktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. – EManual Application.) — C:eSupportManualeManual.exe
    O4 – GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSDesktop [Public]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation – OpenOffice 4.0.0.) — C:Program Files (x86)OpenOffice 4programsoffice.exe
    O4 – GSDesktop [Public]: Scene Switch.lnk . (…) — C:WindowsInstaller{5172E572-C175-4F80-A6D5-5CB45826AD61}_BA416CBB8E260BCD465EF1.exe
    O4 – GSDesktop [Public]: Waves MAXXAudio.lnk . (…) — C:Program Files (x86)RealtekAudioHDAMaxxAudioControl64.exe (.not file.)
    O4 – GSDesktop [Public]: WebStorage.lnk . (.ASUS Cloud Corporation – ASUS WebStorage Panel.) — C:Program Files (x86)ASUSWebStorage Sync Agent1.1.10.123AsusWSPanel.exe
    O4 – GSProgram [Public]: Desktop.lnk – Clé orpheline
    O4 – GSQuickLaunch [Mégane]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSQuickLaunch [Mégane]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSTaskBar [Mégane]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSTaskBar [Mégane]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSTaskBar [Mégane]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation – OpenOffice 4.0.0.) — C:Program Files (x86)OpenOffice 4programsoffice.exe
    O4 – GSProgram [Mégane]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    ~ Global Startup: 51 Legitimates Filtered in 00mn 02s

    —\ Applications lancées au démarrage du sytème (O4)
    O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:Windowssystem32igfxtray.exe
    O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:Windowssystem32hkcmd.exe
    O4 – HKLM..Run: [RTHDVCPL] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
    O4 – HKLM..Run: [RtHDVBg] . (.Realtek Semiconductor – HD Audio Background Process.) — C:Program FilesRealtekAudioHDARAVBg64.exe
    O4 – HKLM..Run: [Bdagent] . (.Bitdefender – Bitdefender Agent.) — C:Program FilesBitdefenderBitdefenderbdagent.exe
    O4 – HKCU..Run: [Power2GoExpress] . (.CyberLink Corp. – Power2Go Desktop Burning Gadget.) — C:Program Files (x86)CyberLinkPower2GoPower2GoExpress.exe
    O4 – HKCU..Run: [msnmsgr] . (.Microsoft Corporation – Windows Live Messenger.) — C:Program Files (x86)Windows LiveMessengermsnmsgr.exe
    O4 – HKCU..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
    O4 – HKCU..Run: [Bitdefender Wallet] . (.Bitdefender – Bitdefender Password Manager.) — C:Program FilesBitdefenderBitdefenderpwdmanui.exe
    O4 – HKCU..Run: [Bitdefender Agent de l’application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe Reader Speed Launcher] C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe (.not file.)
    O4 – HKLM..Wow6432NodeRun: [ASUSPRP] . (.ASUSTek Computer Inc. – ASUS Product Register Program.) — C:Program Files (x86)ASUSAPRPAPRP.exe
    O4 – HKLM..Wow6432NodeRun: [ASUSWebStorage] . (.ASUS Cloud Corporation – ASUS WebStorage Panel.) — C:Program Files (x86)ASUSWebStorage Sync Agent1.1.10.123AsusWSPanel.exe
    O4 – HKLM..Wow6432NodeRun: [RemoteControl10] . (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe
    O4 – HKLM..Wow6432NodeRun: [CLMLServer] . (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe
    O4 – HKLM..Wow6432NodeRun: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Wow6432NodeRun: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKLM..Wow6432NodeRun: [BingDesktop] . (.Microsoft Corp. – Bing Desktop Application.) — C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKUSS-1-5-18..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
    O4 – HKUSS-1-5-18..Run: [Bitdefender Wallet] . (.Bitdefender – Bitdefender Password Manager.) — C:Program FilesBitdefenderBitdefenderpwdmanui.exe
    O4 – HKUSS-1-5-18..Run: [Bitdefender Agent de l’application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    ~ Application: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpNameServer = 127.0.0.1
    O17 – HKLMSystemCCSServicesTcpip..{F109431D-AF75-40B1-8A24-12D4CA0EC0F9}: DhcpNameServer = 10.188.0.1
    O17 – HKLMSystemCCSServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpDomain = ANCE.com
    O17 – HKLMSystemCS1ServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpNameServer = 127.0.0.1
    O17 – HKLMSystemCS1ServicesTcpip..{F109431D-AF75-40B1-8A24-12D4CA0EC0F9}: DhcpNameServer = 10.188.0.1
    O17 – HKLMSystemCS1ServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpDomain = ANCE.com
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 10.188.0.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: application/x-msdownload [64Bits] – {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation – Microsoft .NET Runtime Execution Engine.) — C:WindowsSystem32mscoree.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – AppInit_DLLs: . (.NVIDIA Corporation – NVIDIA shim initialization dll, Version 311.) – C:Windowssystem32nvinitx.dll
    ~ AppInit DLL: Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: McAfee AP Service (McAPExe) . (…) – C:Program FilesMcAfeeMSCMcAPexe.exe (.not file.)
    O23 – Service: Bitdefender Virus Shield (VSSERV) . (.Bitdefender – Bitdefender Security Service.) – C:Program FilesBitdefenderBitdefendervsserv.exe
    ~ Services: 17 Legitimates Filtered in 00mn 17s

    —\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [{8590CA3A-4956-42E6-A81E-A0BABFDA13F5}] (…) — C:Program Files (x86)ElectroLyrics-1Uninstall.exe (.not file.) [0] =>Adware.AddLyrics
    ~ Scheduled Task: 17 Legitimates Filtered in 00mn 11s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.4E8F2BB3A5A87E75C35533723B50E685] – 09/11/2013 – 14:45:24 —A- . (…) — C:WindowsSysNativeuser_gensett.xml [385]
    O44 – LFC:[MD5.4E8F2BB3A5A87E75C35533723B50E685] – 09/11/2013 – 14:45:24 —A- . (…) — C:WindowsSystem32user_gensett.xml [385]
    O44 – LFC:[MD5.BE6049A12849F52987A7AD3E4EA1980A] – 12/11/2013 – 16:09:53 —A- . (…) — C:bdlog.txt [3386]
    ~ Files: 62 Legitimates Filtered in 00mn 51s

    —\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 – LFCP:[MD5.04BDCD830B3009647A0D9A50F683C24C] – 05/11/2013 – 17:51:59 —A- – C:WindowsPrefetchHOROSCOPE.EXE-39F22478.pf
    O45 – LFCP:[MD5.5E5FDEF9517263F04E293E917F8F8D9E] – 07/11/2013 – 13:26:40 —A- – C:WindowsPrefetchGLCND.EXE-DD45F588.pf
    O45 – LFCP:[MD5.7E8737DC303C53B75749325A8068AADD] – 09/11/2013 – 14:05:21 —A- – C:WindowsPrefetchBITDEFENDER_AV_64B.EXE-6559A4F5.pf
    O45 – LFCP:[MD5.B48F0D81812B3FB53C7F8AF64246FBCF] – 09/11/2013 – 14:09:12 —A- – C:WindowsPrefetchINSTALLERPACKAGE.EXE-C9871E88.pf
    O45 – LFCP:[MD5.FA41B0A4E9B284C1468B38207482F7AC] – 09/11/2013 – 14:09:33 —A- – C:WindowsPrefetchINSTALLER.EXE-2463F9E4.pf
    O45 – LFCP:[MD5.03796ECA22DF9A2F01AABE877933E4C0] – 09/11/2013 – 17:33:51 —A- – C:WindowsPrefetchODSW.EXE-983DD055.pf
    O45 – LFCP:[MD5.B20E85ECAA0AD437CFED830489D6CE01] – 09/11/2013 – 18:08:41 —A- – C:WindowsPrefetchODSLV.EXE-1ECDDD1C.pf
    O45 – LFCP:[MD5.932F310B417598F4BB9F89F06061EC81] – 09/11/2013 – 19:39:07 —A- – C:WindowsPrefetchOBK.EXE-DCF2DD96.pf
    O45 – LFCP:[MD5.4EB8AB23E7CFFE0F431563E2F6D35B5D] – 09/11/2013 – 19:39:08 —A- – C:WindowsPrefetchOBKCH.EXE-A945AD95.pf
    O45 – LFCP:[MD5.9A63F9B33663E43A4B6595E7FCBE9847] – 10/11/2013 – 17:36:48 —A- – C:WindowsPrefetchFIRSTRUN.EXE-ED4F9EAB.pf
    O45 – LFCP:[MD5.BC68303A87C8BB0BAE328EAF1FD09534] – 11/11/2013 – 10:44:00 —A- – C:WindowsPrefetchUPDATESRV.EXE-9AD36E5A.pf
    O45 – LFCP:[MD5.0A9843C57F8D70A71A7D2B7B5F4C2BB5] – 12/11/2013 – 07:01:51 —A- – C:WindowsPrefetchCACAOWEB.EXE-BEB0B4FE.pf =>PUP.CacaoWeb
    O45 – LFCP:[MD5.936843CABC678DBA99CA9A64DB7D168E] – 12/11/2013 – 07:01:53 —A- – C:WindowsPrefetchPMBXAG.EXE-EE66F507.pf
    O45 – LFCP:[MD5.300CB252040B3693E9EE087BFF87082B] – 12/11/2013 – 07:01:54 —A- – C:WindowsPrefetchBDAPPPASSMGR.EXE-D7D02AFE.pf
    O45 – LFCP:[MD5.BDCE7B78F39C847F8DE698B40110E41B] – 12/11/2013 – 07:02:01 —A- – C:WindowsPrefetchTBNOTIFIER.EXE-7924204A.pf
    O45 – LFCP:[MD5.3F52DADB648EBCC79B3AAD7029943097] – 12/11/2013 – 07:04:29 —A- – C:WindowsPrefetchWSHOST.EXE-05F0A3AF.pf
    O45 – LFCP:[MD5.678171A66869754A89970C15AA612DBD] – 12/11/2013 – 09:54:57 —A- – C:WindowsPrefetchPWDMANUI.EXE-B52CDD6D.pf
    O45 – LFCP:[MD5.6097E76E437A304E49C2E07159EA0ED6] – 12/11/2013 – 11:15:09 —A- – C:WindowsPrefetchBDADDMTASK.EXE-35FD799F.pf
    O45 – LFCP:[MD5.B59AF409D18966F116C2AE708F7F713C] – 12/11/2013 – 11:28:00 —A- – C:WindowsPrefetchELECTROLYRICS-1-CODEDOWNLOADE-419A0C12.pf =>Adware.AddLyrics
    O45 – LFCP:[MD5.5B17B3244E8A97918EFD3DD0BB59C41E] – 12/11/2013 – 11:29:00 —A- – C:WindowsPrefetchELECTROLYRICS-1-ENABLER.EXE-E7CB4435.pf =>Adware.AddLyrics
    O45 – LFCP:[MD5.41BB2DC301DBC410F95BECECA8640B65] – 12/11/2013 – 12:15:53 —A- – C:WindowsPrefetchINSTALLER.EXE-166619CC.pf
    O45 – LFCP:[MD5.21920A473C28EACB1D4206B393EAB459] – 12/11/2013 – 12:42:00 —A- – C:WindowsPrefetchPLUS-HD-3.5-CODEDOWNLOADER.EX-2BD8074E.pf =>Adware.PlusHD
    O45 – LFCP:[MD5.96FD74220E97B3068A0EE83800DC190E] – 12/11/2013 – 12:42:00 —A- – C:WindowsPrefetchPLUS-HD-3.5-ENABLER.EXE-83E16711.pf =>Adware.PlusHD
    O45 – LFCP:[MD5.612E4173269E4652693E5E50E8E86114] – 12/11/2013 – 12:45:10 —A- – C:WindowsPrefetchdynreservedpri.db
    O45 – LFCP:[MD5.BF07F364B360210FC27E71C1F46B12F2] – 12/11/2013 – 16:12:24 —A- – C:WindowsPrefetchPDVD10SERV.EXE-99C8A7B5.pf
    O45 – LFCP:[MD5.EEBF0972D41388F3593C608AEA2A8816] – 12/11/2013 – 16:13:01 —A- – C:WindowsPrefetchBDEXTHOST.EXE-46A5DBB8.pf
    O45 – LFCP:[MD5.E34DA27F33472A4A7C4D7143E4509C8B] – 12/11/2013 – 16:13:03 —A- – C:WindowsPrefetchBDAPPHOST.EXE-3F03D4E8.pf
    O45 – LFCP:[MD5.45FB5050053D19399D147771D8AF3562] – 12/11/2013 – 16:13:04 —A- – C:WindowsPrefetchBDRUNTIMEHOST.EXE-686E0807.pf
    O45 – LFCP:[MD5.DED66970164D203E206FEC258A7F935D] – 12/11/2013 – 16:24:28 —A- – C:WindowsPrefetch_IU14D2N.TMP-A8098D0F.pf
    O45 – LFCP:[MD5.DBD08CABBC744AF9D614D2F6AD1F81ED] – 13/10/2013 – 19:56:08 —A- – C:WindowsPrefetchFIRSTRUN.EXE-3834855C.pf
    O45 – LFCP:[MD5.4C71B19C81D0DE948B457C3094636FA3] – 16/10/2013 – 16:22:52 —A- – C:WindowsPrefetchSYSTEMPROPERTIESREMOTE.EXE-A8B3EF40.pf
    O45 – LFCP:[MD5.18B2437BC21ECE4ED813D16F454328E5] – 28/10/2013 – 19:10:40 —A- – C:WindowsPrefetchOFFERCAST_AVIRAV7_.EXE-0B097BEE.pf
    O45 – LFCP:[MD5.2B0B5A53DC9E6B0D3681D0006A9388B9] – 28/10/2013 – 19:16:58 —A- – C:WindowsPrefetchMCUIHOST.EXE-AE5E0AD4.pf
    ~ Prefetcher: 249 Legitimates Filtered in 00mn 06s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 19 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    ~ MWPE Keys: 8 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:[MD5.A8080BEBCDB7A16495CE1205921DCAC5] – 02/08/2012 – 04:22:48 —A- . (.Pas de propriétaire – Keyboard Filter Driver.) — C:WindowsSystem32Driverskbfiltr.sys [14992]
    ~ Drivers: 19 Legitimates Filtered in 00mn 01s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 09/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeAppDataTempwinupdates.xml [82006]
    O61 – LFC: 09/11/2013 – 16:29:56 —A- . (…) — C:UsersMéganeDownloadsTerminaisons faibles phonétique.docx [15565]
    O61 – LFC: 10/11/2013 – 16:29:37 —A- . (…) — C:UsersMéganeDocumentsPOEM LANGUE ORALE.odt [22406]
    O61 – LFC: 11/11/2013 – 16:29:38 —A- . (…) — C:UsersMéganeDownloads23054_OFFRE_Magasinier_e-commerce.pdf [371705]
    O61 – LFC: 12/11/2013 – 16:29:11 —A- . (…) — C:UsersMéganeAppDataLocalGoogleChromeUser DataLocal State [47190]
    O61 – LFC: 12/11/2013 – 16:29:35 —A- . (…) — C:UsersMéganeAppDataRoamingZHPLog.txt [15905] =>.Nicolas Coolman
    O61 – LFC: 12/11/2013 – 16:29:35 —A- . (…) — C:UsersMéganeAppDataRoamingZHPTestsZHPDiag.txt [2899] =>.Nicolas Coolman
    O61 – LFC: 12/11/2013 – 16:29:35 —A- . (…) — C:UsersMéganeAppDataRoamingsp_data.sys [62]
    O61 – LFC: 12/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeAppDataRoaminguser_gensett.xml [385]
    O61 – LFC: 12/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeDocumentsAcademic writing pour le 19 novembre.odt [16986]
    O61 – LFC: 12/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeDocumentsAméricaine civi.odt [33411]
    O61 – LFC: 12/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeDocumentsCivilisation Américaine CM 12 Novembre.odt [26066]
    O61 – LFC: 12/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeDocumentsCivilisation Britannique CM 12 novembre.odt [26324]
    O61 – LFC: 12/11/2013 – 16:29:38 —A- . (…) — C:UsersMéganeDownloads23097_DS_Phonétique_-_Mr_Gauthier.pdf [10229]
    O61 – LFC: 12/11/2013 – 16:29:43 —A- . (…) — C:UsersMéganeDownloadsadwcleaner.exe [1085542]
    ~ 3 Fichiers temporaires (Temporary files)
    ~ Files: 731 Legitimates Filtered in 01mn 44s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
    ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.EF70DF92CF61D0CA3FE0D2AD50BB6FAD] [SPRF][09/11/2013] (…) — C:ProgramData1384002564.bdinstall.bin [1142527]
    [MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22/07/2009] (…) — C:ProgramDataSetStretch.exe [24576]
    [MD5.5E873D6381A043A6380F2D991078E804] [SPRF][09/11/2013] (…) — C:UsersMéganeAppDataLocalTempdefaultCache.reg [85258]
    [MD5.50E2028779633173CD919D080200DD42] [SPRF][12/10/2013] (…) — C:UsersMéganeAppDataLocalTempICReinstall_wlsetup-web.exe [618864]
    [MD5.378189889438568FEF3D98588283B3A5] [SPRF][11/11/2013] (…) — C:UsersMéganeAppDataLocalTempQuarantine.exe [350377]
    [MD5.22FB4C2FF5F50BD7492075457F0A3677] [SPRF][12/11/2013] (…) — C:UsersMéganeAppDataRoamingsp_data.sys [62]
    [MD5.9812917FE2FCDEA2FD800573D7842E5D] [SPRF][12/11/2013] (…) — C:UsersMéganeDesktopadwcleaner.exe [1085542]
    ~ Files: 8 Legitimates Filtered in 00mn 00s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “TCP Query User{58F51957-CF37-4D8C-B0F3-9F136E989E8E}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Private – P6 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
    O87 – FAEL: “UDP Query User{C19950CF-FDDE-4ABF-B043-05EBD8C81AE1}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Private – P17 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
    O87 – FAEL: “TCP Query User{CBDF3A2E-823B-44B6-9F24-8D407BD00E33}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Public – P6 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
    O87 – FAEL: “UDP Query User{ED08F8CE-C9C0-4AB3-ABEF-72F0B2AD42FC}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Public – P17 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
    ~ Firewall: 234 Legitimates Filtered in 00mn 02s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: “25946514D2147365007A7A857BC06000” . (.Avira SearchFree Toolbar.) — C:WindowsInstaller{41564952-412D-5637-00A7-A758B70C0600}ToolbarIcon.exe =>Toolbar.Avira
    ~ Update Products: 107 Legitimates Filtered in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.D1CC83CE82B0A5BB1DE4B57648A7E5A6] [WIS][23/10/2013] (.APN, LLC – Avira SearchFree Toolbar.) — C:WindowsInstaller3f70edb1.msi [814592] =>Toolbar.Avira
    ~ WIS: 108 Legitimates Filtered in 00mn 13s

    —\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
    SR – | Auto 05/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SR – | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    SR – | Auto 05/10/2012 110976 | (ASLDRService) . (.ASUSTek Computer Inc..) – C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
    SR – | Auto 13/04/2012 277120 | (ASUS InstantOn) . (.ASUS.) – C:Program Files (x86)ASUSASUS InstantOnInsOnSrv.exe
    SR – | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
    SR – | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SS – | Demand 13/12/2012 277616 | (cphs) . (.Intel Corporation.) – C:WindowsSysWow64IntelCpHeciSvc.exe
    SS – | Auto 08/11/2013 116648 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 08/11/2013 116648 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SR – | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Integrated Clock Controller ServiceICCProxy.exe
    SR – | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) – C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe
    SR – | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientHeciServer.exe
    SR – | Auto 27/06/2012 129856 | (Intel(R) ME Service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
    SR – | Demand 17/09/2013 641352 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SR – | Auto 25/06/2012 166720 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    SR – | Auto 17/07/2012 277824 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    SS – | Auto 10/07/1658 0 | (McAPExe) . (…) – C:Program FilesMcAfeeMSCMcAPexe.exe
    SR – | Auto 14/03/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) – C:Windowssystem32nvvsvc.exe
    SR – | Auto 14/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
    SR – | Auto 17/07/2012 365376 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    SR – | Auto 07/10/2013 67320 | (UPDATESRV) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefenderupdatesrv.exe
    SR – | Auto 14/10/2013 1506736 | (VSSERV) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefendervsserv.exe
    SS – | Demand 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Demand 27/11/2012 29696 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 15s

    —\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
    Run by Mégane at 12/11/2013 16:32:50
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn 00s

    —\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Mégane at 12/11/2013 16:32:52

    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 12994 – (11/11/2013)
    Clés trouvées (Keys found) : 2
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 2
    Fichiers trouvés (Files found) : 2

    [HKLMSoftwareGoogleChromeExtensionsaaaaacalgebmfelllfiaoknifldpngjh] =>Toolbar.Avira^
    [HKLMSoftwareGoogleChromeExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp] =>PUP.Wajam^
    C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsaaaaacalgebmfelllfiaoknifldpngjh =>Toolbar.Avira^
    C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp =>PUP.Wajam^
    C:WindowsInstaller3f70edb1.msi =>Toolbar.Avira^
    C:UsersMéganeDownloadscacaoweb.exe =>PUP.CacaoWeb
    ~ Additionnel Scan: 244196 Items scanned in 00mn 48s

    —\ Récapitulatif des détections trouvées sur votre station
    ~ http://nicolascoolman.webs.com/apps/blog/show/28419247-toolbar-avira” onclick=”window.open(this.href);return false; =>Toolbar.Avira
    ~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam” onclick=”window.open(this.href);return false; =>PUP.Wajam
    ~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics” onclick=”window.open(this.href);return false; =>Adware.AddLyrics
    ~ http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb” onclick=”window.open(this.href);return false; =>PUP.CacaoWeb
    ~ http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd” onclick=”window.open(this.href);return false; =>Adware.PlusHD
    ~ MSI: 5 link(s) detected in 00mn 48s

    ~ 1883 Legitimates filtered by white list
    End of the scan (483 lines in 07mn 28s)(0)

  • Anonyme
    Nombre d'articles : 1400

    :hello: popoutre

    peux-tu me poster ce rapport s’i te plaît AdwCleaner[S0].txt – [11401 octets] – [12/11/2013 16:00:34]

    ensuite fais ceci et poste le rapport s’il te plaît

    • Télécharge MalwareBytes
    • Procède à l’installation de celui çi Décocher “Activer l’essai gratuit de Malwarebytes Anti-Malware PRO”
    • Sélectionne Examen complet
    • Clic sur Rechercher
    • Supprime tout les éléments trouvés !
    • Poste le rapport sur le forum

    :merci2:

  • popoutre
    Nombre d'articles : 0

    voici le rapport adwcleaner demandé :

    # AdwCleaner v3.012 – Rapport créé le 12/11/2013 à 16:00:34
    # Mis à jour le 11/11/2013 par Xplode
    # Système d’exploitation : Windows 8 (64 bits)
    # Nom d’utilisateur : Mégane – PC-MEGANE
    # Exécuté depuis : C:UsersMéganeDesktopadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    Service Supprimé : APNMCP

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:ProgramDataapn
    Dossier Supprimé : C:ProgramDataAskPartnerNetwork
    Dossier Supprimé : C:Program Files (x86)AskPartnerNetwork
    Dossier Supprimé : C:Program Files (x86)Plus-HD-3.5
    Dossier Supprimé : C:Program Files (x86)ElectroLyrics-1
    Dossier Supprimé : C:UsersMGANE~1AppDataLocalTempapn
    Dossier Supprimé : C:UsersMéganeAppDataLocalSwvUpdater
    Dossier Supprimé : C:UsersMéganeAppDataRoamingcacaoweb
    Dossier Supprimé : C:UsersMéganeAppDataRoamingFreeSoftwareUpdater
    Dossier Supprimé : C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsldikpdnngdmeceeameoaannjilbjppnm
    [!] Dossier Supprimé : C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsldikpdnngdmeceeameoaannjilbjppnm
    Fichier Supprimé : C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_www.wajam.com_0.localstorage
    Fichier Supprimé : C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_www.wajam.com_0.localstorage-journal
    Fichier Supprimé : C:WindowsTasksAmiUpdXp.job
    Fichier Supprimé : C:WindowsSystem32TasksAmiUpdXp
    Fichier Supprimé : C:WindowsTasksElectroLyrics-1-chromeinstaller.job
    Fichier Supprimé : C:WindowsSystem32TasksElectroLyrics-1-chromeinstaller
    Fichier Supprimé : C:WindowsTasksElectroLyrics-1-codedownloader.job
    Fichier Supprimé : C:WindowsSystem32TasksElectroLyrics-1-codedownloader
    Fichier Supprimé : C:WindowsTasksElectroLyrics-1-enabler.job
    Fichier Supprimé : C:WindowsSystem32TasksElectroLyrics-1-enabler
    Fichier Supprimé : C:WindowsTasksElectroLyrics-1-updater.job
    Fichier Supprimé : C:WindowsSystem32TasksElectroLyrics-1-updater
    Fichier Supprimé : C:WindowsTasksPlus-HD-3.5-chromeinstaller.job
    Fichier Supprimé : C:WindowsSystem32TasksPlus-HD-3.5-chromeinstaller
    Fichier Supprimé : C:WindowsTasksPlus-HD-3.5-codedownloader.job
    Fichier Supprimé : C:WindowsSystem32TasksPlus-HD-3.5-codedownloader
    Fichier Supprimé : C:WindowsTasksPlus-HD-3.5-enabler.job
    Fichier Supprimé : C:WindowsSystem32TasksPlus-HD-3.5-enabler
    Fichier Supprimé : C:WindowsTasksPlus-HD-3.5-updater.job
    Fichier Supprimé : C:WindowsSystem32TasksPlus-HD-3.5-updater

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKLMSOFTWAREGoogleChromeExtensionsaaaaacalgebmfelllfiaoknifldpngjh
    Valeur Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionRun [cacaoweb]
    Clé Supprimée : HKLMSOFTWAREClassesUpdater.AmiUpd
    Clé Supprimée : HKLMSOFTWAREClassesUpdater.AmiUpd.1
    Valeur Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun [ApnTbMon]
    Clé Supprimée : HKLMSOFTWAREClassesCrossriderApp0037180.BHO
    Clé Supprimée : HKLMSOFTWAREClassesCrossriderApp0037180.BHO.1
    Clé Supprimée : HKLMSOFTWAREClassesCrossriderApp0037180.Sandbox
    Clé Supprimée : HKLMSOFTWAREClassesCrossriderApp0037180.Sandbox.1
    Clé Supprimée : HKLMSOFTWAREClassesCrossriderApp0041844.BHO
    Clé Supprimée : HKLMSOFTWAREClassesCrossriderApp0041844.BHO.1
    Clé Supprimée : HKLMSOFTWAREClassesCrossriderApp0041844.Sandbox
    Clé Supprimée : HKLMSOFTWAREClassesCrossriderApp0041844.Sandbox.1
    Clé Supprimée : HKLMSOFTWAREClassesAppID{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Clé Supprimée : HKLMSOFTWAREClassesAppID{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{41564952-412D-5637-00A7-7A786E7484D7}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{44CBC005-6243-4502-8A02-3A096A282664}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{67BD9EEB-AA06-4329-A940-D250019300C9}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{80703783-E415-4EE3-AB60-D36981C5A6F1}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{D8278076-BC68-4484-9233-6E7F1628B56C}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{F297534D-7B06-459D-BC19-2DD8EF69297B}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{11111111-1111-1111-1111-110311711180}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{11111111-1111-1111-1111-110411181144}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{22222222-2222-2222-2222-220322712280}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{22222222-2222-2222-2222-220422182244}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{80703783-E415-4EE3-AB60-D36981C5A6F1}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{55555555-5555-5555-5555-550355715580}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{55555555-5555-5555-5555-550455185544}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{66666666-6666-6666-6666-660366716680}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{66666666-6666-6666-6666-660466186644}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{9945959C-AAD8-4312-8B57-2DE11927E770}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{A0EE0278-2986-4E5A-884E-A3BF0357E476}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{44444444-4444-4444-4444-440344714480}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{44444444-4444-4444-4444-440444184444}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{41564952-412D-5637-00A7-7A786E7484D7}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{11111111-1111-1111-1111-110311711180}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{11111111-1111-1111-1111-110411181144}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{41564952-412D-5637-00A7-7A786E7484D7}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{11111111-1111-1111-1111-110311711180}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{11111111-1111-1111-1111-110411181144}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{41564952-412D-5637-00A7-7A786E7484D7}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{D7949A66-D936-4028-9552-14F7DC50F38D}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{16e8609e-85ad-4367-8944-2f6413e7bb64}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{29bf5e5f-a5a6-47ff-a74b-814b3901d6c0}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{34b22bb2-3226-4a4c-bfcd-300361b673e6}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{805b8382-9887-415f-8e54-5175a6ab001b}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{b50edb63-728d-48b0-827e-e6c0690f9c4d}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{248fb72c-2993-494f-9928-c13650400f40}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{51798ef6-e053-476f-a54b-8f8c8c2da340}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{8c032063-d7a7-4bb3-9d74-8bb30581ec3d}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{96d20402-4d09-45b8-bf98-d5230e2b7598}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{d70b2320-c93f-46dc-a46e-4790b0be72a2}
    Valeur Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{41564952-412D-5637-00A7-7A786E7484D7}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{11111111-1111-1111-1111-110311711180}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{11111111-1111-1111-1111-110411181144}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{22222222-2222-2222-2222-220322712280}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{22222222-2222-2222-2222-220422182244}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{55555555-5555-5555-5555-550355715580}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{55555555-5555-5555-5555-550455185544}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{66666666-6666-6666-6666-660366716680}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{66666666-6666-6666-6666-660466186644}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{41564952-412D-5637-00A7-7A786E7484D7}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{11111111-1111-1111-1111-110311711180}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{11111111-1111-1111-1111-110411181144}
    Valeur Supprimée : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{D7949A66-D936-4028-9552-14F7DC50F38D}
    Clé Supprimée : HKCUSoftwareAskPartnerNetwork
    Clé Supprimée : HKCUSoftwarecacaoweb
    Clé Supprimée : HKCUSoftwareInstallCore
    Clé Supprimée : HKCUSoftwareinstalledbrowserextensions
    Clé Supprimée : HKCUSoftwareInstalledThirdPartyPrograms
    Clé Supprimée : HKCUSoftwareAppDataLowSoftwareCrossrider
    Clé Supprimée : HKCUSoftwareAppDataLowSoftwarePlus-HD-3.5
    Clé Supprimée : HKCUSoftwareAppDataLowSoftwareElectroLyrics-1
    Clé Supprimée : HKLMSoftwareAskPartnerNetwork
    Clé Supprimée : HKLMSoftwarePlus-HD-3.5
    Clé Supprimée : HKLMSoftwareElectroLyrics-1
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallPlus-HD-3.5
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallElectroLyrics-1
    Clé Supprimée : [x64] HKLMSOFTWAREAskPartnerNetwork
    Clé Supprimée : [x64] HKLMSOFTWAREInstalledThirdPartyPrograms

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v10.0.9200.16537

    -\ Google Chrome v30.0.1599.101

    [ Fichier : C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [11767 octets] – [12/11/2013 15:57:14]
    AdwCleaner[S0].txt – [11187 octets] – [12/11/2013 16:00:34]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [11248 octets] ##########

    Voici le rapport malwarebytes :

    Malwarebytes Anti-Malware 1.75.0.1300
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Version de la base de données: v2013.11.12.13

    Windows 8 x64 NTFS
    Internet Explorer 10.0.9200.16721
    Mégane :: PC-MEGANE [administrateur]

    12/11/2013 21:57:01
    mbam-log-2013-11-12 (21-57-01).txt

    Type d’examen: Examen complet (C:|D:|)
    Options d’examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d’examen désactivées: P2P
    Elément(s) analysé(s): 416612
    Temps écoulé: 1 heure(s), 1 minute(s), 51 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 27
    C:AdwCleanerQuarantineCProgram Files (x86)ElectroLyrics-1ElectroLyrics-1-bg.exe.vir (PUP.Optional.Lyrics.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)ElectroLyrics-1ElectroLyrics-1-bho64.dll.vir (PUP.Optional.Lyrics.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)ElectroLyrics-1ElectroLyrics-1-buttonutil.dll.vir (PUP.Optional.Crossrider) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)ElectroLyrics-1ElectroLyrics-1-buttonutil.exe.vir (PUP.Optional.Lyrics.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)ElectroLyrics-1ElectroLyrics-1-buttonutil64.exe.vir (PUP.Optional.Lyrics.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)ElectroLyrics-1ElectroLyrics-1-codedownloader.exe.vir (PUP.Optional.Lyrics.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)ElectroLyrics-1ElectroLyrics-1-enabler.exe.vir (PUP.Optional.Lyrics.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)ElectroLyrics-1ElectroLyrics-1-helper.exe.vir (PUP.Optional.CrossRider) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)ElectroLyrics-1ElectroLyrics-1-updater.exe.vir (PUP.Optional.Lyrics.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)Plus-HD-3.5Plus-HD-3.5-bg.exe.vir (PUP.Optional.PlusHD.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)Plus-HD-3.5Plus-HD-3.5-bho.dll.vir (PUP.Optional.PlusHD.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)Plus-HD-3.5Plus-HD-3.5-bho64.dll.vir (PUP.Optional.PlusHD.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)Plus-HD-3.5Plus-HD-3.5-buttonutil.dll.vir (PUP.Optional.Crossrider) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)Plus-HD-3.5Plus-HD-3.5-buttonutil.exe.vir (PUP.Optional.PlusHD.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)Plus-HD-3.5Plus-HD-3.5-buttonutil64.exe.vir (PUP.Optional.PlusHD.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)Plus-HD-3.5Plus-HD-3.5-chromeinstaller.exe.vir (PUP.Optional.PlusHD.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)Plus-HD-3.5Plus-HD-3.5-codedownloader.exe.vir (PUP.Optional.PlusHD.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)Plus-HD-3.5Plus-HD-3.5-enabler.exe.vir (PUP.Optional.PlusHD.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)Plus-HD-3.5Plus-HD-3.5-updater.exe.vir (PUP.Optional.PlusHD.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCProgram Files (x86)Plus-HD-3.5utils.exe.vir (PUP.Optional.PlusHD.A) -> Mis en quarantaine et supprimé avec succès.
    C:AdwCleanerQuarantineCUsersMéganeAppDataLocalSwvUpdaterUpdater.exe.vir (PUP.Optional.Amonetize) -> Mis en quarantaine et supprimé avec succès.
    C:UsersMéganeAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5YT5LSZIIwajam_install[1].exe (PUP.Optional.Wajam) -> Mis en quarantaine et supprimé avec succès.
    C:UsersMéganeAppDataLocalTempICReinstall_wlsetup-web.exe (PUP.Optional.InstallCore) -> Mis en quarantaine et supprimé avec succès.
    C:UsersMéganeAppDataLocalTempis42483369142931431_stpwajam_download.exe (PUP.Optional.Wajam) -> Mis en quarantaine et supprimé avec succès.
    C:UsersMéganeAppDataLocalTempis42483369525485123_stpplus-hd-3-5.exe (PUP.Optional.CrossRider) -> Mis en quarantaine et supprimé avec succès.
    C:UsersMéganeDownloadsavira_free_antivirus.exe (PUP.Optional.InstallCore) -> Mis en quarantaine et supprimé avec succès.
    C:WindowsTemp37180_updater.exe (PUP.Optional.PlusHD.A) -> Mis en quarantaine et supprimé avec succès.

    (fin)

    Encore merci !!

  • Anonyme
    Nombre d'articles : 1400

    re popoutre,

    c’est bien, fais ceci et poste le rapport s’il te plaît

    • Télécharge Junkware Removal Tool Download (de thisisu) sur ton bureau.
    • Lance Junkware Removal Tool Download, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Appuie sur n’importe quelle touche.

    • Une fois le scan terminé rends toi sur le bureau, le fichier JRT.txt à été créé.
    • Héberge le rapport JRT.txt surSosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    puis ceci et poste aussi le rapport

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur Configurer
    • Clique sur l’icône représentant une loupe avec un + (« Lancer le diagnostic »)

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    :merci2:

  • lcemegane
    Participant
    Nombre d'articles : 15

    voici le premier scan :

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.8 (11.05.2013:1)
    OS: Windows 8 x64
    Ran by M‚gane on 13/11/2013 at 12:06:08,06
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ~~~ Services

    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftInternet ExplorerMain\Default_Page_URL

    ~~~ Registry Keys

    ~~~ Files

    ~~~ Folders

    ~~~ Event Viewer Logs were cleared

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 13/11/2013 at 12:33:35,02
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    et le deuxième :

    ~ Rapport de ZHPDiag v2013.11.11.25 – Nicolas Coolman (11/11/2013)
    ~ Lancé par Mégane (13/11/2013 13:23:35)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v10.0.9200.16736
    GCIE: Google Chrome v30.0.1599.101 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 8 Home Premium Edition, 64-bit (Build 9200)
    Windows Server License Manager Script : OK
    ~ ion : Windows(R) Operating System, OEM_DM channel
    Windows ID Activation : OK
    ~ Windows Partial Key : 66JYG
    Windows License : OK
    ~ Windows Remaining Initializations Number : 998
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Bitdefender Antivirus Plus v17.20.0.883
    Malwarebytes Anti-Malware version 1.75.0.1300
    Windows Defender W8

    —\ Logiciels d’optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Reader XI
    Java 7 Update 45

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 6029 MB (73% free)
    System Restore: Activé (Enable)
    System drive C: has 214 GB (76%) free of 279 GB

    —\ Mode de connexion au système
    ~ Computer Name: PC-MEGANE
    ~ User Name: Mégane
    ~ All Users Names: UpdatusUser, Mégane, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d’environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersMéganeAppDataRoamingZHP
    ~ %AppData% : C:UsersMéganeAppDataRoaming
    ~ %Desktop% : C:UsersMéganeDesktop
    ~ %Favorites% : C:UsersMéganeFavorites
    ~ %LocalAppData% : C:UsersMéganeAppDataLocal
    ~ %StartMenu% : C:UsersMéganeAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 214 Go of 279 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 398 Go of 398 Go)
    E: CD-ROM drive (Not Inserted)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    ~ Security Center: 44 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.0E8E6463F81C80AFBED533E0F1F8895D] – (.Microsoft Corporation – Explorateur Windows.) (.01/06/2013 – 12:34:21.) — C:WindowsExplorer.exe [2391280]
    [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] – (.Microsoft Corporation – Application de démarrage de Windows.) (.26/07/2012 – 04:08:50.) — C:WindowsSystem32Wininit.exe [132608]
    [MD5.9706C99DAEBE3FEAC811B239617E98C4] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.12/10/2013 – 09:45:20.) — C:WindowsSystem32wininet.dll [2241536]
    [MD5.BCF2036A0DD579E47C008C133550283E] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.11/10/2012 – 06:46:58.) — C:WindowsSystem32Winlogon.exe [517120]
    [MD5.9448F5740A037EC0C18F0E9177232DD0] – (.Microsoft Corporation – Bibliothèque de licences.) (.26/07/2012 – 04:07:20.) — C:WindowsSystem32sppcomapi.dll [273408]
    [MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] – (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) (.04/09/2013 – 04:11:23.) — C:Windowssystem32DriversAFD.sys [576512]
    [MD5.A721FF570C2387E383BDDEA9632863C9] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.26/07/2012 – 06:00:48.) — C:Windowssystem32Driversatapi.sys [25840]
    [MD5.990B1BABE6E81FB18E65A87EBEFB1772] – (.Microsoft Corporation – CD-ROM File System Driver.) (.26/07/2012 – 03:30:10.) — C:Windowssystem32DriversCdfs.sys [108544]
    [MD5.339BFF85D788268752DA8C9644B188EE] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.26/07/2012 – 03:26:36.) — C:Windowssystem32DriversCdrom.sys [174080]
    [MD5.09D9EB9E7898F8E6561473A20CC808B9] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.26/07/2012 – 03:26:53.) — C:Windowssystem32DriversDfsC.sys [118784]
    [MD5.7D87B5B6C7188D553E11B59DC7F0B111] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.27/11/2012 – 13:56:51.) — C:Windowssystem32DriversHDAudBus.sys [71168]
    [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] – (.Microsoft Corporation – Pilote de port i8042.) (.26/07/2012 – 03:28:51.) — C:Windowssystem32Driversi8042prt.sys [112640]
    [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] – (.Microsoft Corporation – IP Network Address Translator.) (.26/07/2012 – 03:23:01.) — C:Windowssystem32DriversIpNat.sys [145920]
    [MD5.93179D48066918323628CB016D8C94DC] – (.Microsoft Corporation – Minirdr SMB Windows NT.) (.05/02/2013 – 23:29:09.) — C:Windowssystem32DriversMRxSmb.sys [370688]
    [MD5.7CEC25C682D319D484630B3952C31A11] – (.Microsoft Corporation – MBT Transport driver.) (.26/07/2012 – 03:24:28.) — C:Windowssystem32DriversnetBT.sys [331776]
    [MD5.76929F4A69E425911A63B407E26C2589] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.02/02/2013 – 11:54:54.) — C:Windowssystem32Driversntfs.sys [1933544]
    [MD5.4563DAF8C6A740AD7F501E219BD10766] – (.Microsoft Corporation – Pilote de port parallèle.) (.26/07/2012 – 03:29:53.) — C:Windowssystem32DriversParport.sys [105984]
    [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.26/07/2012 – 03:23:17.) — C:Windowssystem32DriversRasl2tp.sys [124928]
    [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] – (.Microsoft Corporation – Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 – 03:25:18.) — C:Windowssystem32Driversrdpdr.sys [179712]
    [MD5.73DC722CE5DF26D7638CE2446F2655C7] – (.Microsoft Corporation – TDI Translation Driver.) (.26/07/2012 – 06:26:47.) — C:Windowssystem32Driverstdx.sys [117248]
    [MD5.78A5BBA3819FFFC62FFEC3E2220D102D] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.01/06/2013 – 12:26:33.) — C:Windowssystem32Driversvolsnap.sys [327936]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/2456
    ~ Mes musiques (My Musics) : 1/994
    ~ Mes Videos (My Videos) : 1/26
    ~ Mes Favoris (My Favorites) : 1/7
    ~ Mes Documents (My Documents) : 1/72
    ~ Mon Bureau (My Desktop) : 1/18
    ~ Menu demarrer (Programs) : 1/21
    ~ Hidden Files: Scanned in 00mn 01s

    —\ Processus lancés
    [MD5.E40AF754F43E3B44E2D6DE829267AD52] – (.ASUSTek Computer Inc. – ASLDR Service.) — C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe [110976] [PID.1768]
    [MD5.DBC598E47E7A382E60E2A4745D41FEF9] – (.ASUS – GFNEXSrv.) — C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe [96896] [PID.1844]
    [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [65640] [PID.1580]
    [MD5.30E3850F303EAE5C364782EA78579CC9] – (.Apple Inc. – MobileDeviceService.) — C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe [55624] [PID.1456]
    [MD5.6A122B4F0E5293CACFA8A5F2CBA9B356] – (.ASUS – ASUS InstantOn Program.) — C:Program Files (x86)ASUSASUS InstantOnInsOnSrv.exe [277120] [PID.1288]
    [MD5.2126CCA1F93D7BCDF6F37CB8A7BFC004] – (.Microsoft Corp. – Bing Desktop updating service.) — C:Program Files (x86)MicrosoftBingDesktopBingDesktopUpdater.exe [173192] [PID.1468]
    [MD5.78ABBE558F57144047F10A0F50FE4B2F] – (.Intel Corporation – Intel(R) Dynamic Application Loader Host In.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe [166720] [PID.2228]
    [MD5.B07086D59443DAC6A668D691B27B968C] – (.ASUSTeK Computer Inc. – ASUS Color Engine.) — C:Program Files (x86)ASUSSplendidColorUService.exe [176240] [PID.3404]
    [MD5.C570FD825751F7805CE226F68C4605DE] – (.ASUS – ACMON.) — C:Program Files (x86)ASUSSplendidACMON.exe [54488] [PID.3412]
    [MD5.8969286F44A62758AACBD38F27D59BF5] – (.ASUSTek Computer Inc. – HControl.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControl.exe [184704] [PID.3420]
    [MD5.97432AB9F1B3B3E63E778C1E69E71E91] – (.ASUSTek Computer Inc. – ASUS USB Charger Plus.) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe [1124032] [PID.3428]
    [MD5.C6D3BB61E24F66EB976C6CC55346B5F2] – (.ASUS – ASUS InstantOn.) — C:Program Files (x86)ASUSASUS InstantOnInsOnCfg.exe [1196416] [PID.3436]
    [MD5.3A8D1E216D2F16551B37234E6E7341CB] – (.ASUS – ASUS InstantOn Program.) — C:Program Files (x86)ASUSASUS InstantOnInsOnWMI.exe [590208] [PID.3504]
    [MD5.4F870EF9292559AB9DE6F31527A1DCBF] – (.ASUSTek Computer Inc. – KBFiltr.) — C:Program Files (x86)ASUSATK PackageATK HotkeyKBFiltr.exe [113312] [PID.3760]
    [MD5.498622161649098034DA1893F00E9762] – (.ASUSTeK Computer Inc. – ASUS Quick Gesture Exe.) — C:Program Files (x86)ASUSASUS Smart GestureQuickGesturex86QuickGesture.exe [20792] [PID.1384]
    [MD5.0B50F07E63EE15383CDFDC26D7A3D3E3] – (.ASUSTek Computer Inc. – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe [205184] [PID.3468]
    [MD5.2D32F0EF950AED6AD007D042676FD39E] – (.ASUSTek Computer Inc. – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [328064] [PID.3752]
    [MD5.83FF82FE209E7997067B375DAD6CF23D] – (.Intel Corporation – Intel(R) Integrated Clock Controller Servic.) — C:Program Files (x86)IntelIntel(R) Integrated Clock Controller ServiceICCProxy.exe [169752] [PID.4792]
    [MD5.169A19284E9397EF95A5F36749301993] – (.CyberLink Corp. – Power2Go Desktop Burning Gadget.) — C:Program Files (x86)CyberLinkPower2GoPower2GoExpress.exe [2646504] [PID.4992]
    [MD5.077541A539C9454FA2077D0EBE1FD93D] – (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe [621448] [PID.4376]
    [MD5.B7995C675014EEBE77A0BEB7AFCCFC08] – (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe [91432] [PID.4700]
    [MD5.35048D8E8A0BF7A797CD5757ACD7EED0] – (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe [107816] [PID.4888]
    [MD5.B2387FD351A3D4780A917E4C00A83310] – (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe [152392] [PID.2496]
    [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [254336] [PID.2564]
    [MD5.B53B22F4BEDDF8D7AAC5DFC50097BC9B] – (.Microsoft Corp. – Bing Desktop Application.) — C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe [2258056] [PID.4572]
    [MD5.DB0C938BC311B31CF90C13821AE682B3] – (.ASUSTeK Computer Inc. – ASUS Live Update.) — C:Program Files (x86)ASUSASUS Live UpdateLiveUpdate.exe [1559936] [PID.5556]
    [MD5.32AE4864E55782B00CA6B213F8E383F0] – (.Microsoft Corp. – BDExtHost.exe.) — C:Program Files (x86)MicrosoftBingDesktopBDExtHost.exe [207496] [PID.6140]
    [MD5.6176E2630EA5759CA6E915AD0EB9F460] – (.Microsoft Corp. – BDAppHost.exe.) — C:Program Files (x86)MicrosoftBingDesktopBDAppHost.exe [153224] [PID.4940]
    [MD5.687C7EF01D3AF31D8844FB22BC6B88D4] – (.Microsoft Corp. – BDRuntimeHost.exe.) — C:Program Files (x86)MicrosoftBingDesktopBDRuntimeHost.exe [369800] [PID.5208]
    [MD5.9656F8E29F6C3161A3E99BCD3A472FF9] – (.Intel Corporation – Intel(R) ME Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe [129856] [PID.5500]
    [MD5.2C24DC448DBE8DB9BE1441B824C57E79] – (.Intel Corporation – Local Manageability Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe [277824] [PID.5488]
    [MD5.1208E6455ED65E48691422D1FF093574] – (.NVIDIA Corporation – NVIDIA Settings Update Manager.) — C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe [1260320] [PID.2264]
    [MD5.E1A119AD21F5AFE22EB516C549306D3D] – (.Intel Corporation – User Notification Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe [365376] [PID.4160]
    [MD5.86FB5E8D5D1E3E405C46CCBF991E6FD4] – (.Thisisu – Junkware Removal Tool.) — C:UsersMéganeDesktopJRT.exe [1034531] [PID.3132]
    [MD5.3E399A1328181C2A352472369DE2A93A] – (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe [844752] [PID.1912]
    [MD5.0248882379D37F3DC3EA1C721803B645] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8202752] [PID.5904]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultPreferences
    G2 – GCE: Preference [User DataDefault] [aaaaacalgebmfelllfiaoknifldpngjh] Avira SearchFree Toolbar plus Web Protection v.25.62074, (Désactivé) =>Toolbar.Avira
    G2 – GCE: Preference [User DataDefault] [ccahoghmggldkcdjiebjkidpfongdfbl] Bitdefender Wallet v.17.19.0 (Activé)
    G2 – GCE: Preference [User DataDefault] [jpmbfleldcgkldadpdinhjjopdfpjfjp] Wajam v.1.24 (Désactivé) =>PUP.Wajam
    ~ Google Browser: 16 Legitimates Filtered in 00mn 11s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 21

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Public]: ASUS Install.lnk . (.ASUSTek Computer INC. – AsInsWiz.) — C:eSupporteDriverAsInsWiz.exe
    O4 – GSDesktop [Public]: ASUS Instant Connect Installer.lnk . (…) — C:windowsInstaller{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}_77CD0D17CE4BC69D3FCD39.exe
    O4 – GSDesktop [Public]: ASUS Tutor.lnk . (…) — C:windowsInstaller{58172D66-2F69-4215-9AEC-ED8196023736}_E2D96973328BFA48EC703B.exe
    O4 – GSDesktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. – EManual Application.) — C:eSupportManualeManual.exe
    O4 – GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSDesktop [Public]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation – OpenOffice 4.0.0.) — C:Program Files (x86)OpenOffice 4programsoffice.exe
    O4 – GSDesktop [Public]: Scene Switch.lnk . (…) — C:WindowsInstaller{5172E572-C175-4F80-A6D5-5CB45826AD61}_BA416CBB8E260BCD465EF1.exe
    O4 – GSDesktop [Public]: Waves MAXXAudio.lnk . (…) — C:Program Files (x86)RealtekAudioHDAMaxxAudioControl64.exe (.not file.)
    O4 – GSDesktop [Public]: WebStorage.lnk . (.ASUS Cloud Corporation – ASUS WebStorage Panel.) — C:Program Files (x86)ASUSWebStorage Sync Agent1.1.10.123AsusWSPanel.exe
    O4 – GSProgram [Public]: Desktop.lnk – Clé orpheline
    O4 – GSQuickLaunch [Mégane]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSQuickLaunch [Mégane]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSTaskBar [Mégane]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSTaskBar [Mégane]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSTaskBar [Mégane]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation – OpenOffice 4.0.0.) — C:Program Files (x86)OpenOffice 4programsoffice.exe
    O4 – GSProgram [Mégane]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    ~ Global Startup: 52 Legitimates Filtered in 00mn 01s

    —\ Applications lancées au démarrage du sytème (O4)
    O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:Windowssystem32igfxtray.exe
    O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:Windowssystem32hkcmd.exe
    O4 – HKLM..Run: [RTHDVCPL] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
    O4 – HKLM..Run: [RtHDVBg] . (.Realtek Semiconductor – HD Audio Background Process.) — C:Program FilesRealtekAudioHDARAVBg64.exe
    O4 – HKLM..Run: [Bdagent] . (.Bitdefender – Bitdefender Agent.) — C:Program FilesBitdefenderBitdefenderbdagent.exe
    O4 – HKCU..Run: [Power2GoExpress] . (.CyberLink Corp. – Power2Go Desktop Burning Gadget.) — C:Program Files (x86)CyberLinkPower2GoPower2GoExpress.exe
    O4 – HKCU..Run: [msnmsgr] . (.Microsoft Corporation – Windows Live Messenger.) — C:Program Files (x86)Windows LiveMessengermsnmsgr.exe
    O4 – HKCU..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
    O4 – HKCU..Run: [Bitdefender Wallet] . (.Bitdefender – Bitdefender Password Manager.) — C:Program FilesBitdefenderBitdefenderpwdmanui.exe
    O4 – HKCU..Run: [Bitdefender Agent de l’application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    O4 – HKLM..Wow6432NodeRun: [ASUSPRP] . (.ASUSTek Computer Inc. – ASUS Product Register Program.) — C:Program Files (x86)ASUSAPRPAPRP.exe
    O4 – HKLM..Wow6432NodeRun: [ASUSWebStorage] . (.ASUS Cloud Corporation – ASUS WebStorage Panel.) — C:Program Files (x86)ASUSWebStorage Sync Agent1.1.10.123AsusWSPanel.exe
    O4 – HKLM..Wow6432NodeRun: [RemoteControl10] . (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe
    O4 – HKLM..Wow6432NodeRun: [CLMLServer] . (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe
    O4 – HKLM..Wow6432NodeRun: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Wow6432NodeRun: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKLM..Wow6432NodeRun: [BingDesktop] . (.Microsoft Corp. – Bing Desktop Application.) — C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKUSS-1-5-18..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
    O4 – HKUSS-1-5-18..Run: [Bitdefender Wallet] . (.Bitdefender – Bitdefender Password Manager.) — C:Program FilesBitdefenderBitdefenderpwdmanui.exe
    O4 – HKUSS-1-5-18..Run: [Bitdefender Agent de l’application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    ~ Application: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpNameServer = 127.0.0.1
    O17 – HKLMSystemCCSServicesTcpip..{F109431D-AF75-40B1-8A24-12D4CA0EC0F9}: DhcpNameServer = 10.188.0.1
    O17 – HKLMSystemCCSServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpDomain = ANCE.com
    O17 – HKLMSystemCS1ServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpNameServer = 127.0.0.1
    O17 – HKLMSystemCS1ServicesTcpip..{F109431D-AF75-40B1-8A24-12D4CA0EC0F9}: DhcpNameServer = 10.188.0.1
    O17 – HKLMSystemCS1ServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpDomain = ANCE.com
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 10.188.0.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: application/x-msdownload [64Bits] – {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation – Microsoft .NET Runtime Execution Engine.) — C:WindowsSystem32mscoree.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – AppInit_DLLs: . (.NVIDIA Corporation – NVIDIA shim initialization dll, Version 311.) – C:Windowssystem32nvinitx.dll
    ~ AppInit DLL: Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: McAfee AP Service (McAPExe) . (…) – C:Program FilesMcAfeeMSCMcAPexe.exe (.not file.)
    O23 – Service: Bitdefender Virus Shield (VSSERV) . (.Bitdefender – Bitdefender Security Service.) – C:Program FilesBitdefenderBitdefendervsserv.exe
    ~ Services: 17 Legitimates Filtered in 00mn 06s

    —\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [{8590CA3A-4956-42E6-A81E-A0BABFDA13F5}] (…) — C:Program Files (x86)ElectroLyrics-1Uninstall.exe (.not file.) [0] =>Adware.AddLyrics
    ~ Scheduled Task: 17 Legitimates Filtered in 00mn 04s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.4E8F2BB3A5A87E75C35533723B50E685] – 09/11/2013 – 14:45:24 —A- . (…) — C:WindowsSysNativeuser_gensett.xml [385]
    O44 – LFC:[MD5.4E8F2BB3A5A87E75C35533723B50E685] – 09/11/2013 – 14:45:24 —A- . (…) — C:WindowsSystem32user_gensett.xml [385]
    O44 – LFC:[MD5.E1E9A5B1BD6AC67E2C017552CECDAE87] – 13/11/2013 – 09:13:22 —A- . (…) — C:bdlog.txt [5078]
    ~ Files: 100 Legitimates Filtered in 00mn 29s

    —\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 – LFCP:[MD5.04BDCD830B3009647A0D9A50F683C24C] – 05/11/2013 – 17:51:59 —A- – C:WindowsPrefetchHOROSCOPE.EXE-39F22478.pf
    O45 – LFCP:[MD5.5E5FDEF9517263F04E293E917F8F8D9E] – 07/11/2013 – 13:26:40 —A- – C:WindowsPrefetchGLCND.EXE-DD45F588.pf
    O45 – LFCP:[MD5.7E8737DC303C53B75749325A8068AADD] – 09/11/2013 – 14:05:21 —A- – C:WindowsPrefetchBITDEFENDER_AV_64B.EXE-6559A4F5.pf
    O45 – LFCP:[MD5.B48F0D81812B3FB53C7F8AF64246FBCF] – 09/11/2013 – 14:09:12 —A- – C:WindowsPrefetchINSTALLERPACKAGE.EXE-C9871E88.pf
    O45 – LFCP:[MD5.FA41B0A4E9B284C1468B38207482F7AC] – 09/11/2013 – 14:09:33 —A- – C:WindowsPrefetchINSTALLER.EXE-2463F9E4.pf
    O45 – LFCP:[MD5.03796ECA22DF9A2F01AABE877933E4C0] – 09/11/2013 – 17:33:51 —A- – C:WindowsPrefetchODSW.EXE-983DD055.pf
    O45 – LFCP:[MD5.B20E85ECAA0AD437CFED830489D6CE01] – 09/11/2013 – 18:08:41 —A- – C:WindowsPrefetchODSLV.EXE-1ECDDD1C.pf
    O45 – LFCP:[MD5.932F310B417598F4BB9F89F06061EC81] – 09/11/2013 – 19:39:07 —A- – C:WindowsPrefetchOBK.EXE-DCF2DD96.pf
    O45 – LFCP:[MD5.9A63F9B33663E43A4B6595E7FCBE9847] – 10/11/2013 – 17:36:48 —A- – C:WindowsPrefetchFIRSTRUN.EXE-ED4F9EAB.pf
    O45 – LFCP:[MD5.612E4173269E4652693E5E50E8E86114] – 12/11/2013 – 12:45:10 —A- – C:WindowsPrefetchdynreservedpri.db
    O45 – LFCP:[MD5.DED66970164D203E206FEC258A7F935D] – 12/11/2013 – 16:24:28 —A- – C:WindowsPrefetch_IU14D2N.TMP-A8098D0F.pf
    O45 – LFCP:[MD5.1A43C4F10D674C3DEA237BF58C108DFA] – 12/11/2013 – 23:18:48 —A- – C:WindowsPrefetchPMBXAG.EXE-EE66F507.pf
    O45 – LFCP:[MD5.E56A35176F7B9DA0E3DC3D848D65EE6C] – 13/11/2013 – 09:16:20 —A- – C:WindowsPrefetchPDVD10SERV.EXE-99C8A7B5.pf
    O45 – LFCP:[MD5.A92FE4B0DCAF4A2232FC95B411C2195D] – 13/11/2013 – 09:16:57 —A- – C:WindowsPrefetchBDAPPHOST.EXE-3F03D4E8.pf
    O45 – LFCP:[MD5.71D9F2EAA65FE6DDCD671F7926E9F2CC] – 13/11/2013 – 09:16:57 —A- – C:WindowsPrefetchBDEXTHOST.EXE-46A5DBB8.pf
    O45 – LFCP:[MD5.47B3A44E1C8122D51A2D190BFA48A19E] – 13/11/2013 – 09:16:59 —A- – C:WindowsPrefetchBDRUNTIMEHOST.EXE-686E0807.pf
    O45 – LFCP:[MD5.D23D25FD9755D9A188659FCAD8BDE4DF] – 13/11/2013 – 12:03:09 —A- – C:WindowsPrefetchUPDATESRV.EXE-9AD36E5A.pf
    O45 – LFCP:[MD5.14EF2D2E69B6EE080AAF816E51C83D19] – 13/11/2013 – 12:05:56 —A- – C:WindowsPrefetchWGET.DAT-1111CD68.pf
    O45 – LFCP:[MD5.D1B247CE3923073AF87B2B39F776FE07] – 13/11/2013 – 12:06:00 —A- – C:WindowsPrefetchJRT.EXE-F1FE047E.pf
    O45 – LFCP:[MD5.2FB9749D4AC6197F68EB150DDD88769B] – 13/11/2013 – 12:28:56 —A- – C:WindowsPrefetchCUT.DAT-6DB38D69.pf
    O45 – LFCP:[MD5.9D8117C64816124C10AB61B7B9ABAE43] – 13/11/2013 – 12:33:09 —A- – C:WindowsPrefetchFIND.EXE-3298DC3B.pf
    O45 – LFCP:[MD5.8FEBD20E3E229CA68C360D62C19BFBF5] – 13/11/2013 – 12:33:12 —A- – C:WindowsPrefetchSHORTCUT.DAT-8AB1FD09.pf
    O45 – LFCP:[MD5.47D6F76862D76A55B254FFDF2819122F] – 13/11/2013 – 12:33:34 —A- – C:WindowsPrefetchFC.EXE-A601B343.pf
    O45 – LFCP:[MD5.3BC305736F500A664BCFB65E2E6E3FFB] – 13/11/2013 – 12:33:35 —A- – C:WindowsPrefetchNIRCMD.DAT-AEC3928E.pf
    O45 – LFCP:[MD5.3F1A34EC4194313F80B92F7E61243941] – 13/11/2013 – 13:13:24 —A- – C:WindowsPrefetchBDADDMTASK.EXE-35FD799F.pf
    O45 – LFCP:[MD5.5CE4C105A8046E218CBEBE756E7EB5A4] – 13/11/2013 – 13:15:56 —A- – C:WindowsPrefetchINSTALLER.EXE-166619CC.pf
    O45 – LFCP:[MD5.4C71B19C81D0DE948B457C3094636FA3] – 16/10/2013 – 16:22:52 —A- – C:WindowsPrefetchSYSTEMPROPERTIESREMOTE.EXE-A8B3EF40.pf
    O45 – LFCP:[MD5.18B2437BC21ECE4ED813D16F454328E5] – 28/10/2013 – 19:10:40 —A- – C:WindowsPrefetchOFFERCAST_AVIRAV7_.EXE-0B097BEE.pf
    O45 – LFCP:[MD5.2B0B5A53DC9E6B0D3681D0006A9388B9] – 28/10/2013 – 19:16:58 —A- – C:WindowsPrefetchMCUIHOST.EXE-AE5E0AD4.pf
    ~ Prefetcher: 217 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 21 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    ~ MWPE Keys: 8 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:[MD5.A8080BEBCDB7A16495CE1205921DCAC5] – 02/08/2012 – 04:22:48 —A- . (.Pas de propriétaire – Keyboard Filter Driver.) — C:WindowsSystem32Driverskbfiltr.sys [14992]
    ~ Drivers: 21 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 10/11/2013 – 13:25:22 —A- . (…) — C:UsersMéganeDocumentsPOEM LANGUE ORALE.odt [22406]
    O61 – LFC: 11/11/2013 – 13:25:22 —A- . (…) — C:UsersMéganeDownloads23054_OFFRE_Magasinier_e-commerce.pdf [371705]
    O61 – LFC: 12/11/2013 – 13:25:21 —A- . (…) — C:UsersMéganeAppDataRoamingZHPZHPADSReport.txt [351] =>.Nicolas Coolman
    O61 – LFC: 12/11/2013 – 13:25:21 —A- . (…) — C:UsersMéganeAppDataRoamingZHPZHPDiag.txt [37031] =>.Nicolas Coolman
    O61 – LFC: 12/11/2013 – 13:25:21 —A- . (…) — C:UsersMéganeAppDataRoaminguser_gensett.xml [385]
    O61 – LFC: 12/11/2013 – 13:25:21 —A- . (…) — C:UsersMéganeDocumentsAcademic writing pour le 19 novembre.odt [16986]
    O61 – LFC: 12/11/2013 – 13:25:21 —A- . (…) — C:UsersMéganeDocumentsAdwCleaner[S1].txt [958]
    O61 – LFC: 12/11/2013 – 13:25:21 —A- . (…) — C:UsersMéganeDocumentsAméricaine civi.odt [31574]
    O61 – LFC: 12/11/2013 – 13:25:21 —A- . (…) — C:UsersMéganeDocumentsCivilisation Américaine CM 12 Novembre.odt [26066]
    O61 – LFC: 12/11/2013 – 13:25:21 —A- . (…) — C:UsersMéganeDocumentsCivilisation Britannique CM 12 novembre.odt [26324]
    O61 – LFC: 12/11/2013 – 13:25:22 —A- . (…) — C:UsersMéganeDocumentsResearch paper.odt [9433]
    O61 – LFC: 12/11/2013 – 13:25:22 —A- . (…) — C:UsersMéganeDocumentsZHPDiag.txt [37031] =>.Nicolas Coolman
    O61 – LFC: 12/11/2013 – 13:25:22 —A- . (…) — C:UsersMéganeDownloads23097_DS_Phonétique_-_Mr_Gauthier.pdf [10229]
    O61 – LFC: 12/11/2013 – 13:25:24 —A- . (…) — C:UsersMéganeDownloadsadwcleaner.exe [1085542]
    O61 – LFC: 13/11/2013 – 13:25:05 —A- . (…) — C:UsersMéganeAppDataLocalGoogleChromeUser DataLocal State [47190]
    O61 – LFC: 13/11/2013 – 13:25:21 —A- . (…) — C:UsersMéganeAppDataRoamingZHPLog.txt [35242] =>.Nicolas Coolman
    O61 – LFC: 13/11/2013 – 13:25:21 —A- . (…) — C:UsersMéganeAppDataRoamingZHPTestsZHPDiag.txt [2899] =>.Nicolas Coolman
    O61 – LFC: 13/11/2013 – 13:25:21 —A- . (…) — C:UsersMéganeAppDataRoamingsp_data.sys [62]
    ~ 11 Fichiers temporaires (Temporary files)
    ~ Files: 704 Legitimates Filtered in 01mn 17s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
    ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.EF70DF92CF61D0CA3FE0D2AD50BB6FAD] [SPRF][09/11/2013] (…) — C:ProgramData1384002564.bdinstall.bin [1142527]
    [MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22/07/2009] (…) — C:ProgramDataSetStretch.exe [24576]
    [MD5.5E873D6381A043A6380F2D991078E804] [SPRF][09/11/2013] (…) — C:UsersMéganeAppDataLocalTempdefaultCache.reg [85258]
    [MD5.378189889438568FEF3D98588283B3A5] [SPRF][11/11/2013] (…) — C:UsersMéganeAppDataLocalTempQuarantine.exe [350377]
    [MD5.22FB4C2FF5F50BD7492075457F0A3677] [SPRF][13/11/2013] (…) — C:UsersMéganeAppDataRoamingsp_data.sys [62]
    [MD5.9812917FE2FCDEA2FD800573D7842E5D] [SPRF][12/11/2013] (…) — C:UsersMéganeDesktopadwcleaner.exe [1085542]
    ~ Files: 9 Legitimates Filtered in 00mn 00s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “TCP Query User{58F51957-CF37-4D8C-B0F3-9F136E989E8E}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Private – P6 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
    O87 – FAEL: “UDP Query User{C19950CF-FDDE-4ABF-B043-05EBD8C81AE1}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Private – P17 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
    O87 – FAEL: “TCP Query User{CBDF3A2E-823B-44B6-9F24-8D407BD00E33}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Public – P6 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
    O87 – FAEL: “UDP Query User{ED08F8CE-C9C0-4AB3-ABEF-72F0B2AD42FC}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Public – P17 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
    ~ Firewall: 234 Legitimates Filtered in 00mn 00s

    —\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
    SR – | Auto 05/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SR – | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    SR – | Auto 05/10/2012 110976 | (ASLDRService) . (.ASUSTek Computer Inc..) – C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
    SR – | Auto 13/04/2012 277120 | (ASUS InstantOn) . (.ASUS.) – C:Program Files (x86)ASUSASUS InstantOnInsOnSrv.exe
    SR – | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
    SR – | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SS – | Demand 13/12/2012 277616 | (cphs) . (.Intel Corporation.) – C:WindowsSysWow64IntelCpHeciSvc.exe
    SS – | Auto 08/11/2013 116648 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 08/11/2013 116648 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SR – | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Integrated Clock Controller ServiceICCProxy.exe
    SR – | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) – C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe
    SR – | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientHeciServer.exe
    SR – | Auto 27/06/2012 129856 | (Intel(R) ME Service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
    SR – | Demand 17/09/2013 641352 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SR – | Auto 25/06/2012 166720 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    SR – | Auto 17/07/2012 277824 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    SS – | Auto 10/07/1658 0 | (McAPExe) . (…) – C:Program FilesMcAfeeMSCMcAPexe.exe
    SR – | Auto 14/03/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) – C:Windowssystem32nvvsvc.exe
    SR – | Auto 14/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
    SR – | Auto 17/07/2012 365376 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    SR – | Auto 07/10/2013 67320 | (UPDATESRV) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefenderupdatesrv.exe
    SR – | Auto 14/10/2013 1506736 | (VSSERV) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefendervsserv.exe
    SS – | Demand 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SS – | Demand 27/11/2012 29696 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 13s

    —\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
    Run by Mégane at 13/11/2013 13:27:27
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn 00s

    —\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Mégane at 13/11/2013 13:27:29

    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 12994 – (11/11/2013)
    Clés trouvées (Keys found) : 2
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 2
    Fichiers trouvés (Files found) : 1

    [HKLMSoftwareGoogleChromeExtensionsaaaaacalgebmfelllfiaoknifldpngjh] =>Toolbar.Avira^
    [HKLMSoftwareGoogleChromeExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp] =>PUP.Wajam^
    C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsaaaaacalgebmfelllfiaoknifldpngjh =>Toolbar.Avira^
    C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp =>PUP.Wajam^
    C:UsersMéganeDownloadscacaoweb.exe =>PUP.CacaoWeb
    ~ Additionnel Scan: 243563 Items scanned in 00mn 20s

    —\ Récapitulatif des détections trouvées sur votre station
    ~ http://nicolascoolman.webs.com/apps/blog/show/28419247-toolbar-avira” onclick=”window.open(this.href);return false; =>Toolbar.Avira
    ~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam” onclick=”window.open(this.href);return false; =>PUP.Wajam
    ~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics” onclick=”window.open(this.href);return false; =>Adware.AddLyrics
    ~ http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb” onclick=”window.open(this.href);return false; =>PUP.CacaoWeb
    ~ MSI: 4 link(s) detected in 00mn 20s

    ~ 1873 Legitimates filtered by white list
    End of the scan (482 lines in 04mn 15s)(0)

  • Anonyme
    Nombre d'articles : 1400

    :hello: lcemegane

    fais ceci et poste le rapport s’il te plaît

    copie tout le texte depuis ce lien https://antimalware.top/log/SosUpload.74949ffea9ff42c965a1c228255f84e6.txt” onclick=”window.open(this.href);return false;

    ensuite, fais ceci

    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Puis Clic sur “GO

    • Confirmes les nettoyages des données en cliquant sur “Oui
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.

    puis ceci et poste aussi le rapport s’il te plaît

    • Télécharge SFTGC (de Pierre13) sur ton Bureau et pas ailleurs !.
    • Lance SFTGC, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur GO

      Note : A la fin un rapport va s’ouvrir

    • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à été créé.
    • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    :merci2:

  • lcemegane
    Participant
    Nombre d'articles : 15

    Au début du premier scan je reçois un message d’erreur me disant que mon ordinateur ne veut pas exécuter le fichier ZHPFixReport, comment puis-je faire ?

  • Anonyme
    Nombre d'articles : 1400

    re

    tu as bien copier la 1er ligne avec tout le texte (script zhpfix) :interro:

    :merci2:

  • lcemegane
    Participant
    Nombre d'articles : 15

    Oui mais ça ne marche quand même pas
    Est ce que je peux faire le suivant sans le premier ?

  • Anonyme
    Nombre d'articles : 1400

    re

    dis moi le message d’erreur s’il te plaît

    :merci2:

  • lcemegane
    Participant
    Nombre d'articles : 15

    “Impossible de créer le fichier
    Accès refusé.”

  • Anonyme
    Nombre d'articles : 1400

    re

    fais le en mode sans échec>>le mode sans échec

    ps:regarde aussi dans C: si tu n’as pas 1 bout de rapport

    :merci2:

  • Anonyme
    Nombre d'articles : 1400

    re lcemegane,

    tu ne m’as pas dit si tu as réussi a exécuter zhpfix :interro:

    :merci2: de me répondre ^^’

  • lcemegane
    Participant
    Nombre d'articles : 15

    Non je n’ai pas réussi et je n’ai plus de problèmes de pub que j’avais, le problème est-il réglé ?

  • Anonyme
    Nombre d'articles : 1400

    :hello: lcemegane,

    je viens d’avoir le même soucis sur le pc d’1 copain :unhappy: on va employer 1 autre outil 😉

    fais ceci et poste le rapport s’il te plaît

    • Télécharge OTL (by OldTimer) sur ton bureau.
      ~ Comment Télécharger sur son Bureau ?

    • Lance OTL, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche les cases suivantes :
      • Tous les utilisateurs
      • Recherche Lop
      • Recherche Purity
      • Avec Analyses 64 bit Uniquement pour les systèmes en 64 bit

    • Copie et colle le Script dans le lien ci dessous dans la partie inférieure d’OTL “Personnalisation”

      [glow=red:8gk7a4jr]~ Le Script à copier est[/glow:8gk7a4jr] >> ici < <

    • Clique sur Analyse

    • Une fois le scan terminé 1 ou 2 rapports vont s’ouvrir OTL.txt et Extras.txt.
    • Héberge les rapports OTL.txt et Extras.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

      Note : Au cas où, tu peux les retrouver dans le dossier C:OTL ou sur ton bureau en fonction des cas rencontrés

    :merci2:

  • lcemegane
    Participant
    Nombre d'articles : 15

    Je n’ai plus de problème de pub comme j’avais au départ, est-ce que je dois continuer quand même ?

  • Anonyme
    Nombre d'articles : 1400

    :hello: lcemegane,

    e n’ai plus de problème de pub comme j’avais au départ, est-ce que je dois continuer quand même ?

    oui, car il faut virer les “restes”

    encore 1 peu de courage, on arrive a la fin :decompte

    :merci2:

  • lcemegane
    Participant
    Nombre d'articles : 15

    Merci beaucoup pour votre aide, voici le début du rapport OTL.txt ( je n’arrive pas à le mettre sur sosupload)

    OTL logfile created on: 21/11/2013 18:22:10 – Run 1
    OTL by OldTimer – Version 3.2.69.0 Folder = C:UsersMéganeDesktop
    64bit- An unknown product (Version = 6.2.9200) – Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16736)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    5,89 Gb Total Physical Memory | 4,36 Gb Available Physical Memory | 74,01% Memory free
    6,83 Gb Paging File | 4,85 Gb Available in Paging File | 71,04% Paging File free
    Paging file location(s): ?:pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
    Drive C: | 279,45 Gb Total Space | 212,66 Gb Free Space | 76,10% Space Free | Partition Type: NTFS
    Drive D: | 397,87 Gb Total Space | 397,62 Gb Free Space | 99,94% Space Free | Partition Type: NTFS

    Computer Name: PC-MEGANE | User Name: Mégane | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC – [2013/11/20 22:41:02 | 000,602,112 | —- | M] (OldTimer Tools) — C:UsersMéganeDesktopOTL.exe
    PRC – [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    PRC – [2013/10/10 18:24:51 | 000,621,448 | —- | M] (Bitdefender) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    PRC – [2013/09/22 22:19:42 | 002,258,056 | —- | M] (Microsoft Corp.) — C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe
    PRC – [2013/09/22 22:19:42 | 000,369,800 | —- | M] (Microsoft Corp.) — C:Program Files (x86)MicrosoftBingDesktopBDRuntimeHost.exe
    PRC – [2013/09/22 22:19:42 | 000,207,496 | —- | M] (Microsoft Corp.) — C:Program Files (x86)MicrosoftBingDesktopBDExtHost.exe
    PRC – [2013/09/22 22:19:42 | 000,173,192 | —- | M] (Microsoft Corp.) — C:Program Files (x86)MicrosoftBingDesktopBingDesktopUpdater.exe
    PRC – [2013/09/22 22:19:42 | 000,153,224 | —- | M] (Microsoft Corp.) — C:Program Files (x86)MicrosoftBingDesktopBDAppHost.exe
    PRC – [2013/09/05 15:04:00 | 000,065,640 | —- | M] (Adobe Systems Incorporated) — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    PRC – [2013/04/16 17:25:30 | 000,020,792 | —- | M] (ASUSTeK Computer Inc.) — C:Program Files (x86)ASUSASUS Smart GestureQuickGesturex86QuickGesture.exe
    PRC – [2013/02/26 11:08:24 | 000,176,240 | —- | M] (ASUSTeK Computer Inc.) — C:Program Files (x86)ASUSSplendidColorUService.exe
    PRC – [2013/02/14 10:14:08 | 001,260,320 | —- | M] (NVIDIA Corporation) — C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
    PRC – [2012/11/28 17:56:40 | 000,054,488 | —- | M] (ASUS) — C:Program Files (x86)ASUSSplendidACMON.exe
    PRC – [2012/10/26 14:35:44 | 000,184,704 | —- | M] (ASUSTek Computer Inc.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControl.exe
    PRC – [2012/10/24 15:02:32 | 001,196,416 | —- | M] (ASUS) — C:Program Files (x86)ASUSASUS InstantOnInsOnCfg.exe
    PRC – [2012/10/17 19:08:40 | 000,205,184 | —- | M] (ASUSTek Computer Inc.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
    PRC – [2012/10/05 15:55:50 | 000,110,976 | —- | M] (ASUSTek Computer Inc.) — C:Program Files (x86)ASUSATK PackageATK HotkeyAsLdrSrv.exe
    PRC – [2012/09/18 12:51:54 | 001,124,032 | —- | M] (ASUSTek Computer Inc.) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe
    PRC – [2012/09/14 13:14:16 | 000,328,064 | —- | M] (ASUSTek Computer Inc.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
    PRC – [2012/08/31 19:27:20 | 000,590,208 | —- | M] (ASUS) — C:Program Files (x86)ASUSASUS InstantOnInsOnWMI.exe
    PRC – [2012/08/22 09:24:28 | 001,559,936 | —- | M] (ASUSTeK Computer Inc.) — C:Program Files (x86)ASUSASUS Live UpdateLiveUpdate.exe
    PRC – [2012/07/17 14:57:22 | 000,365,376 | —- | M] (Intel Corporation) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    PRC – [2012/07/17 14:57:20 | 000,277,824 | —- | M] (Intel Corporation) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    PRC – [2012/06/27 12:47:02 | 000,129,856 | —- | M] (Intel Corporation) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
    PRC – [2012/06/25 10:57:14 | 000,166,720 | —- | M] (Intel Corporation) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALJhi_service.exe
    PRC – [2012/05/28 10:04:48 | 000,113,312 | —- | M] (ASUSTek Computer Inc.) — C:Program Files (x86)ASUSATK PackageATK HotkeyKBFiltr.exe
    PRC – [2012/05/14 16:26:32 | 002,646,504 | —- | M] (CyberLink Corp.) — C:Program Files (x86)CyberLinkPower2GoPower2GoExpress.exe
    PRC – [2012/04/24 14:37:56 | 000,169,752 | —- | M] (Intel Corporation) — C:Program Files (x86)IntelIntel(R) Integrated Clock Controller ServiceICCProxy.exe
    PRC – [2012/04/13 10:14:00 | 000,277,120 | —- | M] (ASUS) — C:Program Files (x86)ASUSASUS InstantOnInsOnSrv.exe
    PRC – [2012/03/28 18:34:30 | 000,091,432 | —- | M] (CyberLink Corp.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe
    PRC – [2011/11/21 14:19:50 | 000,096,896 | —- | M] (ASUS) — C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
    PRC – [2011/03/09 13:21:54 | 000,107,816 | —- | M] (CyberLink) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe

    ========== Modules (No Company Name) ==========

    MOD – [2013/11/14 12:29:31 | 000,399,312 | —- | M] () — C:Program Files (x86)GoogleChromeApplication31.0.1650.57ppgooglenaclpluginchrome.dll
    MOD – [2013/11/14 12:29:29 | 004,055,504 | —- | M] () — C:Program Files (x86)GoogleChromeApplication31.0.1650.57pdf.dll
    MOD – [2013/11/14 12:28:37 | 000,702,416 | —- | M] () — C:Program Files (x86)GoogleChromeApplication31.0.1650.57libglesv2.dll
    MOD – [2013/11/14 12:28:36 | 000,099,792 | —- | M] () — C:Program Files (x86)GoogleChromeApplication31.0.1650.57libegl.dll
    MOD – [2013/11/14 12:28:34 | 001,619,408 | —- | M] () — C:Program Files (x86)GoogleChromeApplication31.0.1650.57ffmpegsumo.dll
    MOD – [2013/09/13 18:51:44 | 000,087,952 | —- | M] () — C:Program Files (x86)Common FilesAppleApple Application Supportzlib1.dll
    MOD – [2013/09/13 18:51:20 | 001,242,952 | —- | M] () — C:Program Files (x86)Common FilesAppleApple Application Supportlibxml2.dll
    MOD – [2013/06/19 12:44:37 | 000,204,280 | —- | M] () — C:Program FilesBitdefenderBitdefenderantispam32txmlutil.dll
    MOD – [2011/03/09 13:21:56 | 000,619,816 | —- | M] () — C:Program Files (x86)CyberLinkPower2GoCLMediaLibrary.dll
    MOD – [2011/03/09 13:21:56 | 000,144,680 | —- | M] () — C:Program Files (x86)CyberLinkPower2GoCLVistaAudioMixer.dll
    MOD – [2011/03/09 13:21:48 | 000,013,096 | —- | M] () — C:Program Files (x86)CyberLinkPower2GoCLMLSvcPS.dll
    MOD – [2010/10/11 17:15:28 | 001,873,192 | —- | M] () — C:Program Files (x86)CyberLinkPower2GoLanguageFraP2GRC.dll

    ========== Services (SafeList) ==========

    SRV – [2013/09/22 22:19:42 | 000,173,192 | —- | M] (Microsoft Corp.) [Auto | Running] — C:Program Files (x86)MicrosoftBingDesktopBingDesktopUpdater.exe — (BingDesktopUpdate)
    SRV – [2013/09/05 15:04:00 | 000,065,640 | —- | M] (Adobe Systems Incorporated) [Auto | Running] — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe — (AdobeARMservice)
    SRV – [2013/02/14 10:14:08 | 001,260,320 | —- | M] (NVIDIA Corporation) [Auto | Running] — C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe — (nvUpdatusService)
    SRV – [2012/12/13 23:14:24 | 000,277,616 | —- | M] (Intel Corporation) [On_Demand | Stopped] — C:WindowsSysWOW64IntelCpHeciSvc.exe — (cphs)
    SRV – [2012/11/27 13:56:51 | 002,675,712 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:Windowssystem32spoolDRIVERSx643PrintConfig.dll — (PrintNotify)
    SRV – [2012/10/05 15:55:50 | 000,110,976 | —- | M] (ASUSTek Computer Inc.) [Auto | Running] — C:Program Files (x86)ASUSATK PackageATK HotkeyAsLdrSrv.exe — (ASLDRService)
    SRV – [2012/09/13 04:59:08 | 002,466,448 | —- | M] (Realsil Microelectronics Inc.) [Auto | Running] — C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe — (IconMan_R)
    SRV – [2012/07/26 04:20:04 | 000,018,432 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSysWOW64StorSvc.dll — (StorSvc)
    SRV – [2012/07/17 14:57:22 | 000,365,376 | —- | M] (Intel Corporation) [Auto | Running] — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe — (UNS)
    SRV – [2012/07/17 14:57:20 | 000,277,824 | —- | M] (Intel Corporation) [Auto | Running] — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe — (LMS)
    SRV – [2012/06/27 12:47:02 | 000,129,856 | —- | M] (Intel Corporation) [Auto | Running] — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe — (Intel(R)
    SRV – [2012/06/25 10:57:14 | 000,166,720 | —- | M] (Intel Corporation) [Auto | Running] — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALJhi_service.exe — (jhi_service)
    SRV – [2012/04/24 14:37:56 | 000,169,752 | —- | M] (Intel Corporation) [On_Demand | Running] — C:Program Files (x86)IntelIntel(R) Integrated Clock Controller ServiceICCProxy.exe — (ICCS)
    SRV – [2012/04/13 10:14:00 | 000,277,120 | —- | M] (ASUS) [Auto | Running] — C:Program Files (x86)ASUSASUS InstantOnInsOnSrv.exe — (ASUS InstantOn)
    SRV – [2011/11/21 14:19:50 | 000,096,896 | —- | M] (ASUS) [Auto | Running] — C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe — (ATKGFNEXSrv)

    ========== Driver Services (SafeList) ==========

    DRV – [2011/09/07 09:55:04 | 000,017,536 | —- | M] (ASUS) [Kernel | System | Running] — C:Program Files (x86)ASUSATK PackageATK WMIACPIatkwmiacpi64.sys — (ATKWMIACPIIO)
    DRV – [2009/07/02 17:36:14 | 000,015,416 | —- | M] (ASUS) [Kernel | Auto | Running] — C:Program Files (x86)ASUSATK PackageATKGFNEXASMMAP64.sys — (ASMMAP64)

    ========== Standard Registry (SafeList) ==========

    ========== Internet Explorer ==========

    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    IE – HKLM..SearchScopes,DefaultScope =
    IE – HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&FORM=IE8SRC

    IE – HKU.DEFAULT..SearchScopes,DefaultScope =
    IE – HKU.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyEnable” = 0

    IE – HKUS-1-5-18..SearchScopes,DefaultScope =
    IE – HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyEnable” = 0

    IE – HKUS-1-5-19..SearchScopes,DefaultScope =

    IE – HKUS-1-5-20..SearchScopes,DefaultScope =

    IE – HKUS-1-5-21-1305010613-2064220777-3922521960-1001SOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    IE – HKUS-1-5-21-1305010613-2064220777-3922521960-1001..SearchScopes,DefaultScope =
    IE – HKUS-1-5-21-1305010613-2064220777-3922521960-1001SoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyEnable” = 0

    IE – HKUS-1-5-21-1305010613-2064220777-3922521960-1002SOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    IE – HKUS-1-5-21-1305010613-2064220777-3922521960-1002..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE – HKUS-1-5-21-1305010613-2064220777-3922521960-1002SoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyEnable” = 0
    IE – HKUS-1-5-21-1305010613-2064220777-3922521960-1002SoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyOverride” = *.local

    ========== FireFox ==========

    FF – HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=: File not found
    FF – HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=1.0: C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll ()
    FF – HKLMSoftwareMozillaPlugins@Bitdefender.com/PasswordManager;version=17.8: C:Program FilesBitdefenderBitdefenderAntispam32pmbxnp.dll (Bitdefender)
    FF – HKLMSoftwareMozillaPlugins@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:Program Files (x86)IntelIntel(R) Management Engine ComponentsIPTnpIntelWebAPIIPT.dll (Intel Corporation)
    FF – HKLMSoftwareMozillaPlugins@intel-webapi.intel.com/Intel WebAPI updater: C:Program Files (x86)IntelIntel(R) Management Engine ComponentsIPTnpIntelWebAPIUpdater.dll (Intel Corporation)
    FF – HKLMSoftwareMozillaPlugins@java.com/DTPlugin,version=10.45.2: C:Program Files (x86)Javajre7bindtpluginnpDeployJava1.dll (Oracle Corporation)
    FF – HKLMSoftwareMozillaPlugins@java.com/JavaPlugin,version=10.45.2: C:Program Files (x86)Javajre7binplugin2npjp2.dll (Oracle Corporation)
    FF – HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: C:Program Files (x86)Microsoft Silverlight5.1.20913.0npctrl.dll ( Microsoft Corporation)
    FF – HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=16.4.3508.0205: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)
    FF – HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:Program Files (x86)GoogleUpdate1.3.21.165npGoogleUpdate3.dll (Google Inc.)
    FF – HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:Program Files (x86)GoogleUpdate1.3.21.165npGoogleUpdate3.dll (Google Inc.)
    FF – HKLMSoftwareMozillaPluginsAdobe Reader: C:Program Files (x86)AdobeReader 11.0ReaderAIRnppdf32.dll (Adobe Systems Inc.)

    FF – HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions\ffpwdman@bitdefender.com: C:Program FilesBitdefenderBitdefenderAntispam32ffpwdman [2013/10/17 18:47:05 | 000,000,000 | —D | M]

    ========== Chrome ==========

    CHR – default_search_provider: Google (Enabled)
    CHR – default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
    CHR – default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR – Extension: Documents Google = C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake.5_0
    CHR – Extension: Googleu00A0Drive = C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf6.3_0
    CHR – Extension: YouTube = C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo4.2.6_0
    CHR – Extension: Bitdefender Wallet = C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsccahoghmggldkcdjiebjkidpfongdfbl17.19.0_0
    CHR – Extension: Recherche Google = C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf.0.0.20_0
    CHR – Extension: Googleu00A0Wallet = C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda.0.5.0_0
    CHR – Extension: Gmail = C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia7_5

    O1 HOSTS File: ([2012/07/26 06:26:49 | 000,000,824 | —- | M]) – C:WindowsSysNativeDriversetchosts
    O2 – BHO: (Bitdefender Wallet) – {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} – C:Program FilesBitdefenderBitdefenderAntispam32pmbxie.dll (Bitdefender)
    O2 – BHO: (Java(tm) Plug-In SSV Helper) – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:Program Files (x86)Javajre7binssv.dll (Oracle Corporation)
    O2 – BHO: (Java(tm) Plug-In 2 SSV Helper) – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:Program Files (x86)Javajre7binjp2ssv.dll (Oracle Corporation)
    O3 – HKLM..Toolbar: (no name) – Locked – No CLSID value found.
    O4 – HKLM..Run: [APSDaemon] C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe (Apple Inc.)
    O4 – HKLM..Run: [ASUSPRP] C:Program Files (x86)ASUSAPRPAPRP.EXE (ASUSTek Computer Inc.)
    O4 – HKLM..Run: [ASUSWebStorage] C:Program Files (x86)ASUSWebStorage Sync Agent1.1.10.123AsusWSPanel.exe (ASUS Cloud Corporation)
    O4 – HKLM..Run: [BingDesktop] C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe (Microsoft Corp.)
    O4 – HKLM..Run: [CLMLServer] C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe (CyberLink)
    O4 – HKLM..Run: [RemoteControl10] C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe (CyberLink Corp.)
    O4 – HKU.DEFAULT..Run: [Bitdefender Agent de l’application Wallet] C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe (Bitdefender)
    O4 – HKU.DEFAULT..Run: [Bitdefender Wallet] C:Program FilesBitdefenderBitdefenderpwdmanui.exe (Bitdefender)
    O4 – HKU.DEFAULT..Run: [Bitdefender Wallet Agent] C:Program FilesBitdefenderBitdefenderpmbxag.exe (Bitdefender)
    O4 – HKUS-1-5-18..Run: [Bitdefender Agent de l’application Wallet] C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe (Bitdefender)
    O4 – HKUS-1-5-18..Run: [Bitdefender Wallet] C:Program FilesBitdefenderBitdefenderpwdmanui.exe (Bitdefender)
    O4 – HKUS-1-5-18..Run: [Bitdefender Wallet Agent] C:Program FilesBitdefenderBitdefenderpmbxag.exe (Bitdefender)
    O4 – HKUS-1-5-21-1305010613-2064220777-3922521960-1002..Run: [Bitdefender Agent de l’application Wallet] C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe (Bitdefender)
    O4 – HKUS-1-5-21-1305010613-2064220777-3922521960-1002..Run: [Bitdefender Wallet] C:Program FilesBitdefenderBitdefenderpwdmanui.exe (Bitdefender)
    O4 – HKUS-1-5-21-1305010613-2064220777-3922521960-1002..Run: [Bitdefender Wallet Agent] C:Program FilesBitdefenderBitdefenderpmbxag.exe (Bitdefender)
    O4 – HKUS-1-5-21-1305010613-2064220777-3922521960-1002..Run: [Power2GoExpress] C:Program Files (x86)CyberLinkPower2GoPower2GoExpress.exe (CyberLink Corp.)
    O6 – HKLMSoftwarePoliciesMicrosoftInternet ExplorerMain present
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoControlPanel = 0
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 255
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveAutoRun = 67108863
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HonorAutorunSetting = 1
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 5
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: EnableCursorSuppression = 1
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3
    O7 – HKUS-1-5-21-1305010613-2064220777-3922521960-1001SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145
    O10 – NameSpace_Catalog5Catalog_Entries00000000008 [] – C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)
    O13 – gopher Prefix: missing
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 10.188.0.1
    O17 – HKLMSystemCCSServicesTcpipParametersInterfaces{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpNameServer = 127.0.0.1
    O17 – HKLMSystemCCSServicesTcpipParametersInterfaces{F109431D-AF75-40B1-8A24-12D4CA0EC0F9}: DhcpNameServer = 10.188.0.1
    O20 – AppInit_DLLs: (C:WindowsSysWOW64nvinit.dll) – C:WindowsSysWOW64nvinit.dll (NVIDIA Corporation)
    O20 – HKLM Winlogon: Shell – (explorer.exe) – C:WindowsSysWow64explorer.exe (Microsoft Corporation)
    O20 – HKLM Winlogon: UserInit – (userinit.exe) – C:WindowsSysWow64userinit.exe (Microsoft Corporation)
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – No CLSID value found.
    O30 – LSA: Security Packages – (livessp) – File not found
    O32 – HKLM CDRom: AutoRun – 1
    O34 – HKLM BootExecute: (autocheck autochk *)
    O35 – HKLM..comfile [open] — “%1” %*
    O35 – HKLM..exefile [open] — “%1” %*
    O37 – HKLM…com [@ = comfile] — “%1” %*
    O37 – HKLM…exe [@ = exefile] — “%1” %*
    O38 – SubSystems\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 – SubSystems\Windows: (ServerDll=sxssrv,4)

    SafeBootMin: AppMgmt – Service
    SafeBootMin: Base – Driver Group
    SafeBootMin: Boot Bus Extender – Driver Group
    SafeBootMin: Boot file system – Driver Group
    SafeBootMin: File system – Driver Group
    SafeBootMin: Filter – Driver Group
    SafeBootMin: HelpSvc – Service
    SafeBootMin: MCODS – Reg Error: Value error.
    SafeBootMin: mcpltsvc –
    SafeBootMin: PCI Configuration – Driver Group
    SafeBootMin: PNP Filter – Driver Group
    SafeBootMin: Primary disk – Driver Group
    SafeBootMin: sacsvr – Service
    SafeBootMin: SCSI Class – Driver Group
    SafeBootMin: System Bus Extender – Driver Group
    SafeBootMin: TBS – Service
    SafeBootMin: vmms – Service
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} – Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} – CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} – DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} – Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} – Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} – Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} – Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} – PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} – SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} – System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} – Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} – Volume shadow copy
    SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} – IEEE 1394 Bus host controllers
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} – Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} – Human Interface Devices
    SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} – Enhanced Storage Devices
    SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} – SDA Standard Compliant SD Host Controller
    SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} – SBP2 IEEE 1394 Devices
    SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} – SecurityDevices

    SafeBootNet: AppMgmt – Service
    SafeBootNet: Base – Driver Group
    SafeBootNet: Boot Bus Extender – Driver Group
    SafeBootNet: Boot file system – Driver Group
    SafeBootNet: File system – Driver Group
    SafeBootNet: Filter – Driver Group
    SafeBootNet: HelpSvc – Service
    SafeBootNet: MCODS – Reg Error: Value error.
    SafeBootNet: mcpltsvc –
    SafeBootNet: Messenger – Service
    SafeBootNet: NDIS Wrapper – Driver Group
    SafeBootNet: NetBIOSGroup – Driver Group
    SafeBootNet: NetDDEGroup – Driver Group
    SafeBootNet: Network – Driver Group
    SafeBootNet: NetworkProvider – Driver Group
    SafeBootNet: PCI Configuration – Driver Group
    SafeBootNet: PNP Filter – Driver Group
    SafeBootNet: PNP_TDI – Driver Group
    SafeBootNet: Primary disk – Driver Group
    SafeBootNet: rdpencdd.sys – Driver
    SafeBootNet: rdsessmgr – Service
    SafeBootNet: sacsvr – Service
    SafeBootNet: SCSI Class – Driver Group
    SafeBootNet: SmartcardSimulator – Driver
    SafeBootNet: Streams Drivers – Driver Group
    SafeBootNet: System Bus Extender – Driver Group
    SafeBootNet: TBS – Service
    SafeBootNet: TDI – Driver Group
    SafeBootNet: VirtualSmartcardReader – Driver
    SafeBootNet: vmms – Service
    SafeBootNet: WudfUsbccidDriver – Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} – Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} – CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} – DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} – Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} – Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} – Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} – Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} – Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} – NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} – NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} – NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} – PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} – SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} – System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} – Floppy disk drive
    SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} – Smart card readers
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} – Volume shadow copy
    SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} – IEEE 1394 Bus host controllers
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} – Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} – Human Interface Devices
    SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} – Enhanced Storage Devices
    SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} – SDA Standard Compliant SD Host Controller
    SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} – SBP2 IEEE 1394 Devices
    SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} – SecurityDevices

    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} – Microsoft Windows Media Player 12.0
    ActiveX: {3A8403F3-90B5-35DC-8926-EB9B907209F9} – .NET Framework
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} – Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} – “%ProgramFiles%Windows MailWinMail.exe” OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} – DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} – Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} – Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} – Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} – Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} – Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} – MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} – Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} – .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} –
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} – C:WindowsSysWOW64Rundll32.exe C:WindowsSysWOW64mscories.dll,Install
    ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} – “C:Program Files (x86)GoogleChromeApplication31.0.1650.57Installerchrmstp.exe” –configure-user-settings –verbose-logging –system-level –multi-install –chrome
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} – Dynamic HTML Data Binding
    ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} – .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} – Internet Explorer Core Fonts
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} – HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} – Active Directory Service Interface
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} – %SystemRoot%system32unregmp2.exe /ShowWMP

    Drivers32: msacm.l3acm – C:WindowsSysWOW64l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid – C:WindowsSysWow64iccvid.dll (Radius Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders – Created Within 30 Days ==========

    [2013/11/20 22:41:19 | 000,602,112 | —- | C] (OldTimer Tools) — C:UsersMéganeDesktopOTL.exe
    [2013/11/14 14:40:38 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsiTunes
    [2013/11/14 14:40:07 | 000,000,000 | —D | C] — C:Program Files (x86)iTunes
    [2013/11/14 14:40:07 | 000,000,000 | —D | C] — C:ProgramData34BE82C4-E596-4e99-A191-52C6199EBF69
    [2013/11/13 22:32:41 | 000,000,000 | —D | C] — C:UsersMéganeAppDataLocalTemp
    [2013/11/13 12:06:04 | 000,000,000 | —D | C] — C:WindowsERUNT
    [2013/11/13 12:04:30 | 001,034,531 | —- | C] (Thisisu) — C:UsersMéganeDesktopJRT.exe
    [2013/11/13 09:15:25 | 000,694,232 | —- | C] (Adobe Systems Incorporated) — C:WindowsSysWow64FlashPlayerApp.exe
    [2013/11/13 09:15:25 | 000,078,296 | —- | C] (Adobe Systems Incorporated) — C:WindowsSysWow64FlashPlayerCPLApp.cpl
    [2013/11/12 23:27:32 | 000,690,688 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64jscript.dll
    [2013/11/12 23:27:31 | 001,711,616 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64d3d11.dll
    [2013/11/12 23:26:43 | 002,035,712 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64authui.dll
    [2013/11/12 21:54:01 | 000,000,000 | —D | C] — C:UsersMéganeAppDataRoamingMalwarebytes
    [2013/11/12 21:52:44 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes’ Anti-Malware
    [2013/11/12 21:52:43 | 000,000,000 | —D | C] — C:ProgramDataMalwarebytes
    [2013/11/12 21:52:42 | 000,000,000 | —D | C] — C:Program Files (x86)Malwarebytes’ Anti-Malware
    [2013/11/12 21:52:20 | 000,000,000 | —D | C] — C:UsersMéganeAppDataLocalPrograms
    [2013/11/12 21:51:58 | 010,285,040 | —- | C] (Malwarebytes Corporation ) — C:UsersMéganeDesktopmbam-setup-1.75.0.1300.exe
    [2013/11/12 16:25:42 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsZHP
    [2013/11/12 16:23:00 | 000,000,000 | —D | C] — C:Program Files (x86)ZHPDiag
    [2013/11/12 16:23:00 | 000,000,000 | —D | C] — C:UsersMéganeAppDataRoamingZHP
    [2013/11/12 16:19:06 | 006,848,936 | —- | C] (Nicolas Coolman ) — C:UsersMéganeDesktopZHPDiag2.exe
    [2013/11/12 15:56:52 | 000,000,000 | —D | C] — C:AdwCleaner
    [2013/11/09 17:06:26 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Silverlight
    [2013/11/09 17:05:09 | 000,000,000 | —D | C] — C:Program Files (x86)Microsoft Silverlight
    [2013/11/09 17:00:06 | 000,000,000 | —D | C] — C:Program Files (x86)Common FilesAdobe
    [2013/11/09 17:00:06 | 000,000,000 | —D | C] — C:Program Files (x86)Adobe
    [2013/11/09 16:48:22 | 000,000,000 | —D | C] — C:history
    [2013/11/09 16:48:01 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsBing Bureau
    [2013/11/09 16:47:35 | 000,000,000 | —D | C] — C:Program Files (x86)Microsoft
    [2013/11/09 16:30:18 | 010,799,104 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64Windows.UI.Xaml.dll
    [2013/11/09 16:30:15 | 000,914,432 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64UIAutomationCore.dll
    [2013/11/09 16:30:14 | 000,628,736 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64wuapi.dll
    [2013/11/09 16:30:13 | 000,247,296 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64ubpm.dll
    [2013/11/09 16:30:12 | 000,084,992 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64wudriver.dll
    [2013/11/09 16:30:11 | 000,126,976 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64wuwebv.dll
    [2013/11/09 16:30:11 | 000,035,328 | —- | C] (Microsoft Corporation) — C:WindowsSysWow64wuapp.exe
    [2013/11/09 14:44:27 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsBitdefender
    [2013/11/09 14:44:24 | 000,000,000 | —D | C] — C:ProgramDataBDLogging
    [2013/11/09 14:42:48 | 000,511,328 | —- | C] (Microsoft Corporation) — C:Windowscapicom.dll
    [2013/11/09 14:18:23 | 000,000,000 | —D | C] — C:UsersMéganeAppDataRoamingBitdefender
    [2013/11/09 14:10:28 | 000,000,000 | —D | C] — C:ProgramDataBitdefender
    [2013/11/09 14:09:23 | 000,000,000 | —D | C] — C:UsersMéganeAppDataRoamingQuickScan
    [2013/11/08 21:06:17 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome
    [2013/11/07 21:05:05 | 000,000,000 | —D | C] — C:ProgramDataOracle
    [2013/11/07 21:03:32 | 000,000,000 | —D | C] — C:ProgramDataSun
    [2013/11/07 21:03:29 | 000,000,000 | —D | C] — C:Program Files (x86)Common FilesJava
    [2013/11/07 21:03:27 | 000,264,616 | —- | C] (Oracle Corporation) — C:WindowsSysWow64javaws.exe
    [2013/11/07 21:03:15 | 000,096,168 | —- | C] (Oracle Corporation) — C:WindowsSysWow64WindowsAccessBridge-32.dll
    [2013/11/07 21:03:15 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
    [2013/11/07 21:03:14 | 000,175,016 | —- | C] (Oracle Corporation) — C:WindowsSysWow64javaw.exe
    [2013/11/07 21:03:14 | 000,174,504 | —- | C] (Oracle Corporation) — C:WindowsSysWow64java.exe
    [2013/11/07 21:03:05 | 000,000,000 | —D | C] — C:Program Files (x86)Java

    ========== Files – Modified Within 30 Days ==========

    [2013/11/21 18:15:00 | 000,001,088 | —- | M] () — C:WindowstasksGoogleUpdateTaskMachineUA.job
    [2013/11/21 16:09:26 | 000,067,584 | –S- | M] () — C:Windowsbootstat.dat
    [2013/11/21 10:53:58 | 000,019,999 | —- | M] () — C:UsersMéganeDocumentsLittérature 21 novembre.odt
    [2013/11/21 06:44:10 | 000,000,062 | —- | M] () — C:UsersMéganeAppDataRoamingsp_data.sys
    [2013/11/21 06:43:58 | 000,001,084 | —- | M] () — C:WindowstasksGoogleUpdateTaskMachineCore.job
    [2013/11/20 22:51:04 | 268,435,456 | -HS- | M] () — C:swapfile.sys
    [2013/11/20 22:51:03 | 763,097,087 | -HS- | M] () — C:hiberfil.sys
    [2013/11/20 22:41:02 | 000,602,112 | —- | M] (OldTimer Tools) — C:UsersMéganeDesktopOTL.exe
    [2013/11/20 15:50:50 | 000,021,355 | —- | M] () — C:UsersMéganeDocumentsSans nom 1.odt
    [2013/11/19 15:26:44 | 000,023,147 | —- | M] () — C:UsersMéganeDocumentsCivilisation Britannique 19 novembre.odt
    [2013/11/19 14:19:39 | 000,018,319 | —- | M] () — C:UsersMéganeDocumentsCivilisation Américaine TD 19 novembre.odt
    [2013/11/18 22:30:40 | 000,028,023 | —- | M] () — C:UsersMéganeDocumentsResearch paper.odt
    [2013/11/18 15:57:34 | 000,020,970 | —- | M] () — C:UsersMéganeDocumentsAcademic writing pour le 19 novembre.odt
    [2013/11/15 18:07:05 | 000,031,874 | —- | M] () — C:UsersMéganeDocumentsAméricaine civi.odt
    [2013/11/15 18:06:14 | 000,034,874 | —- | M] () — C:UsersMéganeDocumentsResearch paper TEXTS.odt
    [2013/11/15 15:27:02 | 000,002,183 | —- | M] () — C:UsersPublicDesktopGoogle Chrome.lnk
    [2013/11/14 14:40:38 | 000,001,785 | —- | M] () — C:UsersPublicDesktopiTunes.lnk
    [2013/11/14 12:27:24 | 000,025,253 | —- | M] () — C:UsersMéganeDocumentsLittérature 14 Novembre.odt
    [2013/11/13 15:57:30 | 000,021,555 | —- | M] () — C:UsersMéganeDocumentsCivilisation britannique 13nov TD.odt
    [2013/11/13 13:27:27 | 000,000,512 | —- | M] () — C:PhysicalDisk0_MBR.bin
    [2013/11/13 12:04:15 | 001,034,531 | —- | M] (Thisisu) — C:UsersMéganeDesktopJRT.exe
    [2013/11/12 21:52:44 | 000,001,115 | —- | M] () — C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk
    [2013/11/12 21:49:14 | 010,285,040 | —- | M] (Malwarebytes Corporation ) — C:UsersMéganeDesktopmbam-setup-1.75.0.1300.exe
    [2013/11/12 16:25:42 | 000,001,993 | —- | M] () — C:UsersMéganeDesktopZHPFix.lnk
    [2013/11/12 16:25:42 | 000,001,866 | —- | M] () — C:UsersMéganeDesktopZHPDiag.lnk
    [2013/11/12 16:18:06 | 006,848,936 | —- | M] (Nicolas Coolman ) — C:UsersMéganeDesktopZHPDiag2.exe
    [2013/11/12 15:48:00 | 001,085,542 | —- | M] () — C:UsersMéganeDesktopadwcleaner.exe
    [2013/11/12 15:26:06 | 000,026,324 | —- | M] () — C:UsersMéganeDocumentsCivilisation Britannique CM 12 novembre.odt
    [2013/11/12 10:58:52 | 000,026,066 | —- | M] () — C:UsersMéganeDocumentsCivilisation Américaine CM 12 Novembre.odt
    [2013/11/10 19:04:32 | 000,022,406 | —- | M] () — C:UsersMéganeDocumentsPOEM LANGUE ORALE.odt
    [2013/11/09 17:00:23 | 000,002,021 | —- | M] () — C:UsersPublicDesktopAdobe Reader XI.lnk
    [2013/11/09 15:07:14 | 001,142,527 | —- | M] () — C:ProgramData1384002564.bdinstall.bin
    [2013/11/09 14:44:27 | 000,002,192 | —- | M] () — C:UsersPublicDesktopBitdefender Safepay.lnk
    [2013/11/09 14:44:27 | 000,002,148 | —- | M] () — C:UsersPublicDesktopBitdefender Antivirus Plus.lnk
    [2013/11/09 10:35:47 | 000,002,285 | —- | M] () — C:UsersMéganeApplication DataMicrosoftInternet ExplorerQuick LaunchGoogle Chrome.lnk
    [2013/11/07 21:03:06 | 000,264,616 | —- | M] (Oracle Corporation) — C:WindowsSysWow64javaws.exe
    [2013/11/07 21:03:06 | 000,175,016 | —- | M] (Oracle Corporation) — C:WindowsSysWow64javaw.exe
    [2013/11/07 21:03:06 | 000,174,504 | —- | M] (Oracle Corporation) — C:WindowsSysWow64java.exe
    [2013/11/07 21:03:06 | 000,096,168 | —- | M] (Oracle Corporation) — C:WindowsSysWow64WindowsAccessBridge-32.dll
    [2013/11/06 16:41:09 | 000,020,947 | —- | M] () — C:UsersMéganeDocumentsAW cours 05 nov.odt
    [2013/11/06 15:56:47 | 000,022,030 | —- | M] () — C:UsersMéganeDocumentsCours civi brit TD.odt
    [2013/11/05 23:58:57 | 000,694,232 | —- | M] (Adobe Systems Incorporated) — C:WindowsSysWow64FlashPlayerApp.exe
    [2013/11/05 23:58:57 | 000,078,296 | —- | M] (Adobe Systems Incorporated) — C:WindowsSysWow64FlashPlayerCPLApp.cpl
    [2013/11/05 20:25:35 | 000,014,619 | —- | M] () — C:UsersMéganeDocumentsAcademic Writing Mégane Delesalle LCE 2 intro synthèse.odt
    [2013/11/05 15:27:24 | 000,025,030 | —- | M] () — C:UsersMéganeDocumentsCivi UK 05 nov.odt
    [2013/11/05 14:25:48 | 000,013,002 | —- | M] () — C:UsersMéganeDocumentsCivilisation Américaine TD 05 novembre.odt
    [2013/11/05 10:49:32 | 000,023,150 | —- | M] () — C:UsersMéganeDocumentsCivilisation Américaine CM 05 novembre.odt
    [2013/11/01 15:26:51 | 000,018,947 | —- | M] () — C:UsersMéganeDocumentsThe Dormouse and the Doctor.odt
    [2013/10/24 11:30:46 | 000,030,024 | —- | M] () — C:UsersMéganeDocumentsLittérature 24 octobre.odt
    [2013/10/23 13:38:05 | 260,773,880 | —- | M] () — C:UsersMéganeDocumentsIMG_1173.MOV
    [2013/10/23 13:20:42 | 823,969,867 | —- | M] () — C:UsersMéganeDocumentsIMG_1171.MOV

    ========== Files Created – No Company Name ==========

    [2013/11/21 09:36:10 | 000,019,999 | —- | C] () — C:UsersMéganeDocumentsLittérature 21 novembre.odt
    [2013/11/20 15:50:48 | 000,021,355 | —- | C] () — C:UsersMéganeDocumentsSans nom 1.odt
    [2013/11/19 14:25:23 | 000,023,147 | —- | C] () — C:UsersMéganeDocumentsCivilisation Britannique 19 novembre.odt
    [2013/11/19 13:39:18 | 000,018,319 | —- | C] () — C:UsersMéganeDocumentsCivilisation Américaine TD 19 novembre.odt
    [2013/11/15 18:06:11 | 000,034,874 | —- | C] () — C:UsersMéganeDocumentsResearch paper TEXTS.odt
    [2013/11/14 14:40:38 | 000,001,785 | —- | C] () — C:UsersPublicDesktopiTunes.lnk
    [2013/11/14 10:48:54 | 000,025,253 | —- | C] () — C:UsersMéganeDocumentsLittérature 14 Novembre.odt
    [2013/11/13 15:07:22 | 000,021,555 | —- | C] () — C:UsersMéganeDocumentsCivilisation britannique 13nov TD.odt
    [2013/11/12 21:52:44 | 000,001,115 | —- | C] () — C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk
    [2013/11/12 21:06:51 | 000,028,023 | —- | C] () — C:UsersMéganeDocumentsResearch paper.odt
    [2013/11/12 16:32:50 | 000,000,512 | —- | C] () — C:PhysicalDisk0_MBR.bin
    [2013/11/12 16:25:42 | 000,001,993 | —- | C] () — C:UsersMéganeDesktopZHPFix.lnk
    [2013/11/12 16:25:42 | 000,001,866 | —- | C] () — C:UsersMéganeDesktopZHPDiag.lnk
    [2013/11/12 15:56:36 | 001,085,542 | —- | C] () — C:UsersMéganeDesktopadwcleaner.exe
    [2013/11/12 14:33:29 | 000,026,324 | —- | C] () — C:UsersMéganeDocumentsCivilisation Britannique CM 12 novembre.odt
    [2013/11/12 14:31:44 | 000,031,874 | —- | C] () — C:UsersMéganeDocumentsAméricaine civi.odt
    [2013/11/12 12:25:26 | 000,020,970 | —- | C] () — C:UsersMéganeDocumentsAcademic writing pour le 19 novembre.odt
    [2013/11/12 10:04:00 | 000,026,066 | —- | C] () — C:UsersMéganeDocumentsCivilisation Américaine CM 12 Novembre.odt
    [2013/11/10 19:04:29 | 000,022,406 | —- | C] () — C:UsersMéganeDocumentsPOEM LANGUE ORALE.odt
    [2013/11/09 17:00:23 | 000,002,021 | —- | C] () — C:UsersPublicDesktopAdobe Reader XI.lnk
    [2013/11/09 17:00:22 | 000,002,441 | —- | C] () — C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Reader XI.lnk
    [2013/11/09 15:07:14 | 001,142,527 | —- | C] () — C:ProgramData1384002564.bdinstall.bin
    [2013/11/09 14:44:27 | 000,002,192 | —- | C] () — C:UsersPublicDesktopBitdefender Safepay.lnk
    [2013/11/09 14:44:27 | 000,002,148 | —- | C] () — C:UsersPublicDesktopBitdefender Antivirus Plus.lnk
    [2013/11/08 21:06:17 | 000,002,285 | —- | C] () — C:UsersMéganeApplication DataMicrosoftInternet ExplorerQuick LaunchGoogle Chrome.lnk
    [2013/11/08 21:06:17 | 000,002,183 | —- | C] () — C:UsersPublicDesktopGoogle Chrome.lnk
    [2013/11/08 21:05:17 | 000,001,088 | —- | C] () — C:WindowstasksGoogleUpdateTaskMachineUA.job
    [2013/11/08 21:05:16 | 000,001,084 | —- | C] () — C:WindowstasksGoogleUpdateTaskMachineCore.job
    [2013/11/06 16:41:07 | 000,020,947 | —- | C] () — C:UsersMéganeDocumentsAW cours 05 nov.odt
    [2013/11/06 14:18:24 | 000,022,030 | —- | C] () — C:UsersMéganeDocumentsCours civi brit TD.odt
    [2013/11/05 20:25:33 | 000,014,619 | —- | C] () — C:UsersMéganeDocumentsAcademic Writing Mégane Delesalle LCE 2 intro synthèse.odt
    [2013/11/05 15:27:22 | 000,025,030 | —- | C] () — C:UsersMéganeDocumentsCivi UK 05 nov.odt
    [2013/11/05 14:15:49 | 000,013,002 | —- | C] () — C:UsersMéganeDocumentsCivilisation Américaine TD 05 novembre.odt
    [2013/11/05 10:45:37 | 000,023,150 | —- | C] () — C:UsersMéganeDocumentsCivilisation Américaine CM 05 novembre.odt
    [2013/11/01 15:26:48 | 000,018,947 | —- | C] () — C:UsersMéganeDocumentsThe Dormouse and the Doctor.odt
    [2013/10/24 09:05:57 | 000,030,024 | —- | C] () — C:UsersMéganeDocumentsLittérature 24 octobre.odt
    [2013/10/23 16:45:31 | 260,773,880 | —- | C] () — C:UsersMéganeDocumentsIMG_1173.MOV
    [2013/10/23 16:43:16 | 823,969,867 | —- | C] () — C:UsersMéganeDocumentsIMG_1171.MOV
    [2013/09/28 20:31:37 | 000,083,968 | —- | C] () — C:WindowsSysWow64OEMLicense.dll
    [2013/09/28 18:29:43 | 000,000,062 | —- | C] () — C:UsersMéganeAppDataRoamingsp_data.sys
    [2013/04/24 04:36:10 | 000,598,384 | —- | C] () — C:WindowsSysWow64igvpkrng700.bin
    [2013/04/24 04:36:09 | 000,064,512 | —- | C] () — C:WindowsSysWow64igdde32.dll
    [2013/04/24 04:36:08 | 000,754,652 | —- | C] () — C:WindowsSysWow64igcodeckrng700.bin
    [2012/11/27 05:08:26 | 000,024,576 | —- | C] () — C:ProgramDataSetStretch.exe
    [2012/11/27 05:08:26 | 000,000,256 | —- | C] () — C:ProgramDataSetStretch.cmd
    [2012/11/27 05:08:26 | 000,000,103 | —- | C] () — C:ProgramDataSetStretch.VBS
    [2012/07/26 09:13:10 | 000,215,943 | —- | C] () — C:WindowsSysWow64dssec.dat
    [2012/07/26 09:13:09 | 000,000,741 | —- | C] () — C:WindowsSysWow64NOISE.DAT
    [2012/07/26 08:21:26 | 000,067,584 | –S- | C] () — C:Windowsbootstat.dat
    [2012/07/26 02:17:42 | 000,043,520 | —- | C] () — C:WindowsSysWow64BWContextHandler.dll
    [2012/07/25 21:37:29 | 000,043,131 | —- | C] () — C:Windowsmib.bin
    [2012/07/25 21:28:31 | 000,364,544 | —- | C] () — C:WindowsSysWow64msjetoledb40.dll
    [2012/07/25 21:22:56 | 000,267,284 | —- | C] () — C:WindowsSysWow64igvpkrng600.bin
    [2012/07/25 21:22:54 | 000,963,376 | —- | C] () — C:WindowsSysWow64igcodeckrng600.bin
    [2012/06/02 15:31:19 | 000,673,088 | —- | C] () — C:WindowsSysWow64mlang.dat
    [2012/04/20 13:59:44 | 000,001,536 | —- | C] () — C:WindowsSysWow64IusEventLog.dll

    ========== ZeroAccess Check ==========

  • lcemegane
    Participant
    Nombre d'articles : 15

    [HKEY_CURRENT_USERSoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32] /64

    [HKEY_CURRENT_USERSoftwareClassesWow6432nodeclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]

    [HKEY_CURRENT_USERSoftwareClassesclsid{fbeb8a05-beee-4442-804e-409d6c4515e9}InProcServer32] /64

    [HKEY_CURRENT_USERSoftwareClassesWow6432nodeclsid{fbeb8a05-beee-4442-804e-409d6c4515e9}InProcServer32]

    [HKEY_LOCAL_MACHINESoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32] /64
    “” = C:WindowsSysNativeshell32.dll — [2013/08/02 07:28:20 | 019,758,080 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Apartment

    [HKEY_LOCAL_MACHINESoftwareWow6432NodeClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]
    “” = %SystemRoot%system32shell32.dll — [2013/08/02 06:08:10 | 017,561,088 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Apartment

    [HKEY_LOCAL_MACHINESoftwareClassesclsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}InProcServer32] /64
    “” = C:WindowsSysNativewbemfastprox.dll — [2012/07/26 04:05:38 | 001,004,544 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Free

    [HKEY_LOCAL_MACHINESoftwareWow6432NodeClassesclsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}InProcServer32]
    “” = %systemroot%system32wbemfastprox.dll — [2012/07/26 04:18:27 | 000,784,896 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Free

    [HKEY_LOCAL_MACHINESoftwareClassesclsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InProcServer32] /64
    “” = C:WindowsSysNativewbemwbemess.dll — [2012/07/26 04:07:41 | 000,455,680 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Both

    [HKEY_LOCAL_MACHINESoftwareWow6432NodeClassesclsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InProcServer32]

    ========== LOP Check ==========

    [2013/09/28 18:35:23 | 000,000,000 | —D | M] — C:UsersMéganeAppDataRoamingASUS
    [2013/09/28 18:32:17 | 000,000,000 | —D | M] — C:UsersMéganeAppDataRoamingASUS WebStorage
    [2013/11/09 14:18:23 | 000,000,000 | —D | M] — C:UsersMéganeAppDataRoamingBitdefender
    [2013/09/28 23:09:31 | 000,000,000 | —D | M] — C:UsersMéganeAppDataRoamingOpenOffice
    [2013/11/09 14:09:23 | 000,000,000 | —D | M] — C:UsersMéganeAppDataRoamingQuickScan
    [2013/10/12 23:30:26 | 000,000,000 | —D | M] — C:UsersMéganeAppDataRoamingWindows Live Writer
    [2013/11/13 17:47:23 | 000,000,000 | —D | M] — C:UsersMéganeAppDataRoamingZHP

    ========== Purity Check ==========

    ========== Custom Scans ==========

    < MD5 for: AFD.SYS >
    [2013/11/20 19:21:47 | 000,085,417 | —- | M] () MD5=26E4F2C0C82200E7A3554167BFB8AEE6 — C:WindowsWinSxSamd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.2.9200.20814_none_31873dce01162616afd.sys
    [2013/09/04 04:11:23 | 000,576,512 | —- | M] (Microsoft Corporation) MD5=7C0E0EDF18D6CC565D7BFBB451709FA5 — C:WindowsSysNativedriversafd.sys
    [2013/09/04 04:11:23 | 000,576,512 | —- | M] (Microsoft Corporation) MD5=7C0E0EDF18D6CC565D7BFBB451709FA5 — C:WindowsWinSxSamd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.2.9200.16706_none_310a7182e7ee9d09afd.sys
    [2013/10/28 15:07:15 | 000,000,196 | —- | M] () MD5=8259BE7D5467EE9A12912403CD4CBDD7 — C:WindowsWinSxSamd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.2.9200.20555_none_315cf8b60135b7bcafd.sys
    [2013/10/28 15:07:14 | 000,015,446 | —- | M] () MD5=84C557D1F4CBCBD9957AD04DF5852980 — C:WindowsWinSxSamd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.2.9200.16384_none_30b1e9f6e8315547afd.sys
    [2013/11/20 19:21:46 | 000,085,445 | —- | M] () MD5=91ADF1647280F9109E7D650197C3923B — C:WindowsWinSxSamd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.2.9200.16451_none_30cf5ac2e81bb296afd.sys

    < MD5 for: EXPLORER.EXE >
    [2013/06/01 12:34:21 | 002,391,280 | —- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D — C:Windowsexplorer.exe
    [2013/06/01 12:34:21 | 002,391,280 | —- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D — C:WindowsWinSxSamd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1explorer.exe
    [2013/10/28 15:33:28 | 000,191,911 | —- | M] () MD5=14DF6DB9658B54BBDF09B3A27CA4A19C — C:WindowsWinSxSwow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9beccexplorer.exe
    [2013/10/28 15:33:35 | 000,191,929 | —- | M] () MD5=1A89BE62066FC5EBCCEA2EF02735F493 — C:WindowsWinSxSwow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677edexplorer.exe
    [2013/10/28 15:33:22 | 000,193,351 | —- | M] () MD5=3A672801A2E6EE81B17629B7E17D4BF3 — C:WindowsWinSxSwow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1explorer.exe
    [2013/10/27 13:58:25 | 000,217,360 | —- | M] () MD5=3EDEBD7CE52E816C56D444233C485D93 — C:WindowsWinSxSamd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9explorer.exe
    [2013/10/27 13:58:21 | 000,220,321 | —- | M] () MD5=5D93D7A80DD6E75DF7158FED1360A65E — C:WindowsWinSxSamd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2explorer.exe
    [2013/10/27 13:58:18 | 000,220,310 | —- | M] () MD5=75F5916475E2AAE30322A207A4A9D86F — C:WindowsWinSxSamd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1explorer.exe
    [2013/10/28 15:33:40 | 000,190,101 | —- | M] () MD5=A51EC65E784E2ADF4DB6945D255B964B — C:WindowsWinSxSwow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4explorer.exe
    [2013/06/01 11:24:46 | 002,106,176 | —- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC — C:WindowsSysWOW64explorer.exe
    [2013/06/01 11:24:46 | 002,106,176 | —- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC — C:WindowsWinSxSwow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdcexplorer.exe
    [2013/10/27 13:58:14 | 000,221,955 | —- | M] () MD5=F9182F71A0738369A6671DA82DA5D499 — C:WindowsWinSxSamd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6explorer.exe

    < MD5 for: I8042PRT.SYS >
    [2012/07/26 03:28:51 | 000,112,640 | —- | M] (Microsoft Corporation) MD5=C9E9CBF73AFFBFE3E801EFB516787BA3 — C:WindowsSysNativedriversi8042prt.sys
    [2012/07/26 03:28:51 | 000,112,640 | —- | M] (Microsoft Corporation) MD5=C9E9CBF73AFFBFE3E801EFB516787BA3 — C:WindowsSysNativeDriverStoreFileRepositorykeyboard.inf_amd64_1a7f16d14b82baf1i8042prt.sys
    [2012/07/26 03:28:51 | 000,112,640 | —- | M] (Microsoft Corporation) MD5=C9E9CBF73AFFBFE3E801EFB516787BA3 — C:WindowsSysNativeDriverStoreFileRepositorykeyboard.inf_amd64_886e23df8a6acdc0i8042prt.sys
    [2012/07/26 03:28:51 | 000,112,640 | —- | M] (Microsoft Corporation) MD5=C9E9CBF73AFFBFE3E801EFB516787BA3 — C:WindowsSysNativeDriverStoreFileRepositorymsmouse.inf_amd64_df79823e0a537e57i8042prt.sys
    [2012/07/26 03:28:51 | 000,112,640 | —- | M] (Microsoft Corporation) MD5=C9E9CBF73AFFBFE3E801EFB516787BA3 — C:WindowsSysNativeDriverStoreFileRepositorymsmouse.inf_amd64_f105fedfe75017adi8042prt.sys
    [2012/07/26 03:28:51 | 000,112,640 | —- | M] (Microsoft Corporation) MD5=C9E9CBF73AFFBFE3E801EFB516787BA3 — C:WindowsWinSxSamd64_keyboard.inf_31bf3856ad364e35_6.2.9200.16384_none_f018153d62bd2275i8042prt.sys
    [2012/07/26 03:28:51 | 000,112,640 | —- | M] (Microsoft Corporation) MD5=C9E9CBF73AFFBFE3E801EFB516787BA3 — C:WindowsWinSxSamd64_keyboard.inf_31bf3856ad364e35_6.2.9200.16548_none_f04759e16299125bi8042prt.sys
    [2012/07/26 03:28:51 | 000,112,640 | —- | M] (Microsoft Corporation) MD5=C9E9CBF73AFFBFE3E801EFB516787BA3 — C:WindowsWinSxSamd64_keyboard.inf_31bf3856ad364e35_6.2.9200.20652_none_f0c025047bc4360ci8042prt.sys
    [2012/07/26 03:28:51 | 000,112,640 | —- | M] (Microsoft Corporation) MD5=C9E9CBF73AFFBFE3E801EFB516787BA3 — C:WindowsWinSxSamd64_msmouse.inf_31bf3856ad364e35_6.2.9200.16384_none_a6fdb2e15c1f6949i8042prt.sys
    [2012/07/26 03:28:51 | 000,112,640 | —- | M] (Microsoft Corporation) MD5=C9E9CBF73AFFBFE3E801EFB516787BA3 — C:WindowsWinSxSamd64_msmouse.inf_31bf3856ad364e35_6.2.9200.16548_none_a72cf7855bfb592fi8042prt.sys
    [2012/07/26 03:28:51 | 000,112,640 | —- | M] (Microsoft Corporation) MD5=C9E9CBF73AFFBFE3E801EFB516787BA3 — C:WindowsWinSxSamd64_msmouse.inf_31bf3856ad364e35_6.2.9200.20652_none_a7a5c2a875267ce0i8042prt.sys

    < MD5 for: LSASS.EXE >
    [2013/10/27 19:35:14 | 000,002,767 | —- | M] () MD5=84505846DDE8FD8406B07E83F0E0DD74 — C:WindowsWinSxSamd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16384_none_963549021c129d16lsass.exe
    [2013/10/27 19:35:15 | 000,000,552 | —- | M] () MD5=D5FD6314BD84FEFC07B69727682D3A3F — C:WindowsWinSxSamd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.20521_none_96fcc65d3502465clsass.exe
    [2012/11/27 13:56:51 | 000,035,840 | —- | M] (Microsoft Corporation) MD5=F702AB6181513303AB0FC8D59E52708B — C:WindowsSysNativelsass.exe
    [2012/11/27 13:56:51 | 000,035,840 | —- | M] (Microsoft Corporation) MD5=F702AB6181513303AB0FC8D59E52708B — C:WindowsWinSxSamd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16420_none_967229481be58d3blsass.exe

    < MD5 for: NETBT.SYS >
    [2012/07/26 03:24:28 | 000,331,776 | —- | M] (Microsoft Corporation) MD5=7CEC25C682D319D484630B3952C31A11 — C:WindowsSysNativedriversnetbt.sys
    [2012/07/26 03:24:28 | 000,331,776 | —- | M] (Microsoft Corporation) MD5=7CEC25C682D319D484630B3952C31A11 — C:WindowsWinSxSamd64_microsoft-windows-netbt-minwin_31bf3856ad364e35_6.2.9200.16384_none_447628a661a3fbd5netbt.sys

    < MD5 for: SVCHOST.EXE >
    [2013/10/29 22:39:18 | 000,003,208 | —- | M] () MD5=0573DD9D68773C131A9FAA5704A06F27 — C:WindowsWinSxSx86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6svchost.exe
    [2013/10/29 22:39:18 | 000,000,583 | —- | M] () MD5=456068B215A420BADA87E81FFFB796D5 — C:WindowsWinSxSx86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42becsvchost.exe
    [2012/11/27 13:57:03 | 000,023,040 | —- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 — C:WindowsSysWOW64svchost.exe
    [2012/11/27 13:57:03 | 000,023,040 | —- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 — C:WindowsWinSxSx86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cbsvchost.exe
    [2013/04/04 14:50:32 | 000,218,184 | —- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC — C:Program Files (x86)Malwarebytes’ Anti-MalwareChameleonsvchost.exe
    [2013/10/28 13:54:26 | 000,000,609 | —- | M] () MD5=DD1936725249DCAE1CE0320E28861FFD — C:WindowsWinSxSamd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22svchost.exe
    [2012/11/27 13:56:51 | 000,029,696 | —- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 — C:WindowsSysNativesvchost.exe
    [2012/11/27 13:56:51 | 000,029,696 | —- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 — C:WindowsWinSxSamd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401svchost.exe
    [2013/10/28 13:54:26 | 000,002,873 | —- | M] () MD5=F38BADCA4357B1627D9FD36184D2E52D — C:WindowsWinSxSamd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dcsvchost.exe

    < MD5 for: TCPIP.SYS >
    [2013/10/28 14:10:12 | 000,370,088 | —- | M] () MD5=071815CBB272BCB402454DD8F875B42F — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20623_none_0cb1398c09185008tcpip.sys
    [2013/10/28 14:09:39 | 000,373,137 | —- | M] () MD5=22E730340EB813AAB528C07D9AAA0419 — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16384_none_0be7b9b6f02a76edtcpip.sys
    [2013/10/28 14:10:26 | 000,362,050 | —- | M] () MD5=37CD2D458F8DA6D7FBEF99FC18E72209 — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20767_none_0c89fcea0935224ftcpip.sys
    [2013/08/01 11:41:31 | 002,233,688 | —- | M] (Microsoft Corporation) MD5=37D85E873C9531A2F88DD9C63D3F8A9E — C:WindowsSysNativedriverstcpip.sys
    [2013/08/01 11:41:31 | 002,233,688 | —- | M] (Microsoft Corporation) MD5=37D85E873C9531A2F88DD9C63D3F8A9E — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16679_none_0bf790c6f01dd124tcpip.sys
    [2013/10/28 14:09:44 | 000,375,242 | —- | M] () MD5=569C571354EA25FFF495C95C904DD745 — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16420_none_0c2499fceffd6712tcpip.sys
    [2013/10/28 14:09:49 | 000,370,080 | —- | M] () MD5=947C04F67CD3370DE1DFB00341068556 — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16518_none_0c376e1eefee1300tcpip.sys
    [2013/10/28 14:10:31 | 000,358,445 | —- | M] () MD5=A095166E7CE9FC6A31D9ADC66B637EEE — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20787_none_0c745d1209455a31tcpip.sys
    [2013/10/28 14:09:58 | 000,239,494 | —- | M] () MD5=D225229DBDE93E116F2961E84359F3F8 — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16628_none_0c2ca018eff62c18tcpip.sys
    [2013/10/28 14:10:21 | 000,365,875 | —- | M] () MD5=DE5B5B8DAB653634316D80708F245180 — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20733_none_0ca66b8609206920tcpip.sys
    [2013/10/28 14:10:16 | 000,371,879 | —- | M] () MD5=DF03C7D2E96D5EFC6803DF7B448B7A28 — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20652_none_0c8fc97e09318a84tcpip.sys
    [2013/10/28 14:09:54 | 000,264,299 | —- | M] () MD5=E361B462D244BCB7D80B13AF3B3BC9AD — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16548_none_0c16fe5af00666d3tcpip.sys
    [2013/10/28 14:10:02 | 000,236,109 | —- | M] () MD5=F237AA210E578D7DF47A69068FB951CE — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16659_none_0c0d309ef00d9942tcpip.sys
    [2013/10/28 14:10:07 | 000,375,206 | —- | M] () MD5=F5A057C11CF3AE861E65D5BB2C163598 — C:WindowsWinSxSamd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20521_none_0caf3712091a2033tcpip.sys

    < MD5 for: USERINIT.EXE >
    [2012/07/26 04:08:49 | 000,025,088 | —- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 — C:WindowsSysNativeuserinit.exe
    [2012/07/26 04:08:49 | 000,025,088 | —- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 — C:WindowsWinSxSamd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02userinit.exe
    [2012/07/26 04:21:00 | 000,021,504 | —- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 — C:WindowsSysWOW64userinit.exe
    [2012/07/26 04:21:00 | 000,021,504 | —- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 — C:WindowsWinSxSx86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bcccuserinit.exe

    < MD5 for: VOLSNAP.SYS >
    [2013/06/01 13:06:28 | 000,332,032 | —- | M] (Microsoft Corporation) MD5=0548F5D3282A91B69F9D39EE771307F7 — C:WindowsWinSxSamd64_volume.inf_31bf3856ad364e35_6.2.9200.20733_none_6f3f10b49ecf22f7volsnap.sys
    [2012/07/26 05:57:09 | 000,332,016 | —- | M] (Microsoft Corporation) MD5=2FB3CDFD5EAF4CD9D4AFAF96877D13AE — C:WindowsSysNativeDriverStoreFileRepositoryvolume.inf_amd64_9d78abd6ac3df11cvolsnap.sys
    [2012/07/26 05:57:09 | 000,332,016 | —- | M] (Microsoft Corporation) MD5=2FB3CDFD5EAF4CD9D4AFAF96877D13AE — C:WindowsWinSxSamd64_volume.inf_31bf3856ad364e35_6.2.9200.16384_none_6e805ee585d930c4volsnap.sys
    [2013/06/01 12:26:33 | 000,327,936 | —- | M] (Microsoft Corporation) MD5=78A5BBA3819FFFC62FFEC3E2220D102D — C:WindowsSysNativedriversvolsnap.sys
    [2013/06/01 12:26:33 | 000,327,936 | —- | M] (Microsoft Corporation) MD5=78A5BBA3819FFFC62FFEC3E2220D102D — C:WindowsSysNativeDriverStoreFileRepositoryvolume.inf_amd64_84c99cb521dc4714volsnap.sys
    [2013/06/01 12:26:33 | 000,327,936 | —- | M] (Microsoft Corporation) MD5=78A5BBA3819FFFC62FFEC3E2220D102D — C:WindowsWinSxSamd64_volume.inf_31bf3856ad364e35_6.2.9200.16628_none_6ec5454785a4e5efvolsnap.sys

    < MD5 for: WININIT.EXE >
    [2012/07/26 04:08:50 | 000,132,608 | —- | M] (Microsoft Corporation) MD5=FE9AB232B56A12224E8A3F3F9878C9A3 — C:WindowsSysNativewininit.exe
    [2012/07/26 04:08:50 | 000,132,608 | —- | M] (Microsoft Corporation) MD5=FE9AB232B56A12224E8A3F3F9878C9A3 — C:WindowsWinSxSamd64_microsoft-windows-wininit_31bf3856ad364e35_6.2.9200.16384_none_89bc60338e14dc99wininit.exe

    < MD5 for: WINLOGON.EXE >
    [2013/10/28 15:06:56 | 000,053,889 | —- | M] () MD5=6AF441311CCF9608BA772D345D8BCEDC — C:WindowsWinSxSamd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ecwinlogon.exe
    [2013/10/28 15:06:57 | 000,053,884 | —- | M] () MD5=862ECFA441ACF89AFB9C73C749CD7296 — C:WindowsWinSxSamd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32winlogon.exe
    [2013/10/28 15:06:58 | 000,001,620 | —- | M] () MD5=99BAFD1D6569CF375EC0972DF3C64835 — C:WindowsWinSxSamd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328winlogon.exe
    [2013/10/28 15:06:56 | 000,053,876 | —- | M] () MD5=A2E6FF103E376E28D34DA274FE1F638A — C:WindowsWinSxSamd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211winlogon.exe
    [2013/04/04 14:50:32 | 000,218,184 | —- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC — C:Program Files (x86)Malwarebytes’ Anti-MalwareChameleonwinlogon.exe
    [2012/10/11 06:46:58 | 000,517,120 | —- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E — C:WindowsSysNativewinlogon.exe
    [2012/10/11 06:46:58 | 000,517,120 | —- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E — C:WindowsWinSxSamd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07winlogon.exe

    < %APPDATA%*.exe /s >

    < %APPDATA%AdobeUpdate*.* >

    < %APPDATA%Update*.* >

    < %APPDATA%Microsoft*.* >

    < %ALLUSERSPROFILE%Favorites*.* >

    < %ALLUSERSPROFILE%*.* >
    [2013/11/09 15:07:14 | 001,142,527 | —- | M] () — C:ProgramData1384002564.bdinstall.bin
    [2012/09/07 12:40:44 | 000,000,256 | —- | M] () — C:ProgramDataSetStretch.cmd
    [2009/07/22 11:04:00 | 000,024,576 | —- | M] () — C:ProgramDataSetStretch.exe
    [2012/09/07 12:37:49 | 000,000,103 | —- | M] () — C:ProgramDataSetStretch.VBS
    [2013/09/28 18:47:46 | 000,000,105 | —- | M] () — C:ProgramData{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    [2013/09/28 18:45:13 | 000,000,107 | —- | M] () — C:ProgramData{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

    < %SYSTEMDRIVE%*.* >
    [2013/11/13 21:53:31 | 000,005,923 | —- | M] () — C:bdlog.txt
    [2012/07/26 04:44:30 | 000,398,156 | RHS- | M] () — C:bootmgr
    [2012/06/02 15:30:55 | 000,000,001 | -HS- | M] () — C:BOOTNXT
    [2013/11/20 22:51:03 | 763,097,087 | -HS- | M] () — C:hiberfil.sys
    [2013/11/20 22:51:03 | 1006,632,960 | -HS- | M] () — C:pagefile.sys
    [2013/11/13 13:27:27 | 000,000,512 | —- | M] () — C:PhysicalDisk0_MBR.bin
    [2013/11/20 22:51:04 | 268,435,456 | -HS- | M] () — C:swapfile.sys
    [2013/04/01 07:53:21 | 006,293,504 | RH– | M] () — C:X550CA.BIN
    [2013/04/07 09:06:02 | 006,293,504 | RH– | M] () — C:X550CC.BIN
    [2013/04/07 07:58:18 | 006,293,504 | RH– | M] () — C:X550VB.BIN
    [2013/04/07 09:12:38 | 006,293,504 | RH– | M] () — C:X550VC.BIN

    < %PROGRAMFILES%*.* >
    [2012/07/26 09:11:35 | 000,000,174 | -HS- | M] () — C:Program Files (x86)desktop.ini

    < %PROGRAMFILES%Internet Explorer*.* >
    [2012/07/26 04:20:46 | 000,024,576 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet ExplorerExtExport.exe
    [2012/07/26 04:18:34 | 000,051,712 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerhmmapi.dll
    [2012/10/17 21:34:28 | 000,002,843 | —- | M] () — C:Program Files (x86)Internet Explorerie9props.propdesc
    [2012/07/26 04:18:36 | 000,697,344 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Exploreriedvtool.dll
    [2012/07/26 04:20:47 | 000,467,456 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerieinstal.exe
    [2012/07/26 04:20:47 | 000,222,208 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerielowutil.exe
    [2013/10/12 08:02:29 | 000,257,536 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerieproxy.dll
    [2013/08/01 09:36:05 | 000,236,032 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet ExplorerIEShims.dll
    [2013/02/21 12:28:11 | 000,770,608 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Exploreriexplore.exe
    [2012/07/26 04:18:47 | 000,440,320 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerjsdbgui.dll
    [2013/04/28 23:30:12 | 000,108,032 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerjsdebuggeride.dll
    [2012/07/26 04:18:47 | 000,052,224 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet ExplorerJSProfilerCore.dll
    [2012/07/26 04:18:47 | 000,147,456 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerjsprofilerui.dll
    [2012/06/21 20:03:37 | 000,285,080 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorermsdbg2.dll
    [2012/07/26 04:19:24 | 000,294,400 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorernetworkinspection.dll
    [2012/06/21 20:03:37 | 000,392,080 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerpdm.dll
    [2012/06/21 20:03:37 | 000,070,568 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorerpdmproxy100.dll
    [2012/07/26 04:19:56 | 000,219,648 | —- | M] (Microsoft Corporation) — C:Program Files (x86)Internet Explorersqmapi.dll

    < %USERPROFILE%*.* >
    [2013/11/20 23:20:38 | 001,835,008 | -HS- | M] () — C:UsersMéganeNTUSER.DAT
    [2013/09/28 18:27:32 | 000,208,896 | -HS- | M] () — C:UsersMéganentuser.dat.LOG1
    [2013/09/28 18:27:32 | 000,000,000 | -HS- | M] () — C:UsersMéganentuser.dat.LOG2
    [2013/09/28 18:48:34 | 000,065,536 | -HS- | M] () — C:UsersMéganeNTUSER.DAT{c62ccdc3-d701-11e1-9f13-782bcb37b9d5}.TM.blf
    [2013/09/28 18:48:34 | 000,524,288 | -HS- | M] () — C:UsersMéganeNTUSER.DAT{c62ccdc3-d701-11e1-9f13-782bcb37b9d5}.TMContainer00000000000000000001.regtrans-ms
    [2013/09/28 18:27:43 | 000,524,288 | -HS- | M] () — C:UsersMéganeNTUSER.DAT{c62ccdc3-d701-11e1-9f13-782bcb37b9d5}.TMContainer00000000000000000002.regtrans-ms
    [2013/09/28 18:27:32 | 000,000,020 | -HS- | M] () — C:UsersMéganentuser.ini

    < %Temp%smtmp1*.* >

    < %Temp%smtmp2*.* >

    < %Temp%smtmp3*.* >

    < %Temp%smtmp4*.* >

    < %USERPROFILE%Local SettingsTemp*.exe >

    < %USERPROFILE%Local SettingsTemp*.dll >

    < %USERPROFILE%Application Data*.exe >

    < %systemroot%system32DBBK*.* /s >

    < %systemroot%system32configsystemprofile*.* >

    < %systemroot%*. /mp /s >

    < %systemroot%*.exe /90 >

    < %systemroot%system32*.dll /lockedfiles >
    [2012/07/26 04:19:52 | 000,156,160 | —- | M] (Microsoft Corporation) Unable to obtain MD5 — C:Windowssystem32scrrun.dll

    < %systemroot%system32*.dll /90 >
    [2013/10/02 00:37:53 | 002,035,712 | —- | M] (Microsoft Corporation) — C:Windowssystem32authui.dll
    [2013/10/02 00:37:57 | 001,569,280 | —- | M] (Microsoft Corporation) — C:Windowssystem32crypt32.dll
    [2013/10/01 23:22:19 | 001,022,976 | —- | M] (Microsoft Corporation) — C:Windowssystem32gdi32.dll
    [2013/10/12 08:02:28 | 013,761,024 | —- | M] (Microsoft Corporation) — C:Windowssystem32ieframe.dll
    [2013/10/12 08:02:29 | 002,049,024 | —- | M] (Microsoft Corporation) — C:Windowssystem32iertutil.dll
    [2013/10/12 08:02:33 | 000,690,688 | —- | M] (Microsoft Corporation) — C:Windowssystem32jscript.dll
    [2013/10/12 08:02:33 | 002,877,952 | —- | M] (Microsoft Corporation) — C:Windowssystem32jscript9.dll
    [2013/10/12 08:02:48 | 000,493,056 | —- | M] (Microsoft Corporation) — C:Windowssystem32msfeeds.dll
    [2013/10/12 08:02:49 | 014,355,968 | —- | M] (Microsoft Corporation) — C:Windowssystem32mshtml.dll
    [2013/09/23 23:30:03 | 000,323,072 | —- | M] (Microsoft Corporation) — C:Windowssystem32schannel.dll
    [2013/09/13 23:36:14 | 000,247,296 | —- | M] (Microsoft Corporation) — C:Windowssystem32ubpm.dll
    [2013/08/30 00:48:12 | 000,914,432 | —- | M] (Microsoft Corporation) — C:Windowssystem32UIAutomationCore.dll
    [2013/10/12 08:03:41 | 001,138,176 | —- | M] (Microsoft Corporation) — C:Windowssystem32urlmon.dll
    [2013/11/07 21:03:06 | 000,096,168 | —- | M] (Oracle Corporation) — C:Windowssystem32WindowsAccessBridge-32.dll
    [2013/10/12 08:03:50 | 001,767,936 | —- | M] (Microsoft Corporation) — C:Windowssystem32wininet.dll
    [2013/09/13 23:36:23 | 000,628,736 | —- | M] (Microsoft Corporation) — C:Windowssystem32wuapi.dll
    [2013/09/13 23:36:23 | 000,084,992 | —- | M] (Microsoft Corporation) — C:Windowssystem32wudriver.dll
    [2013/09/13 23:36:23 | 000,126,976 | —- | M] (Microsoft Corporation) — C:Windowssystem32wuwebv.dll

    < %systemroot%system32drivers*.sys /lockedfiles >

    < %systemroot%system32drivers*.sys /90 >

    < %systemroot%system32*.exe /90 >
    [2013/11/05 23:58:57 | 000,694,232 | —- | M] (Adobe Systems Incorporated) — C:Windowssystem32FlashPlayerApp.exe
    [2013/11/07 21:03:06 | 000,174,504 | —- | M] (Oracle Corporation) — C:Windowssystem32java.exe
    [2013/11/07 21:03:06 | 000,175,016 | —- | M] (Oracle Corporation) — C:Windowssystem32javaw.exe
    [2013/11/07 21:03:06 | 000,264,616 | —- | M] (Oracle Corporation) — C:Windowssystem32javaws.exe
    [2013/09/13 23:36:37 | 000,035,328 | —- | M] (Microsoft Corporation) — C:Windowssystem32wuapp.exe

    < %systemroot%system32config*.sav >

    < %systemroot%system32spoolprtprocsw32x86*.* >

    < %systemroot%Tasks*.job /lockedfiles >

    < %systemroot%assemblytmp*.* /S /MD5 >

    < %systemroot%assemblyGAC_32*.* /S /MD5 >
    [2013/09/28 23:00:40 | 000,064,512 | —- | M] () MD5=D3BCB3507FC6FCE55514BDD786826858 — C:WindowsassemblyGAC_32cli_cppuhelper1.0.22.0__ce2cb7e279207b9ecli_cppuhelper.dll
    [2012/07/26 11:07:31 | 000,069,120 | —- | M] (Microsoft Corporation) MD5=2FCC6FAEFA0148BEDD4AE0920822DE06 — C:WindowsassemblyGAC_32CustomMarshalers2.0.0.0__b03f5f7f11d50a3aCustomMarshalers.dll
    [2012/07/26 11:07:31 | 000,072,192 | —- | M] (Microsoft Corporation) MD5=AEB7F131417C3D92E2672B1D6F6DB3E8 — C:WindowsassemblyGAC_32ISymWrapper2.0.0.0__b03f5f7f11d50a3aISymWrapper.dll
    [2012/07/26 04:35:58 | 000,507,904 | —- | M] (Microsoft Corporation) MD5=AC32B98EC555DD4C8EC20D470EAF9C37 — C:WindowsassemblyGAC_32Microsoft.Ink6.1.0.0__31bf3856ad364e35Microsoft.Ink.dll
    [2012/07/26 04:33:07 | 000,077,824 | —- | M] ( ) MD5=1D9787D7A38F8696ACABA7B474B751B5 — C:WindowsassemblyGAC_32Microsoft.Interop.Security.AzRoles2.0.0.0__31bf3856ad364e35Microsoft.Interop.Security.AzRoles.dll
    [2012/07/26 11:07:31 | 000,163,840 | —- | M] (Microsoft Corporation) MD5=C852020936B347DE9520E33F3EC92FC9 — C:WindowsassemblyGAC_32Microsoft.Transactions.Bridge.Dtc3.0.0.0__b03f5f7f11d50a3aMicrosoft.Transactions.Bridge.Dtc.dll
    [2012/07/26 11:07:31 | 000,088,648 | —- | M] (Microsoft Corporation) MD5=26546FCB401ACEE13CC9258DCB2479DF — C:WindowsassemblyGAC_32MSBuild3.5.0.0__b03f5f7f11d50a3aMSBuild.exe
    [2012/07/26 11:07:31 | 000,001,581 | —- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 — C:WindowsassemblyGAC_32MSBuild3.5.0.0__b03f5f7f11d50a3amsbuild.exe.config
    [2012/07/26 11:07:31 | 000,066,728 | —- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089big5.nlp
    [2012/07/26 11:07:31 | 000,082,172 | —- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089bopomofo.nlp
    [2012/07/26 11:07:31 | 000,116,756 | —- | M] () MD5=F6DFDA5A31162D848634504565F6D321 — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089ksc.nlp
    [2013/04/22 23:08:36 | 004,554,752 | —- | M] (Microsoft Corporation) MD5=917174B2C503F870134F2573D8A080B1 — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089mscorlib.dll
    [2012/06/02 15:34:41 | 000,059,342 | —- | M] () MD5=DA5748A89E22A3932387E65694B25BBB — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089normidna.nlp
    [2012/07/26 11:07:31 | 000,045,794 | —- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089normnfc.nlp
    [2012/07/26 11:07:31 | 000,039,284 | —- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089normnfd.nlp
    [2012/07/26 11:07:31 | 000,066,384 | —- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089normnfkc.nlp
    [2012/07/26 11:07:31 | 000,060,294 | —- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089normnfkd.nlp
    [2012/07/26 11:07:31 | 000,083,748 | —- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089prc.nlp
    [2012/07/26 11:07:31 | 000,083,748 | —- | M] () MD5=901863C68E6523336CAC602FE9320ABC — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089prcp.nlp
    [2012/07/26 11:07:31 | 000,262,148 | —- | M] () MD5=FB59D247F7143C3B9683A547E808A88B — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089sortkey.nlp
    [2012/07/26 11:07:31 | 000,020,320 | —- | M] () MD5=FF13BA175F0013D2311827E0D438C60B — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089sorttbls.nlp
    [2012/07/26 11:07:31 | 000,028,288 | —- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 — C:WindowsassemblyGAC_32mscorlib2.0.0.0__b77a5c561934e089xjis.nlp
    [2013/09/28 23:00:58 | 000,000,382 | —- | M] () MD5=5B5249684E45C53333ACB2703BC03AB3 — C:WindowsassemblyGAC_32policy.1.0.cli_cppuhelper22.0.0.0__ce2cb7e279207b9ecli_cppuhelper.config
    [2013/09/28 23:00:58 | 000,003,072 | —- | M] () MD5=1FF8B0F021D111AE9086BB8C523C415E — C:WindowsassemblyGAC_32policy.1.0.cli_cppuhelper22.0.0.0__ce2cb7e279207b9epolicy.1.0.cli_cppuhelper.dll
    [2013/04/15 23:06:09 | 004,218,880 | —- | M] (Microsoft Corporation) MD5=0937AB1E040F230B8E6B62AAC2A2466F — C:WindowsassemblyGAC_32PresentationCore3.0.0.0__31bf3856ad364e35PresentationCore.dll
    [2012/07/26 11:07:31 | 000,000,161 | —- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 — C:WindowsassemblyGAC_32PresentationCore3.0.0.0__31bf3856ad364e35PresentationFontCache.exe.config
    [2013/04/19 23:05:22 | 001,737,888 | —- | M] (Microsoft Corporation) MD5=E8D5378C39F5E29ADA63731E84D4E1DE — C:WindowsassemblyGAC_32PresentationCore3.0.0.0__31bf3856ad364e35wpfgfx_v0300.dll
    [2012/07/26 11:07:31 | 000,487,424 | —- | M] (Microsoft Corporation) MD5=4527346262FDD0C69A576D371EE8CB64 — C:WindowsassemblyGAC_32System.Data.OracleClient2.0.0.0__b77a5c561934e089System.Data.OracleClient.dll
    [2012/07/26 11:07:31 | 002,972,672 | —- | M] (Microsoft Corporation) MD5=618228D67A57FB200B9A7BD2C209D79E — C:WindowsassemblyGAC_32System.Data2.0.0.0__b77a5c561934e089System.Data.dll
    [2012/07/26 11:07:31 | 000,258,048 | —- | M] (Microsoft Corporation) MD5=2659B71D13230829087077B68BA830BE — C:WindowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.dll
    [2012/07/26 11:07:31 | 000,113,664 | —- | M] (Microsoft Corporation) MD5=9671883E8186BA39239DC5898FD37A8F — C:WindowsassemblyGAC_32System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.Wrapper.dll
    [2013/04/15 23:06:10 | 000,368,640 | —- | M] (Microsoft Corporation) MD5=C103356DCF724945D8C433FBD30AB4FB — C:WindowsassemblyGAC_32System.Printing3.0.0.0__31bf3856ad364e35System.Printing.dll
    [2012/07/26 11:07:31 | 000,261,632 | —- | M] (Microsoft Corporation) MD5=81B8522AD3919354ADCABDFE9DE67507 — C:WindowsassemblyGAC_32System.Transactions2.0.0.0__b77a5c561934e089System.Transactions.dll
    [2013/07/01 23:08:23 | 005,283,840 | —- | M] (Microsoft Corporation) MD5=43AD57997F6FC967115C9B5682F5CA33 — C:WindowsassemblyGAC_32System.Web2.0.0.0__b03f5f7f11d50a3aSystem.Web.dll

    < %systemroot%assemblyGAC_64*.* /S /MD5 >
    [2012/07/26 11:07:31 | 000,080,896 | —- | M] (Microsoft Corporation) MD5=0D3A2740C6FDDAA77F59064BF067EE14 — C:WindowsassemblyGAC_64CustomMarshalers2.0.0.0__b03f5f7f11d50a3aCustomMarshalers.dll
    [2012/07/26 11:07:31 | 000,089,600 | —- | M] (Microsoft Corporation) MD5=5DDE7B014A187A2FC30188AD9E938593 — C:WindowsassemblyGAC_64ISymWrapper2.0.0.0__b03f5f7f11d50a3aISymWrapper.dll
    [2012/07/26 05:57:15 | 000,507,904 | —- | M] (Microsoft Corporation) MD5=A3FFC426D703E43F3CB900E6E37FB259 — C:WindowsassemblyGAC_64Microsoft.Ink6.1.0.0__31bf3856ad364e35Microsoft.Ink.dll
    [2012/07/26 05:51:28 | 000,077,824 | —- | M] ( ) MD5=3706F6F41747E9B3DAA21CC5A61B3454 — C:WindowsassemblyGAC_64Microsoft.Interop.Security.AzRoles2.0.0.0__31bf3856ad364e35Microsoft.Interop.Security.AzRoles.dll
    [2012/07/06 03:02:29 | 000,163,840 | —- | M] (Microsoft Corporation) MD5=17D61C19D5E1A4FC7750A5EC8EE4FC84 — C:WindowsassemblyGAC_64Microsoft.Transactions.Bridge.Dtc3.0.0.0__b03f5f7f11d50a3aMicrosoft.Transactions.Bridge.Dtc.dll
    [2012/07/26 11:07:31 | 000,084,552 | —- | M] (Microsoft Corporation) MD5=B43FDCDFC40BC5EFD272CF73FEC94D5F — C:WindowsassemblyGAC_64MSBuild3.5.0.0__b03f5f7f11d50a3aMSBuild.exe
    [2012/07/26 11:07:31 | 000,001,581 | —- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 — C:WindowsassemblyGAC_64MSBuild3.5.0.0__b03f5f7f11d50a3amsbuild.exe.config
    [2012/07/26 11:07:31 | 000,066,728 | —- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089big5.nlp
    [2012/07/26 11:07:31 | 000,082,172 | —- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089bopomofo.nlp
    [2012/07/26 11:07:31 | 000,116,756 | —- | M] () MD5=F6DFDA5A31162D848634504565F6D321 — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089ksc.nlp
    [2013/04/22 23:08:48 | 004,571,136 | —- | M] (Microsoft Corporation) MD5=626A1631844751737C565DA9ED550000 — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089mscorlib.dll
    [2012/06/02 15:33:37 | 000,059,342 | —- | M] () MD5=DA5748A89E22A3932387E65694B25BBB — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089normidna.nlp
    [2012/07/26 11:07:31 | 000,045,794 | —- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089normnfc.nlp
    [2012/07/26 11:07:31 | 000,039,284 | —- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089normnfd.nlp
    [2012/07/26 11:07:31 | 000,066,384 | —- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089normnfkc.nlp
    [2012/07/26 11:07:31 | 000,060,294 | —- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089normnfkd.nlp
    [2012/07/26 11:07:31 | 000,083,748 | —- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089prc.nlp
    [2012/07/26 11:07:31 | 000,083,748 | —- | M] () MD5=901863C68E6523336CAC602FE9320ABC — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089prcp.nlp
    [2012/07/26 11:07:31 | 000,262,148 | —- | M] () MD5=FB59D247F7143C3B9683A547E808A88B — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089sortkey.nlp
    [2012/07/26 11:07:31 | 000,020,320 | —- | M] () MD5=FF13BA175F0013D2311827E0D438C60B — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089sorttbls.nlp
    [2012/07/26 11:07:31 | 000,028,288 | —- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 — C:WindowsassemblyGAC_64mscorlib2.0.0.0__b77a5c561934e089xjis.nlp
    [2013/04/15 23:08:00 | 003,999,232 | —- | M] (Microsoft Corporation) MD5=4A88998AA8C740A6FAEAD7F6C2F14127 — C:WindowsassemblyGAC_64PresentationCore3.0.0.0__31bf3856ad364e35PresentationCore.dll
    [2012/07/26 11:07:31 | 000,000,161 | —- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 — C:WindowsassemblyGAC_64PresentationCore3.0.0.0__31bf3856ad364e35PresentationFontCache.exe.config
    [2013/04/19 23:05:48 | 002,256,032 | —- | M] (Microsoft Corporation) MD5=234DA4E47055B32DD833FBD0F4FA4D8B — C:WindowsassemblyGAC_64PresentationCore3.0.0.0__31bf3856ad364e35wpfgfx_v0300.dll
    [2012/07/26 11:07:31 | 000,503,296 | —- | M] (Microsoft Corporation) MD5=5A25DE07B2D2BE53AEA6E08B50F8E197 — C:WindowsassemblyGAC_64System.Data.OracleClient2.0.0.0__b77a5c561934e089System.Data.OracleClient.dll
    [2012/07/26 11:07:31 | 003,145,216 | —- | M] (Microsoft Corporation) MD5=9CBB1B96CF309000C3ABBFC12464D74D — C:WindowsassemblyGAC_64System.Data2.0.0.0__b77a5c561934e089System.Data.dll
    [2012/07/26 11:07:31 | 000,245,760 | —- | M] (Microsoft Corporation) MD5=A6302FCEB4495D9EE7BB94A597081C94 — C:WindowsassemblyGAC_64System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.dll
    [2012/07/26 11:07:31 | 000,133,120 | —- | M] (Microsoft Corporation) MD5=1B2A8DA0CAE0D8B8818ED70FF23591DA — C:WindowsassemblyGAC_64System.EnterpriseServices2.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.Wrapper.dll
    [2013/04/15 23:08:00 | 000,357,888 | —- | M] (Microsoft Corporation) MD5=AE9897E5790B23A18E82D6BB8ECA143B — C:WindowsassemblyGAC_64System.Printing3.0.0.0__31bf3856ad364e35System.Printing.dll
    [2012/07/26 11:07:31 | 000,283,136 | —- | M] (Microsoft Corporation) MD5=05B1D09454ACA804B286964CCF556E04 — C:WindowsassemblyGAC_64System.Transactions2.0.0.0__b77a5c561934e089System.Transactions.dll
    [2013/07/01 23:08:45 | 005,292,032 | —- | M] (Microsoft Corporation) MD5=0162FF86E799F25BAFE532194975A11F — C:WindowsassemblyGAC_64System.Web2.0.0.0__b03f5f7f11d50a3aSystem.Web.dll

    < %windir%ServiceProfilesLocalServiceAppDataLocalTemp*.* >
    [2013/11/20 22:54:19 | 000,739,756 | —- | M] () — C:WindowsServiceProfilesLocalServiceAppDataLocalTempMpCmdRun.log
    [2013/11/21 09:56:58 | 000,145,504 | —- | M] () — C:WindowsServiceProfilesLocalServiceAppDataLocalTempwinstore.log

    < %windir%ServiceProfilesNetworkServiceAppDataLocalTemp*.* >
    [2013/11/09 14:18:26 | 000,002,098 | —- | M] () — C:WindowsServiceProfilesNetworkServiceAppDataLocalTempMpCmdRun.log

    < %windir%temp*.* >

    < "%WinDir%$NtUninstallKB*$." /30 >

    < HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsConnections >
    “DefaultConnectionSettings” = 46 00 00 00 E5 00 00 00 09 00 00 00 00 00 00 00 07 00 00 00 2A 2E 6C 6F 63 61 6C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 0A BC 7A 16 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 5E F5 79 FD 14 8D 14 9C D1 3E 59 39 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
    “SavedLegacySettings” = 46 00 00 00 5A 03 00 00 09 00 00 00 00 00 00 00 07 00 00 00 2A 2E 6C 6F 63 61 6C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 0A BC 7A 16 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 5E F5 79 FD 14 8D 14 9C D1 3E 59 39 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]

    < HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateAU >

    < HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall|LastSuccessTime /rs >

    < C:Program FilesCommon FilesComObjects*.* / >
    Invalid Switch:

    < %ALLUSERSPROFILE%Application Data*.exe /s >

    < End of report >

  • lcemegane
    Participant
    Nombre d'articles : 15

    Voici le rapport extras.txt

    OTL Extras logfile created on: 21/11/2013 18:22:10 – Run 1
    OTL by OldTimer – Version 3.2.69.0 Folder = C:UsersMéganeDesktop
    64bit- An unknown product (Version = 6.2.9200) – Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16736)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    5,89 Gb Total Physical Memory | 4,36 Gb Available Physical Memory | 74,01% Memory free
    6,83 Gb Paging File | 4,85 Gb Available in Paging File | 71,04% Paging File free
    Paging file location(s): ?:pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)
    Drive C: | 279,45 Gb Total Space | 212,66 Gb Free Space | 76,10% Space Free | Partition Type: NTFS
    Drive D: | 397,87 Gb Total Space | 397,62 Gb Free Space | 99,94% Space Free | Partition Type: NTFS

    Computer Name: PC-MEGANE | User Name: Mégane | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========

    ========== File Associations ==========

    [HKEY_LOCAL_MACHINESOFTWAREClasses]
    .cpl [@ = cplfile] — C:WindowsSysWow64control.exe (Microsoft Corporation)
    .html [@ = htmlfile] — C:Program FilesInternet ExplorerIEXPLORE.EXE (Microsoft Corporation)

    [HKEY_USERSS-1-5-21-1305010613-2064220777-3922521960-1002SOFTWAREClasses]
    .html [@ = ChromeHTML] — Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
    batfile [open] — “%1” %*
    cmdfile [open] — “%1” %*
    comfile [open] — “%1” %*
    cplfile [cplopen] — %SystemRoot%System32control.exe “%1”,%* (Microsoft Corporation)
    exefile [open] — “%1” %*
    helpfile [open] — Reg Error: Key error.
    htmlfile [edit] — Reg Error: Key error.
    htmlfile [open] — “C:Program FilesInternet ExplorerIEXPLORE.EXE” -nohome (Microsoft Corporation)
    htmlfile [opennew] — “C:Program FilesInternet Exploreriexplore.exe” %1 (Microsoft Corporation)
    htmlfile [print] — “%systemroot%system32rundll32.exe” “%systemroot%system32mshtml.dll”,PrintHTML “%1”
    http [open] — “C:Program FilesInternet Exploreriexplore.exe” %1 (Microsoft Corporation)
    https [open] — “C:Program FilesInternet Exploreriexplore.exe” %1 (Microsoft Corporation)
    inffile [install] — %SystemRoot%System32InfDefaultInstall.exe “%1” (Microsoft Corporation)
    piffile [open] — “%1” %*
    regfile [merge] — Reg Error: Key error.
    scrfile [config] — “%1”
    scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] — “%1” /S
    txtfile [edit] — Reg Error: Key error.
    Unknown [openas] — %SystemRoot%system32OpenWith.exe “%1” (Microsoft Corporation)
    Directory [cmd] — cmd.exe /s /k pushd “%V” (Microsoft Corporation)
    Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
    Folder [open] — %SystemRoot%Explorer.exe (Microsoft Corporation)
    Folder [explore] — Reg Error: Value error.
    Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
    Applicationsiexplore.exe [open] — “C:Program FilesInternet Exploreriexplore.exe” %1 (Microsoft Corporation)
    CLSID{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] — Reg Error: Value error.

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
    “EnableFirewall” = 1
    “DisableNotifications” = 0

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
    “EnableFirewall” = 1
    “DisableNotifications” = 0

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]
    “EnableFirewall” = 1
    “DisableNotifications” = 0

    ========== Authorized Applications List ==========

    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
    “{4C1789D6-621D-4F17-9943-42622DA203BA}” = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    “{E09C51D2-1F9F-41A6-BEA7-8B93DB621409}” = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
    “{04481ECC-55C2-41CD-A11C-2B0613905FAF}” = dir=out | name=pinball fx2 |
    “{06EEF38E-CA01-4E5A-A1C7-E57922EF2ABE}” = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
    “{19998B2A-C3C0-4894-9183-DF97D56495E3}” = dir=out | name=@{codeblenders.horscopodiario_1.1.0.0_neutral__e1fj52hy2zdf6?ms-resource://codeblenders.horscopodiario/resources/appname} |
    “{19A1FC0B-CB14-4FF3-B28D-00D86FA24C1D}” = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
    “{1A202387-7AEE-4302-A19E-03B78B27197F}” = dir=out | name=adera |
    “{20D66489-2B03-4FE7-9FB5-E8CBCCDA4390}” = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
    “{223673DB-27B0-4D58-BE35-4D8AE4879B0B}” = dir=out | name=mytf1 |
    “{244E2A9A-D92A-4975-A86E-E1C7D0D91719}” = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
    “{282A0477-787B-4C9E-A9A0-07BE7DEB4991}” = protocol=17 | dir=in | app=c:program filescommon filesmcafeeplatformmcsvchostmcsvhost.exe |
    “{323A3B21-6DFB-4FC2-A605-4D80484ABEB4}” = protocol=17 | dir=in | app=c:program files (x86)bonjourmdnsresponder.exe |
    “{33907CBA-EF85-4B9B-92FE-42599538FEDA}” = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
    “{37CDA6EA-BB92-4512-B494-38F63AF1DFFE}” = dir=out | name=@{aheadsolutions.hangmandeluxepremium_1.0.0.18_x64__dyv241ra4wh74?ms-resource://aheadsolutions.hangmandeluxepremium/resources/appname} |
    “{386D5EFE-B53B-4446-964D-6B2600664AAF}” = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
    “{3BE61E84-5913-4603-9858-F414A7788EE2}” = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
    “{41A58919-84C1-42D2-A031-926A1562DA5F}” = dir=in | app=c:program files (x86)common filesappleapple application supportwebkit2webprocess.exe |
    “{456FBF2A-AF29-4E1E-B2D2-E4C74DDFE161}” = dir=out | name=taptiles |
    “{49D88D91-8886-4771-91AE-762AE6FFBA64}” = dir=in | app=c:program files (x86)itunesitunes.exe |
    “{4E5DB9CC-470A-4726-BB2A-1BABFB33A3A5}” = dir=out | name=windows_ie_ac_001 |
    “{518991F3-59CA-410F-A53F-2B8B34A2BB1A}” = dir=out | name=@{microsoft.zunemusic_1.5.146.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
    “{57C0F666-E390-4EA9-A1C4-F5B25AC7673B}” = protocol=6 | dir=in | app=c:program filescommon filesmcafeemcsvchostmcsvhost.exe |
    “{5A5DC8C7-17DE-4ABA-8242-8914677BA8C9}” = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
    “{5A88D716-4169-41AF-A558-D5CB53E0AC7A}” = dir=in | app=c:program files (x86)windows livemessengermsnmsgr.exe |
    “{727FE76E-EE93-4622-B39F-D2F5154FB042}” = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
    “{7AB74C4D-79D6-4C3A-B984-FE703D5B58C6}” = dir=out | name=fresh paint |
    “{7AFE8FEE-2281-4F5F-89CC-20BB59250CB2}” = protocol=6 | dir=in | app=c:program filesbonjourmdnsresponder.exe |
    “{7CD29738-74EC-48C1-AC8D-D2087A1ED9AC}” = protocol=17 | dir=in | app=c:program filesbonjourmdnsresponder.exe |
    “{808F1451-4108-46FD-ADBB-F17324B5F0BD}” = dir=out | name=@{c:windowswinstoreresources.pri?ms-resource://winstore/resources/displayname} |
    “{83364510-BC22-402E-8F38-0FF207CB4227}” = dir=out | name=@{microsoft.skypeapp_1.0.0.266_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
    “{8604A0FF-DB31-4A24-B07F-4368D2706231}” = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
    “{863251B7-EE78-4CF0-925C-6261A0159C07}” = protocol=6 | dir=in | app=c:program files (x86)bonjourmdnsresponder.exe |
    “{945D9678-51F8-4FCC-9520-818455886723}” = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
    “{94A6CC64-68AF-48EE-A747-582936D755ED}” = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
    “{967E2A47-828B-42F1-9994-E30081710B32}” = protocol=17 | dir=in | app=c:program filescommon filesmcafeemcsvchostmcsvhost.exe |
    “{AB58B4D8-7B1C-4752-8379-5D4A3C3A9C44}” = dir=in | app=c:program files (x86)cyberlinkpowerdvd10powerdvd cinemapowerdvdcinema10.exe |
    “{ABF2F8C9-AE85-4B78-9C98-3F705819B82B}” = dir=in | name=pinball fx2 |
    “{AE0AD75A-CBB0-4D6E-B608-B1D3A32B86F5}” = dir=in | app=c:program files (x86)windows livecontactswlcomm.exe |
    “{BB0A1068-4D31-4C90-9AAB-213E8C5D99F4}” = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
    “{BB820669-85E8-4DEC-A118-26B762566434}” = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
    “{C4C7D0F2-F5ED-4D80-AA2F-8C53FB8A950C}” = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
    “{C6B1742C-68F0-488F-BD22-19900F51D440}” = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
    “{C72B7DB9-571F-44E3-9484-D865DCD0276C}” = dir=out | name=météo-france |
    “{CB85612C-7287-48C5-9FA7-81739FC2A9A5}” = dir=in | name=@{microsoft.skypeapp_1.0.0.266_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
    “{D11E040F-3350-45C7-94D8-A66FEB69F093}” = dir=out | name=microsoft solitaire collection |
    “{D2320122-572B-4394-9097-A943F0FFC441}” = dir=in | app=c:program files (x86)cyberlinkpowerdvd10powerdvd10.exe |
    “{D585DFF9-AC83-47A0-BB37-D6FC5F468A1C}” = protocol=6 | dir=in | app=c:program filescommon filesmcafeeplatformmcsvchostmcsvhost.exe |
    “{DA3E476E-4C95-4E86-BC07-ACBDFC51DBF9}” = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
    “{DA99D871-481D-44B7-AEFB-1E4B5B744D04}” = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
    “{DADAFDC4-54FE-4415-961A-5CB18F825CD9}” = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
    “{E7985E1D-C36F-4787-80A8-6350D07E9266}” = dir=in | name=@{c:windowswinstoreresources.pri?ms-resource://winstore/resources/displayname} |
    “{EB0B3F5A-43CB-4F63-98E9-8A98D58A3C8F}” = dir=in | name=météo-france |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
    “{03D562B5-C4E2-4846-A920-33178788BE00}” = Windows Live Communications Platform
    “{0969AF05-4FF6-4C00-9406-43599238DE0D}” = ASUS Splendid Video Enhancement Technology
    “{0F929651-F516-4956-90F2-FFBD2CD5D30E}” = Photo Gallery
    “{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}” = Movie Maker
    “{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}” = Fotogalerie
    “{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}” = Windows Live SOXE Definitions
    “{10640F6D-6AB0-401E-9FC6-A94D19C580BC}” = Windows Live UX Platform Language Pack
    “{119A44B5-6237-4D56-8424-5DAE70ED3F4E}” = Windows Live UX Platform Language Pack
    “{147FBA18-A6BB-4AD5-8F0A-37380AAABD76}” = Photo Common
    “{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}” = ASUS LifeFrame3
    “{1EFB835F-DD75-48EC-BB3D-1A71CF604457}” = Windows Live Writer
    “{2020C08E-74F5-4E9F-BD2A-41F8CB6EBA10}” = Photo Gallery
    “{22C58DA3-FA02-4DD3-8C5B-23570411E95B}” = Windows Live Writer Resources
    “{23B93929-FAD4-40E5-96C6-0E977BB87204}” = Windows Live Essentials
    “{26A24AE4-039D-4CA4-87B4-2F83217045FF}” = Java 7 Update 45
    “{28006915-2739-4EBE-B5E8-49B25D32EB33}” = Qualcomm Atheros Client Installation Program
    “{356BAE2E-3A48-4A6F-8BC6-AC62D50ECFA3}” = Windows Live Messenger
    “{3BD8FD6A-D36D-45D9-BB5C-CD39404C222F}” = Windows Live Writer Resources
    “{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}” = Movie Maker
    “{40BF1E83-20EB-11D8-97C5-0009C5020658}” = CyberLink Power2Go
    “{45898170-E68C-4F02-AA35-C2186BF347A3}” = Movie Maker
    “{46F044A5-CE8B-4196-984E-5BD6525E361D}” = Apple Application Support
    “{49DC9658-D26A-4AAB-A83A-2655B8033056}” = Photo Common
    “{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater
    “{4AB9FFAB-FFA5-49AF-9712-68B7B859B1F3}” = Windows Live Writer
    “{4D3286A6-F6AB-498A-82A4-E4F040529F3D}” = ASUS Smart Gesture
    “{4F8C9861-DDCF-4EE8-978C-35B691C406B3}” = OpenOffice 4.0.0
    “{5172E572-C175-4F80-A6D5-5CB45826AD61}” = SceneSwitch
    “{58172D66-2F69-4215-9AEC-ED8196023736}” = ASUS Tutor
    “{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}” = Windows Live Installer
    “{5C601EA8-D519-4010-8CD0-BD3B94A6DD58}” = Photo Common
    “{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}” = Movie Maker
    “{65153EA5-8B6E-43B6-857B-C6E4FC25798A}” = Intel(R) Management Engine Components
    “{6B6923B9-8719-425B-916C-CD2908F31AAF}” = Windows Live SOXE
    “{6BA68C11-0B63-4192-B880-0B5E3F7949F9}” = Windows Live UX Platform Language Pack
    “{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable
    “{749F674B-2674-47E8-879C-5626A06B2A91}” = ASUS InstantOn
    “{7693587D-5D66-4208-ABEA-C370217D1D9B}” = Movie Maker
    “{7881716A-5DA3-4B3F-A3CC-E63676E5CF78}” = Windows Live Messenger
    “{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}” = Apple Software Update
    “{78DF4802-2B2B-4333-99AF-363C2F93D476}” = Windows Live Writer Resources
    “{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}” = Bing Bureau
    “{8833FFB6-5B0C-4764-81AA-06DFEED9A476}” = Realtek Ethernet Controller Driver
    “{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}” = ASUS Instant Connect
    “{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}” = NVIDIA PhysX
    “{8BC85D25-AF2D-40DA-BD04-016B64D384BF}” = Windows Live Mail
    “{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}” = MSVCRT
    “{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}” = MSVCRT110
    “{8F21291E-0444-4B1D-B9F9-4370A73E346D}” = WinFlash
    “{90150000-0138-0409-0000-0000000FF1CE}” = Microsoft Office
    “{91D59688-8209-4569-B581-B870BDC74EAB}” = Windows Live Messenger
    “{936D4074-6A57-45ED-AF5A-F7CF5A56DE6F}” = Windows Live Essentials
    “{9A25302D-30C0-39D9-BD6F-21E6EC160475}” = Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17
    “{9BE518E6-ECC6-35A9-88E4-87755C07200F}” = Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161
    “{A52DB080-D445-49EB-90D2-03B9CD794511}” = Photo Common
    “{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}” = ASUS USB Charger Plus
    “{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}” = Google Update Helper
    “{AA806DB1-E882-4834-8102-B5F256BE9A2F}” = Windows Live Essentials
    “{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}” = Windows Live Writer
    “{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}” = ATK Package
    “{AC76BA86-7AD7-1036-7B44-AB0000000001}” = Adobe Reader XI (11.0.05) – Français
    “{AEFAF1CC-9688-402B-A3E3-7E8F2043874C}” = Windows Live Writer
    “{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}” = Windows Live Messenger
    “{BBFCB394-78EB-45D4-BAC6-809AB1DF5F83}” = Windows Live Mail
    “{BDDC2D1F-092F-476F-A7D7-819AA5F434DF}” = Windows Live UX Platform Language Pack
    “{C0018D63-C33C-4515-9CE8-3BC8830F79A1}” = Photo Gallery
    “{C156E7D3-D8B1-4303-BE38-99CE675C393D}” = Windows Live Writer
    “{C1594429-8296-4652-BF54-9DBE4932A44C}” = Realtek PCIE Card Reader
    “{C59C179C-668D-49A9-B6EA-0121CCFC1243}” = CyberLink LabelPrint 2.5
    “{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}” = Windows Live Photo Common
    “{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}” = Windows Live UX Platform Language Pack
    “{D0B44725-3666-492D-BEF6-587A14BD9BD9}” = MSVCRT_amd64
    “{D29B0575-C3DE-4746-A893-4FDF0F7D68B2}” = Windows Live Mail
    “{D604900F-A275-416C-AF9D-CDEDF58B72DB}” = Windows Live Mail
    “{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}” = Windows Live
    “{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}” = ASUSDVD
    “{E09C4DB7-630C-4F06-A631-8EA7239923AF}” = D3DX10
    “{E13497F0-4C28-47A0-B994-4D5E6D0F64A2}” = Windows Live Mail
    “{E169436E-49D8-419B-A5C0-D245EAF99611}” = Movie Maker
    “{E3445598-4424-4EE2-B71C-C23325F7FB71}” = Windows Live PIMT Platform
    “{E3E8006D-3DD9-40DF-9171-1EDE1023E57C}” = Windows Live Mail
    “{EC5E0CAF-BC28-401C-B8BE-89C496D6D66F}” = Windows Live Essentials
    “{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}” = ASUS Virtual Camera
    “{ECD07D50-05C3-40E6-A10E-A371AC7E4B8A}” = Windows Live Writer
    “{EFBCA571-617D-484A-9ECA-E301BB6D0750}” = Windows Live Writer
    “{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}” = Microsoft SQL Server 2005 Compact Edition [ENU]
    “{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}” = Microsoft Visual C++ 2010 x86 Redistributable – 10.0.40219
    “{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}” = Intel(R) Processor Graphics
    “{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}” = Windows Live UX Platform
    “{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}” = Realtek High Definition Audio Driver
    “{F1A79BDD-A47F-441B-954D-EE045C379EBB}” = Windows Live Writer Resources
    “{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}” = Galerie de photos
    “{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}” = Junk Mail filter update
    “{F875E135-31C5-4C4D-929F-D49E6332E7F1}” = Photo Common
    “{F9B9F5AA-D604-47A7-9238-22A664DBED16}” = Windows Live Messenger
    “{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}” = ASUS Live Update
    “{FA6BC7A5-85B3-4DC2-825C-D508E386151A}” = Raccolta foto
    “{FC5F20C5-C44E-40DE-927C-4C7D7994912F}” = Windows Live Messenger
    “{FCB3772C-B7D0-4933-B1A9-3707EBACC573}” = Intel(R) SDK for OpenCL – CPU Only Runtime Package
    “{FFCF82EC-895F-4AC8-925E-3412FE25EF62}” = Windows Live Writer Resources
    “Asus Vibe2.0” = AsusVibe2.0
    “ASUS WebStorage” = ASUS WebStorage Sync Agent
    “Google Chrome” = Google Chrome
    “InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}” = CyberLink Power2Go
    “InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}” = CyberLink LabelPrint 2.5
    “InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}” = ASUSDVD
    “Malwarebytes’ Anti-Malware_is1” = Malwarebytes Anti-Malware version 1.75.0.1300
    “MyBitCast” = MyBitCast 2.0
    “WinLiveSuite” = Windows Live
    “ZHPDiag_is1” = ZHPDiag 2013

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERSS-1-5-21-1305010613-2064220777-3922521960-1002SOFTWAREMicrosoftWindowsCurrentVersionUninstall]
    “SkyDriveSetup.exe” = Microsoft SkyDrive

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error – 20/11/2013 09:45:59 | Computer Name = PC-Megane | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 1110

    Error – 20/11/2013 09:45:59 | Computer Name = PC-Megane | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 1110

    Error – 20/11/2013 10:02:17 | Computer Name = PC-Megane | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error – 20/11/2013 10:02:17 | Computer Name = PC-Megane | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 979688

    Error – 20/11/2013 10:02:17 | Computer Name = PC-Megane | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 979688

    Error – 20/11/2013 10:51:31 | Computer Name = PC-Megane | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error – 20/11/2013 10:51:31 | Computer Name = PC-Megane | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 1187

    Error – 20/11/2013 10:51:31 | Computer Name = PC-Megane | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 1187

    Error – 21/11/2013 01:43:18 | Computer Name = PC-Megane | Source = Customer Experience Improvement Program | ID = 1008
    Description =

    Error – 21/11/2013 11:46:49 | Computer Name = PC-Megane | Source = Customer Experience Improvement Program | ID = 1008
    Description =

    [ System Events ]
    Error – 19/11/2013 10:17:17 | Computer Name = PC-Megane | Source = Schannel | ID = 36884
    Description = Le certificat reçu à partir du serveur distant ne contient par le
    nom attendu. Il n’est par conséquent pas possible de déterminer si nous sommes connecté
    au serveur correct. Le nom de serveur attendu est client.wns.windows.com. La demande
    de connexion SSL a échoué. Les données jointes contiennent le certificat du serveur.

    Error – 19/11/2013 10:17:40 | Computer Name = PC-Megane | Source = Schannel | ID = 36888
    Description = Une alerte irrécupérable a été générée et envoyée au point de terminaison
    distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable
    défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 552.

    Error – 19/11/2013 10:17:40 | Computer Name = PC-Megane | Source = Schannel | ID = 36884
    Description = Le certificat reçu à partir du serveur distant ne contient par le
    nom attendu. Il n’est par conséquent pas possible de déterminer si nous sommes connecté
    au serveur correct. Le nom de serveur attendu est client.wns.windows.com. La demande
    de connexion SSL a échoué. Les données jointes contiennent le certificat du serveur.

    Error – 19/11/2013 10:18:08 | Computer Name = PC-Megane | Source = Schannel | ID = 36888
    Description = Une alerte irrécupérable a été générée et envoyée au point de terminaison
    distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable
    défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 552.

    Error – 19/11/2013 10:18:08 | Computer Name = PC-Megane | Source = Schannel | ID = 36884
    Description = Le certificat reçu à partir du serveur distant ne contient par le
    nom attendu. Il n’est par conséquent pas possible de déterminer si nous sommes connecté
    au serveur correct. Le nom de serveur attendu est client.wns.windows.com. La demande
    de connexion SSL a échoué. Les données jointes contiennent le certificat du serveur.

    Error – 19/11/2013 10:18:40 | Computer Name = PC-Megane | Source = Schannel | ID = 36888
    Description = Une alerte irrécupérable a été générée et envoyée au point de terminaison
    distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable
    défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 552.

    Error – 19/11/2013 10:18:40 | Computer Name = PC-Megane | Source = Schannel | ID = 36884
    Description = Le certificat reçu à partir du serveur distant ne contient par le
    nom attendu. Il n’est par conséquent pas possible de déterminer si nous sommes connecté
    au serveur correct. Le nom de serveur attendu est client.wns.windows.com. La demande
    de connexion SSL a échoué. Les données jointes contiennent le certificat du serveur.

    Error – 20/11/2013 17:51:37 | Computer Name = PC-Megane | Source = EventLog | ID = 6008
    Description = L’arrêt système précédant à 22:23:20 le ?20/?11/?2013 n’était pas
    prévu.

    Error – 21/11/2013 04:34:33 | Computer Name = PC-Megane | Source = Schannel | ID = 36888
    Description = Une alerte irrécupérable a été générée et envoyée au point de terminaison
    distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable
    défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 552.

    Error – 21/11/2013 04:34:33 | Computer Name = PC-Megane | Source = Schannel | ID = 36884
    Description = Le certificat reçu à partir du serveur distant ne contient par le
    nom attendu. Il n’est par conséquent pas possible de déterminer si nous sommes connecté
    au serveur correct. Le nom de serveur attendu est client.wns.windows.com. La demande
    de connexion SSL a échoué. Les données jointes contiennent le certificat du serveur.

    < End of report >

  • Anonyme
    Nombre d'articles : 1400

    :hello: lcemegane,

    ok, fais ceci et poste le rapport s’il te plaît

    • Télécharge SFTGC (de Pierre13) sur ton Bureau et pas ailleurs !.
    • Lance SFTGC, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur GO

      Note : A la fin un rapport va s’ouvrir

    • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à été créé.
    • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    dis moi comment va le pc s’il te plaît

    :merci2:

  • lcemegane
    Participant
    Nombre d'articles : 15

    Voici le début du rapport :

    Rapport de SFTGC (Pierre13) du Vendredi 22 Novembre 2013 à 16:46:46 version : 2.0.0.55
    Mis à jour le 12/09/2013
    Outil lancé en Mode normal et En tant qu’administrateur
    Windows 8 64 bits

    Tool start in C:UsersMéganeDesktop

    717 éléments supprimés => 50.63 Mo libérés. (28 s)

    C:UsersMéganeAppDataLocalTemp1696_1043
    C:UsersMéganeAppDataLocalTemp2552_1374
    C:UsersMéganeAppDataLocalTemp2964_6218
    C:UsersMéganeAppDataLocalTemp3436_27413
    C:UsersMéganeAppDataLocalTemp3676_117
    C:UsersMéganeAppDataLocalTemp4092_5777
    C:UsersMéganeAppDataLocalTemp5020_15993
    C:UsersMéganeAppDataLocalTemp5076_27818
    C:UsersMéganeAppDataLocalTemp5176_29947
    C:UsersMéganeAppDataLocalTemp5184_2680
    C:UsersMéganeAppDataLocalTemp5248_8083
    C:UsersMéganeAppDataLocalTemp5468_25926
    C:UsersMéganeAppDataLocalTemp5992_10438
    C:UsersMéganeAppDataLocalTemp6884_6830
    C:UsersMéganeAppDataLocalTemp7324_30931
    C:UsersMéganeAppDataLocalTemp7672_2150
    C:UsersMéganeAppDataLocalTemp7864_28754
    C:UsersMéganeAppDataLocalTempacrord32_sbx
    C:UsersMéganeAppDataLocalTempAdobeARM.log
    C:UsersMéganeAppDataLocalTempchrome_installer.log
    C:UsersMéganeAppDataLocalTemphsperfdata_Mégane
    C:UsersMéganeAppDataLocalTempInsOnMode.ini
    C:UsersMéganeAppDataLocalTempJavaDeployReg.log
    C:UsersMéganeAppDataLocalTempjusched.log
    C:UsersMéganeAppDataLocalTempLow
    C:UsersMéganeAppDataLocalTempSetupAdminA54.log
    C:UsersMéganeAppDataLocalTempwinstore.log
    C:UsersMéganeAppDataLocalTemp7864_28754crl-set
    C:UsersMéganeAppDataLocalTemp7864_28754manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp7864_28754manifest.json
    C:UsersMéganeAppDataLocalTemp7672_2150crl-set
    C:UsersMéganeAppDataLocalTemp7672_2150manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp7672_2150manifest.json
    C:UsersMéganeAppDataLocalTemp7324_30931crl-set
    C:UsersMéganeAppDataLocalTemp7324_30931manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp7324_30931manifest.json
    C:UsersMéganeAppDataLocalTemp6884_6830crl-set
    C:UsersMéganeAppDataLocalTemp6884_6830manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp6884_6830manifest.json
    C:UsersMéganeAppDataLocalTemp5992_10438crl-set
    C:UsersMéganeAppDataLocalTemp5992_10438manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp5992_10438manifest.json
    C:UsersMéganeAppDataLocalTemp5468_25926crl-set
    C:UsersMéganeAppDataLocalTemp5468_25926manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp5468_25926manifest.json
    C:UsersMéganeAppDataLocalTemp5248_8083crl-set
    C:UsersMéganeAppDataLocalTemp5248_8083manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp5248_8083manifest.json
    C:UsersMéganeAppDataLocalTemp5184_2680crl-set
    C:UsersMéganeAppDataLocalTemp5184_2680manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp5184_2680manifest.json
    C:UsersMéganeAppDataLocalTemp5176_29947crl-set
    C:UsersMéganeAppDataLocalTemp5176_29947manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp5176_29947manifest.json
    C:UsersMéganeAppDataLocalTemp5076_27818crl-set
    C:UsersMéganeAppDataLocalTemp5076_27818manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp5076_27818manifest.json
    C:UsersMéganeAppDataLocalTemp5020_15993crl-set
    C:UsersMéganeAppDataLocalTemp5020_15993manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp5020_15993manifest.json
    C:UsersMéganeAppDataLocalTemp4092_5777crl-set
    C:UsersMéganeAppDataLocalTemp4092_5777manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp4092_5777manifest.json
    C:UsersMéganeAppDataLocalTemp3676_117crl-set
    C:UsersMéganeAppDataLocalTemp3676_117manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp3676_117manifest.json
    C:UsersMéganeAppDataLocalTemp3436_27413crl-set
    C:UsersMéganeAppDataLocalTemp3436_27413manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp3436_27413manifest.json
    C:UsersMéganeAppDataLocalTemp2964_6218crl-set
    C:UsersMéganeAppDataLocalTemp2964_6218manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp2964_6218manifest.json
    C:UsersMéganeAppDataLocalTemp2552_1374crl-set
    C:UsersMéganeAppDataLocalTemp2552_1374manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp2552_1374manifest.json
    C:UsersMéganeAppDataLocalTemp1696_1043crl-set
    C:UsersMéganeAppDataLocalTemp1696_1043manifest.fingerprint
    C:UsersMéganeAppDataLocalTemp1696_1043manifest.json
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecent10 – Over Again.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecent21571_Calendrier_universitaire_FLSH_13-14.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecent22337_DS_SEM1.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecent541511_10151928236165581_281842771_n.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecent823WGTMA.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecent860OKMZO.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAcademic writing cours mardi 05.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAcademic writing pour le 19 novembre.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAdwCleaner.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAdwCleaner[S0].lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAdwCleaner[S1].lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAméricaine civi.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAW cours 05 nov.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCan French People Speak English. BonjourLovelies.com.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCivi USA cours 2.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCivilisation Américaine TD 19 novembre.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCivilisation Britannique 19 novembre.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCustomDestinations
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentdesktop.ini
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentDisque amovible (F).lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentDocuments.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentDownloads.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentFAC.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentfacebook.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentFashion inspiration-tumblr.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentFILMS.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenthttps–connect.wifirst.net-redirect_method=GET&redirect_url=http%3A%2F%2Fwww.msftncsi.com%2Fredirect.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenthttps–secure.skype.com-login-ssononce=648rrj8LO79SAsAtiK6A&go=myaccount&intsrc=client-_-windows8_9-_-1.0-_-go-my-account.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentIMG_0841.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentIMG_1107.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentJason Derulo -Marry Me- Official Lyrics Video-[www_flvto_com].lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentJason Derulo.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentLangue Orale ( the good one ).lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentLangue Orale (2).lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentLangue Orale.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentLCE 2.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentLesson 5 .lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentLittérature 21 novembre.odt.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentmbar-1.01.0.1022.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentnrd-hangover2.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentOlly Murs- This Song Is About You (Lyrics)-[www_flvto_com].lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentOTL.Txt.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentResearch paper TEXTS.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentResearch paper.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentSans nom 1.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentShooting.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentSport represented as a grand event.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentTerminaisons faibles phonétique.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentThe News.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentTUMBLR NON POSTES NON TRIE.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_m1r9ygFRFf1rovmado1_500.jpg.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_m27ah8ug411r4grpqo1_500.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_m2cc8rAINY1qb9k3go1_500.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_m2w3jzyRZP1qij5oho1_500.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_m8gk0lgeif1qg22hlo1_500_large.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_m8m9abB01u1r2unmto1_500.jpg.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_mj19roxtFr1qfwkrao1_500.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_mjtfdnYORG1qejm4fo1_500.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_mn7lngwKp61rswt5eo1_500.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_mo19g0ZQCJ1rkfanfo1_1280.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_mutvfjDCPW1rd6cj9o1_250.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecenttumblr_mve8hfikTj1qctsgko1_1280.jpg.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentTéléchargements.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentVINTED.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentVocabulaire clothes.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentYour Girl.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentzhp.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentZHPDiag.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentZHPFIX.EXE-AFDB3DAC.pf.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecent[www.Cpasbien.com] Jane.By.Design.S01E13.FASTSUB.VOSTFR.HDTV.XviD-Xtrem (2).lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecent[www.Cpasbien.com] Jane.By.Design.S01E13.FASTSUB.VOSTFR.HDTV.XviD-Xtrem.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecent[www.Cpasbien.com] One Direction – Take Me Home – [2012-Album] Mp3-320Kbps.lnk
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCustomDestinations25039900b9bba50b.customDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCustomDestinations28c8b86deab549a1.customDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCustomDestinations484d0d7daee6eded.customDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCustomDestinations5d696d521de238c3.customDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCustomDestinations74d7f43c1561fc1e.customDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCustomDestinations7e4dca80246863e3.customDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCustomDestinations83b03b46dcd30a0e.customDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCustomDestinations9645f58513b1a821.customDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCustomDestinationsbd249197a6faeff2.customDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentCustomDestinationsf01b4d95cf55d32a.customDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations26bfbdac8c66cb7d.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations4cb9c5750d51c07f.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations4d939776340f1d18.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations5d696d521de238c3.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations74d7f43c1561fc1e.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations7a8db574299c8568.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations7e4dca80246863e3.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations83b03b46dcd30a0e.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations9b9cdc69c1c24e2b.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinationsa2b95ca27b6c33d9.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinationsae6df75df512bd06.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinationsf01b4d95cf55d32a.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinationsf3c90dec42360729.automaticDestinations-ms
    C:UsersMéganeAppDataRoamingMicrosoftWindowsRecentAutomaticDestinationsff103e2cc310d0d.automaticDestinations-ms
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData3C2624375988154FBF20373B7D495E8_4CE1399DE4CEDD0087BBFC0689796C3F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData4AFA8793E5CDC4A81C6CD4554A30707
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData5EC48341C277FE5110E7DFAA91377DC_1E562C75E6CFA21DBFA4413069869356
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData86C252C05DBB672D245CC31A72A2E67
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataB1B84E1509125064E3D44331C3817C2_3E6BB635115BB4A3C7C9DF5009227113
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData130ADF60D1B7B3CF82CC6CA82D961601_2FFE778CED2FD9BBAB74B5314F3440CA
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData130ADF60D1B7B3CF82CC6CA82D961601_3722A7817B153CAC96BEA5D2AB2FB31E
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData130ADF60D1B7B3CF82CC6CA82D961601_54F461E341AC92480E0EB583C80AB528
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData130ADF60D1B7B3CF82CC6CA82D961601_83653FB4B566DAD9C63D2C31D4C9715C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData130ADF60D1B7B3CF82CC6CA82D961601_91579693C2D8584E3FFB75C581EC5E8B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData130ADF60D1B7B3CF82CC6CA82D961601_BFF3E82445C199812E8EC4CC74EA6FD4
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData130ADF60D1B7B3CF82CC6CA82D961601_EC2B8F0C530DA57B6BD72F9ED19E4B95
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData130ADF60D1B7B3CF82CC6CA82D961601_F3F138DDA4E72F849B7E03101CED9406
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData161B1C6D9CDC22FEB7269E395DF82F33_ACE2C216192F681278D474D3F3FB331A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData1DAF2884EC4DFA96BA4A58D4DBC9C406
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData1F39B5CFACECFDE48DB25BCA2231FAC6_135A427F1ED873A4BF5097F7A809FA2A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData219976D61D72B43A8A9F6916F467E10F_376E88BBCF4E0F0C2D6E36DC7206916B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData219976D61D72B43A8A9F6916F467E10F_51EFD2D60ADD1881AF594C1F47629221
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData23B523C9E7746F715D33C6527C18EB9D
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData2439BE688C04EC10EE2B724361DFB2CA_C520C54E784EC869C630392026CE9925
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData2E980CF7BB84455884A2F90C0668C729_FCFF5DBC182D9C0A4C50FA1AE3576B84
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData30F7B429BB1DACA9B591B41E016BED66_F6024CD0767F1B4C9F060C7479C6DC83
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData3F9CAA0497A0877CE21ECD947E7238B5_E1F0919A92865CED77950400693A532F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData4309200C3DBAD0F6F0DFACE9165FD092
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData49514950C94E8026A2B06312597DFF49_232288A20D63375EAC649186251E5D74
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData49514950C94E8026A2B06312597DFF49_33A0493B3756EC93EB52782457685E27
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData49514950C94E8026A2B06312597DFF49_AFC22B77ED08EE3E2B28B6DE75CADDF5
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData4E29C7E9E83048EFCCC5C3D57B6818DB
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData4E921787B7D7C838D920938DFC6D122E_79F029B769AAE8010337F77D683CB533
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData5457A8CE4B2A7499F8299A013B6E1C7C_4BDA944235F1446F185236D493959297
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData5457A8CE4B2A7499F8299A013B6E1C7C_A6B2237C23668D872C46152358A3FB3E
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData5457A8CE4B2A7499F8299A013B6E1C7C_D734EC3DD00546F46D368325396086B0
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData566A973C3ADBC70963C072413659C1CB_39482AEE62881116513CBB19A044403F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData60E31627FDA0A46932B0E5948949F2A5
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData6AA3321A15A787985201D7A6820782F0_35BFA9D40D21E81B408449EB9D85CCA4
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData6AA3321A15A787985201D7A6820782F0_4E35DE6F4FCFB7BE2C045F6B5ED89FC8
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData6B7AED56F69397028F35E77E6DD681FC
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7423F88C7F265F0DEFC08EA88C3BDE45_11D7BA58D75E54D622A3AD9CDF9905BB
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData74BFD122C0875EC75DBE5C6DB4C59019
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData77EC63BDA74BD0D0E0426DC8F8008506
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData783DF2F5A7C9BC04C36663632D14B993_09A85C5418FB163D61A6CDA83D9C0B2C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData783DF2F5A7C9BC04C36663632D14B993_09E6BFC8958A4903B51F28C3DF0B32CC
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData783DF2F5A7C9BC04C36663632D14B993_169DE3439FD2D9FE0AE07883B5A27A1B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData783DF2F5A7C9BC04C36663632D14B993_6C67FC20D6E627EA8FBFF0B449CB060B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7B8944BA8AD0EFDF0E01A43EF62BECD0_36E3207A43A87A281983E8D0B4D7BCDF
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7B8944BA8AD0EFDF0E01A43EF62BECD0_5AE6F9C328F80F504A42447CD464EEC0
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7B8944BA8AD0EFDF0E01A43EF62BECD0_82A6E25B79E891F34987BD4C93317D0A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7B8944BA8AD0EFDF0E01A43EF62BECD0_96E18C6F7F11D436D50EB658BB37DA57
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7B8944BA8AD0EFDF0E01A43EF62BECD0_AE80968B09655437A4C6DA8671FF8BB7
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7B8944BA8AD0EFDF0E01A43EF62BECD0_B2DB1CC4B5F2D2A802D56AAED525802D
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7B8944BA8AD0EFDF0E01A43EF62BECD0_C9B190D3A0B2283820B6C33764149AA6
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7B8944BA8AD0EFDF0E01A43EF62BECD0_CD4662E1A7F15144990B9C9F03164C3A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7B8944BA8AD0EFDF0E01A43EF62BECD0_D120C285892F736A029B7FDC0C33E264
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7B8944BA8AD0EFDF0E01A43EF62BECD0_D7F0806A9FAA0922F41F59F20EB11D5C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7C44AA84A5CFEC3289884F54A088297E_C9E46D66912637334CBAD07207DBA517
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7D1F03728133589A90656A87E482B21F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7D266D9E1E69FA1EEFB9699B009B34C8_1D5A876A9113EC07224C45E5A870E3BD
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData7D266D9E1E69FA1EEFB9699B009B34C8_8CA7164968F366C9A94AC8E71C4BDD9B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_2E4BCCAAA8B52E99AC2D8241A872DD77
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_2F1BD5B4F9DBD26AB429C868029F876C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_3B544D333012FB463337A933E27FA00D
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_602DEDB8C7D6326D5C8D775461CB2C26
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_6F2F7960AAA8F8616CDE8AF3EC245868
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_918340BA089892122B5626AE042DBBDE
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_95BE0E24685C739E0287588432223979
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_B313A6AEB91DC2BE7A8547095314EC1C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_CAED40D1E29B0CF7BFCE055DDE63B150
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_D47B0351FE4289C5C14A4B1359D31F2A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_E4DFCF5325A7B2A17D0E55108E8A34A8
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_EC9834D79F6FC380DD6205AD8CA74CEB
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_F2EFD568D6CA72D7BC802424E3F92B9A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8059E9A0D314877E40FE93D8CCFB3C69_F9758F0CEE4021D579BC2D754B77BF07
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData855CF405355328EC482A28D56A44CFB0_120F73EDCEB7A42DFB7C70F56DD38B42
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8890A77645B73478F5B1DED18ACBF795_1E5D470765E0BE1964814B1F5A3581DC
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8890A77645B73478F5B1DED18ACBF795_D3DB95C0E7608ACC9AA10ACCCCEBBDF5
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData8EBFACB3A66359F9514D044C86BA4794
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData91ECFED5143F7F4F4576655D8EFAB51C_17392CB0F1D8BCBED3814699659DFF76
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData94C0DD15E1E10CFC94461B254088DA63_E28BA5D0B90D87A2CBA70A99B6D6E3A5
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData955CAB6FF6A24D5820D50B5BA1CF79C7_0D0504E280D4BC90041F089A5D901106
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaData955CAB6FF6A24D5820D50B5BA1CF79C7_CFEA3385E24D822B0027B3D9A091B242
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataA3C4F17BF8CB09C3DF2A086B36306B5C_C1C0B5D167C066A750AF361DC97F90F6
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataAC9005F5466BD463DF06D711B370595F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataB3BB9C1BA2D19E090AE305B2683903A0_3A991EF068DA80925661324DEEB3A2FC
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataB3BB9C1BA2D19E090AE305B2683903A0_5864DDF0697688952ACDB52C47E0933E
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataB3BB9C1BA2D19E090AE305B2683903A0_6F0A84CE2BA99BD19D42C92610275852
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataB90B117906B8A74C79D1BC450C2B94B1_A54F26A8A41DE52C237D54D67F12793F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataBBB768C456D9E2DCD3EF595C400D483D_64C05B9EB32FC3D0CE6CB126561EEBFF
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataBD8A14C7C024625432CC03FE72E47EF0_35DB72DF5C829F76FA820993F2C82D80
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataBD8A14C7C024625432CC03FE72E47EF0_6FD1BEFD298F4FD3EE4B4EE2E6631CC7
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataBD8A14C7C024625432CC03FE72E47EF0_BC4EC46B2A6D9424FFBAF3A0C035586C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataC25FBC9FE17D1C30FF964815C35F0AB3
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataC3B4324B100AA32F7BE995E7E34E0AA5_15C23806E36E1233F1A79C3B11377E1C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataC437972632A488222EA069E1572887C7_9AD1C6A04DF1BBA89E35E1142E44AE70
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataC5C16E8B8D126375C32C54465617D152_E89BE6285BCA3816E41A2C36E7E420A5
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataCA7B2D59B4E9BC2D316D1AECDFC12F63_AE3FE875193DBB7C9EC575C998F19368
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataCA7B2D59B4E9BC2D316D1AECDFC12F63_B9385197A2757B8FEC32C5C94631DF12
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataCA7B2D59B4E9BC2D316D1AECDFC12F63_E8FFB3D833ACBBA2A753BCE3F81C274B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataD0F063B6B88A2B8BFE21C3993A613447
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataE63A640A06A2B005AB42F3250BC98D9E_6020995806BF99A1FBC324A7B889F612
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataF30B1DAC467EEB5A0EB57E5457CD952D_5196DDA6F3358FF603DC5010CA4ED54B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataF4B372709D6C2AD766C34D274501DC76_C08D897FBCD7D5D638FCD154D1404CBE
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataF4D9C889B7AEBCF4E1A2DAABC5C3628A_45372F968036A3D8F01EF13C820C17D1
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataF4D9C889B7AEBCF4E1A2DAABC5C3628A_AD67B42F526068C7A09A14203543DAE9
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataF72943F1E01540BBACB5396C76DD6AAA
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataF99CAC852E278659C1E715225DD11A14_A941BBEE5E39237968E8808A19F1998B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataFB788E090BC1F3AA2FBC9E8FB2859601
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheMetaDataFCEA474F228C13CD0DAD678431D0ACFC
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent3C2624375988154FBF20373B7D495E8_4CE1399DE4CEDD0087BBFC0689796C3F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent4AFA8793E5CDC4A81C6CD4554A30707
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent5EC48341C277FE5110E7DFAA91377DC_1E562C75E6CFA21DBFA4413069869356
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent86C252C05DBB672D245CC31A72A2E67
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentB1B84E1509125064E3D44331C3817C2_3E6BB635115BB4A3C7C9DF5009227113
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent130ADF60D1B7B3CF82CC6CA82D961601_2FFE778CED2FD9BBAB74B5314F3440CA
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent130ADF60D1B7B3CF82CC6CA82D961601_3722A7817B153CAC96BEA5D2AB2FB31E
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent130ADF60D1B7B3CF82CC6CA82D961601_54F461E341AC92480E0EB583C80AB528
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent130ADF60D1B7B3CF82CC6CA82D961601_83653FB4B566DAD9C63D2C31D4C9715C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent130ADF60D1B7B3CF82CC6CA82D961601_91579693C2D8584E3FFB75C581EC5E8B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent130ADF60D1B7B3CF82CC6CA82D961601_BFF3E82445C199812E8EC4CC74EA6FD4
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent130ADF60D1B7B3CF82CC6CA82D961601_EC2B8F0C530DA57B6BD72F9ED19E4B95
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent130ADF60D1B7B3CF82CC6CA82D961601_F3F138DDA4E72F849B7E03101CED9406
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent161B1C6D9CDC22FEB7269E395DF82F33_ACE2C216192F681278D474D3F3FB331A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent1DAF2884EC4DFA96BA4A58D4DBC9C406
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent1F39B5CFACECFDE48DB25BCA2231FAC6_135A427F1ED873A4BF5097F7A809FA2A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent219976D61D72B43A8A9F6916F467E10F_376E88BBCF4E0F0C2D6E36DC7206916B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent219976D61D72B43A8A9F6916F467E10F_51EFD2D60ADD1881AF594C1F47629221
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent23B523C9E7746F715D33C6527C18EB9D
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent2439BE688C04EC10EE2B724361DFB2CA_C520C54E784EC869C630392026CE9925
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent2E980CF7BB84455884A2F90C0668C729_FCFF5DBC182D9C0A4C50FA1AE3576B84
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent30F7B429BB1DACA9B591B41E016BED66_F6024CD0767F1B4C9F060C7479C6DC83
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent3F9CAA0497A0877CE21ECD947E7238B5_E1F0919A92865CED77950400693A532F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent4309200C3DBAD0F6F0DFACE9165FD092
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent49514950C94E8026A2B06312597DFF49_232288A20D63375EAC649186251E5D74
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent49514950C94E8026A2B06312597DFF49_33A0493B3756EC93EB52782457685E27
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent49514950C94E8026A2B06312597DFF49_AFC22B77ED08EE3E2B28B6DE75CADDF5
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent4E29C7E9E83048EFCCC5C3D57B6818DB
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent4E921787B7D7C838D920938DFC6D122E_79F029B769AAE8010337F77D683CB533
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent5457A8CE4B2A7499F8299A013B6E1C7C_4BDA944235F1446F185236D493959297
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent5457A8CE4B2A7499F8299A013B6E1C7C_A6B2237C23668D872C46152358A3FB3E
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent5457A8CE4B2A7499F8299A013B6E1C7C_D734EC3DD00546F46D368325396086B0
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent566A973C3ADBC70963C072413659C1CB_39482AEE62881116513CBB19A044403F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent60E31627FDA0A46932B0E5948949F2A5
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent6AA3321A15A787985201D7A6820782F0_35BFA9D40D21E81B408449EB9D85CCA4
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent6AA3321A15A787985201D7A6820782F0_4E35DE6F4FCFB7BE2C045F6B5ED89FC8
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent6B7AED56F69397028F35E77E6DD681FC
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7423F88C7F265F0DEFC08EA88C3BDE45_11D7BA58D75E54D622A3AD9CDF9905BB
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent74BFD122C0875EC75DBE5C6DB4C59019
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent77EC63BDA74BD0D0E0426DC8F8008506
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent783DF2F5A7C9BC04C36663632D14B993_09A85C5418FB163D61A6CDA83D9C0B2C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent783DF2F5A7C9BC04C36663632D14B993_09E6BFC8958A4903B51F28C3DF0B32CC
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent783DF2F5A7C9BC04C36663632D14B993_169DE3439FD2D9FE0AE07883B5A27A1B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent783DF2F5A7C9BC04C36663632D14B993_6C67FC20D6E627EA8FBFF0B449CB060B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7B8944BA8AD0EFDF0E01A43EF62BECD0_36E3207A43A87A281983E8D0B4D7BCDF
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7B8944BA8AD0EFDF0E01A43EF62BECD0_5AE6F9C328F80F504A42447CD464EEC0
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7B8944BA8AD0EFDF0E01A43EF62BECD0_82A6E25B79E891F34987BD4C93317D0A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7B8944BA8AD0EFDF0E01A43EF62BECD0_96E18C6F7F11D436D50EB658BB37DA57
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7B8944BA8AD0EFDF0E01A43EF62BECD0_AE80968B09655437A4C6DA8671FF8BB7
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7B8944BA8AD0EFDF0E01A43EF62BECD0_B2DB1CC4B5F2D2A802D56AAED525802D
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7B8944BA8AD0EFDF0E01A43EF62BECD0_C9B190D3A0B2283820B6C33764149AA6
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7B8944BA8AD0EFDF0E01A43EF62BECD0_CD4662E1A7F15144990B9C9F03164C3A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7B8944BA8AD0EFDF0E01A43EF62BECD0_D120C285892F736A029B7FDC0C33E264
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7B8944BA8AD0EFDF0E01A43EF62BECD0_D7F0806A9FAA0922F41F59F20EB11D5C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7C44AA84A5CFEC3289884F54A088297E_C9E46D66912637334CBAD07207DBA517
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7D1F03728133589A90656A87E482B21F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7D266D9E1E69FA1EEFB9699B009B34C8_1D5A876A9113EC07224C45E5A870E3BD
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent7D266D9E1E69FA1EEFB9699B009B34C8_8CA7164968F366C9A94AC8E71C4BDD9B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_2E4BCCAAA8B52E99AC2D8241A872DD77
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_2F1BD5B4F9DBD26AB429C868029F876C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_3B544D333012FB463337A933E27FA00D
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_602DEDB8C7D6326D5C8D775461CB2C26
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_6F2F7960AAA8F8616CDE8AF3EC245868
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_918340BA089892122B5626AE042DBBDE
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_95BE0E24685C739E0287588432223979
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_B313A6AEB91DC2BE7A8547095314EC1C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_CAED40D1E29B0CF7BFCE055DDE63B150
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_D47B0351FE4289C5C14A4B1359D31F2A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_E4DFCF5325A7B2A17D0E55108E8A34A8
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_EC9834D79F6FC380DD6205AD8CA74CEB
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_F2EFD568D6CA72D7BC802424E3F92B9A
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8059E9A0D314877E40FE93D8CCFB3C69_F9758F0CEE4021D579BC2D754B77BF07
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent855CF405355328EC482A28D56A44CFB0_120F73EDCEB7A42DFB7C70F56DD38B42
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8890A77645B73478F5B1DED18ACBF795_1E5D470765E0BE1964814B1F5A3581DC
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8890A77645B73478F5B1DED18ACBF795_D3DB95C0E7608ACC9AA10ACCCCEBBDF5
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent8EBFACB3A66359F9514D044C86BA4794
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent91ECFED5143F7F4F4576655D8EFAB51C_17392CB0F1D8BCBED3814699659DFF76
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent94C0DD15E1E10CFC94461B254088DA63_E28BA5D0B90D87A2CBA70A99B6D6E3A5
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent955CAB6FF6A24D5820D50B5BA1CF79C7_0D0504E280D4BC90041F089A5D901106
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContent955CAB6FF6A24D5820D50B5BA1CF79C7_CFEA3385E24D822B0027B3D9A091B242
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentA3C4F17BF8CB09C3DF2A086B36306B5C_C1C0B5D167C066A750AF361DC97F90F6
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentAC9005F5466BD463DF06D711B370595F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentB3BB9C1BA2D19E090AE305B2683903A0_3A991EF068DA80925661324DEEB3A2FC
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentB3BB9C1BA2D19E090AE305B2683903A0_5864DDF0697688952ACDB52C47E0933E
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentB3BB9C1BA2D19E090AE305B2683903A0_6F0A84CE2BA99BD19D42C92610275852
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentB90B117906B8A74C79D1BC450C2B94B1_A54F26A8A41DE52C237D54D67F12793F
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentBBB768C456D9E2DCD3EF595C400D483D_64C05B9EB32FC3D0CE6CB126561EEBFF
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentBD8A14C7C024625432CC03FE72E47EF0_35DB72DF5C829F76FA820993F2C82D80
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentBD8A14C7C024625432CC03FE72E47EF0_6FD1BEFD298F4FD3EE4B4EE2E6631CC7
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentBD8A14C7C024625432CC03FE72E47EF0_BC4EC46B2A6D9424FFBAF3A0C035586C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentC25FBC9FE17D1C30FF964815C35F0AB3
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentC3B4324B100AA32F7BE995E7E34E0AA5_15C23806E36E1233F1A79C3B11377E1C
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentC437972632A488222EA069E1572887C7_9AD1C6A04DF1BBA89E35E1142E44AE70
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentC5C16E8B8D126375C32C54465617D152_E89BE6285BCA3816E41A2C36E7E420A5
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentCA7B2D59B4E9BC2D316D1AECDFC12F63_AE3FE875193DBB7C9EC575C998F19368
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentCA7B2D59B4E9BC2D316D1AECDFC12F63_B9385197A2757B8FEC32C5C94631DF12
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentCA7B2D59B4E9BC2D316D1AECDFC12F63_E8FFB3D833ACBBA2A753BCE3F81C274B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentD0F063B6B88A2B8BFE21C3993A613447
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentE63A640A06A2B005AB42F3250BC98D9E_6020995806BF99A1FBC324A7B889F612
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentF30B1DAC467EEB5A0EB57E5457CD952D_5196DDA6F3358FF603DC5010CA4ED54B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentF4B372709D6C2AD766C34D274501DC76_C08D897FBCD7D5D638FCD154D1404CBE
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentF4D9C889B7AEBCF4E1A2DAABC5C3628A_45372F968036A3D8F01EF13C820C17D1
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentF4D9C889B7AEBCF4E1A2DAABC5C3628A_AD67B42F526068C7A09A14203543DAE9
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentF72943F1E01540BBACB5396C76DD6AAA
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentF99CAC852E278659C1E715225DD11A14_A941BBEE5E39237968E8808A19F1998B
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentFB788E090BC1F3AA2FBC9E8FB2859601
    C:UsersMéganeAppDataLocalLowMicrosoftCryptnetUrlCacheContentFCEA474F228C13CD0DAD678431D0ACFC
    C:UsersMéganeAppDataLocalMicrosoftSqmWindowsLLWindowsLL.wns.0.sqm
    C:UsersMéganeAppDataLocalMicrosoftSqmWindowsLLWindowsLL.wns.1.sqm

  • lcemegane
    Participant
    Nombre d'articles : 15

    C:WindowsTEMPAEIC437.tmp
    C:WindowsTEMPASPNETSetup_00000.log
    C:WindowsTEMPASPNETSetup_00001.log
    C:WindowsTEMPAtheros_Wlan_setup.log
    C:WindowsTEMPAudio_Realtek_setup.log
    C:WindowsTEMPBCDSAVE
    C:WindowsTEMPBCDSAVE.LOG
    C:WindowsTEMPBCDSAVE.LOG1
    C:WindowsTEMPBCDSAVE.LOG2
    C:WindowsTEMPCardreader_RTL8411.log
    C:WindowsTEMPchangeID.txt
    C:WindowsTEMPchrome_installer.log
    C:WindowsTEMPCreateISRT.exe
    C:WindowsTEMPDMI9FBA.tmp
    C:WindowsTEMPDMIA1BF.tmp
    C:WindowsTEMPDMIA2F8.tmp
    C:WindowsTEMPDMIAC2E.tmp
    C:WindowsTEMPDMIAE13.tmp
    C:WindowsTEMPDMIB15E.tmp
    C:WindowsTEMPDMIB2D6.tmp
    C:WindowsTEMPDMIB325.tmp
    C:WindowsTEMPDMIB355.tmp
    C:WindowsTEMPDMID2FF.tmp
    C:WindowsTEMPElectroLyrics-1Installer_1381937345.log
    C:WindowsTEMPFXSAPIDebugLogFile.txt
    C:WindowsTEMPFXSTIFFDebugLogFile.txt
    C:WindowsTEMPHDIFAC3.cmd
    C:WindowsTEMPLOCAL.cmd
    C:WindowsTEMPLOCAL1.cmd
    C:WindowsTEMPLOCAL1.VBS
    C:WindowsTEMPlpksetup-20130929-144251-0.log
    C:WindowsTEMPlpksetup-20131001-070853-0.log
    C:WindowsTEMPlpksetup-20131001-072216-0.log
    C:WindowsTEMPlpksetup-20131002-092652-0.log
    C:WindowsTEMPlpksetup-20131004-094906-0.log
    C:WindowsTEMPlpksetup-20131004-101334-0.log
    C:WindowsTEMPlpksetup-20131010-131849-0.log
    C:WindowsTEMPlpksetup-20131010-212329-0.log
    C:WindowsTEMPlpksetup-20131011-080733-0.log
    C:WindowsTEMPlpksetup-20131012-235243-0.log
    C:WindowsTEMPlpksetup-20131014-070633-0.log
    C:WindowsTEMPlpksetup-20131015-161340-0.log
    C:WindowsTEMPlpksetup-20131016-123303-0.log
    C:WindowsTEMPlpksetup-20131028-192732-0.log
    C:WindowsTEMPlpksetup-20131109-153555-0.log
    C:WindowsTEMPlpksetup-20131109-165133-0.log
    C:WindowsTEMPlpksetup-20131112-160347-0.log
    C:WindowsTEMPlpksetup-20131112-161119-0.log
    C:WindowsTEMPlpksetup-20131112-231732-0.log
    C:WindowsTEMPlpksetup-20131113-091504-0.log
    C:WindowsTEMPlpksetup-20131113-215446-0.log
    C:WindowsTEMPlpksetup-20131120-225202-0.log
    C:WindowsTEMPmcafee_1xxVqhXBZcqnYJa
    C:WindowsTEMPmcafee_8E8lqePv8oJtwmK
    C:WindowsTEMPMpCmdRun.log
    C:WindowsTEMPNvidiaLogs
    C:WindowsTEMPOOBEClear.cmd
    C:WindowsTEMPOOBERun.cmd
    C:WindowsTEMPOOBERun2.cmd
    C:WindowsTEMPOOBERun3.cmd
    C:WindowsTEMPPlus-HD-3.5Installer_1382984892.log
    C:WindowsTEMPRealtek_LAN_setup.log
    C:WindowsTEMPreport.dat
    C:WindowsTEMPrstcli.exe
    C:WindowsTEMPrstcli64.exe
    C:WindowsTEMPSEP940E.tmp
    C:WindowsTEMPSetREML.exe
    C:WindowsTEMPSilverlight0.log
    C:WindowsTEMPSilverlightMSI.log
    C:WindowsTEMPTempEnumAll.txt
    C:WindowsTEMPTempFindGUID.txt
    C:WindowsTEMPTempProc.log
    C:WindowsTEMPTilesData
    C:WindowsTEMPtmp000043b0
    C:WindowsTEMPTS_7C4F.tmp
    C:WindowsTEMPTS_8048.tmp
    C:WindowsTEMPTS_8B19.tmp
    C:WindowsTEMPTS_8D4C.tmp
    C:WindowsTEMPwinstore.log
    C:WindowsTEMP~bdE6B6.tmp
    C:WindowsTEMPtmp000043b0tmp00000000
    C:WindowsTEMPTilesDataAsSmartPin.exe
    C:WindowsTEMPTilesDataP4GHybrid.ini
    C:WindowsTEMPTilesDataSmartPin.ini
    C:WindowsTEMPNvidiaLogsLOG.DBInstaller.exe.log
    C:WindowsTEMPNvidiaLogsLOG.DrvInst.exe.log
    C:WindowsTEMPNvidiaLogsLOG.NVCPLSetupInt.exe.log
    C:WindowsTEMPNvidiaLogsLOG.nvtray.exe.log
    C:WindowsTEMPNvidiaLogsLOG.nvvsvc.exe.log
    C:WindowsTEMPNvidiaLogsLOG.nvxdsync.exe.log
    C:WindowsTEMPNvidiaLogsLOG.RunDll32.EXE.log
    C:WindowsTEMPNvidiaLogsLOG.setup.exe.log
    C:WindowsPrefetchACRORD32.EXE-153662D3.pf
    C:WindowsPrefetchACRORD32.EXE-4E288B88.pf
    C:WindowsPrefetchADOBEARM.EXE-813E932C.pf
    C:WindowsPrefetchADWCLEANER.EXE-DDE79D9C.pf
    C:WindowsPrefetchAgAppLaunch.db
    C:WindowsPrefetchAgCx_SC1.db
    C:WindowsPrefetchAgCx_SC1.db.trx
    C:WindowsPrefetchAgCx_SC2.db
    C:WindowsPrefetchAgCx_SC4.db
    C:WindowsPrefetchAgCx_SC5.db
    C:WindowsPrefetchAgGlFaultHistory.db
    C:WindowsPrefetchAgGlFgAppHistory.db
    C:WindowsPrefetchAgGlGlobalHistory.db
    C:WindowsPrefetchAgGlUAD_P_S-1-5-21-1305010613-2064220777-3922521960-1002.db
    C:WindowsPrefetchAgGlUAD_S-1-5-21-1305010613-2064220777-3922521960-1002.db
    C:WindowsPrefetchAgRobust.db
    C:WindowsPrefetchAPPLEMOBILEDEVICEHELPER.EXE-B90BEA1C.pf
    C:WindowsPrefetchAPRP.EXE-189CFE39.pf
    C:WindowsPrefetchASUSTPCFG64.EXE-7A0C8A89.pf
    C:WindowsPrefetchATH.EXE-216631C3.pf
    C:WindowsPrefetchATKOSD2.EXE-830E1513.pf
    C:WindowsPrefetchAUDIODG.EXE-9848A323.pf
    C:WindowsPrefetchAUTHHOST.EXE-44C90B62.pf
    C:WindowsPrefetchAU_.EXE-1B98730A.pf
    C:WindowsPrefetchAVCENTER.EXE-6D852881.pf
    C:WindowsPrefetchAVGNT.EXE-97FED619.pf
    C:WindowsPrefetchAVIRA_FREE_ANTIVIRUS [1].EXE-720C7F00.pf
    C:WindowsPrefetchAVIRA_FREE_ANTIVIRUS.EXE-51A360EB.pf
    C:WindowsPrefetchAVNOTIFY.EXE-A7994A59.pf
    C:WindowsPrefetchAVRESTART.EXE-304BDA5D.pf
    C:WindowsPrefetchAVSCAN.EXE-8C830A05.pf
    C:WindowsPrefetchAVWEBLOADER.EXE-89F8203C.pf
    C:WindowsPrefetchBACKGROUNDTRANSFERHOST.EXE-7DDF8CD2.pf
    C:WindowsPrefetchBDADDMTASK.EXE-35FD799F.pf
    C:WindowsPrefetchBDAGENT.EXE-6B62F545.pf
    C:WindowsPrefetchBDAPPHOST.EXE-3F03D4E8.pf
    C:WindowsPrefetchBDEXTHOST.EXE-46A5DBB8.pf
    C:WindowsPrefetchBDRUNTIMEHOST.EXE-686E0807.pf
    C:WindowsPrefetchBINGDESKTOP.EXE-8D000461.pf
    C:WindowsPrefetchBITDEFENDER_AV_64B.EXE-6559A4F5.pf
    C:WindowsPrefetchBUBBLES.SCR-55ABA833.pf
    C:WindowsPrefetchCALC.EXE-0FE8F3A9.pf
    C:WindowsPrefetchCHROME.EXE-9812FE60.pf
    C:WindowsPrefetchCHROME.EXE-CCF9F3F4.pf
    C:WindowsPrefetchCHROMEINSTALL-7U45.EXE-4BFC94E6.pf
    C:WindowsPrefetchCLUPDATER.EXE-82A90891.pf
    C:WindowsPrefetchCMD.EXE-2EB3E6E2.pf
    C:WindowsPrefetchCMD.EXE-CD245F9E.pf
    C:WindowsPrefetchCONHOST.EXE-F98A1078.pf
    C:WindowsPrefetchCONSENT.EXE-2D674CE4.pf
    C:WindowsPrefetchCSRSS.EXE-A7A2B218.pf
    C:WindowsPrefetchDELEGATE_EXECUTE.EXE-8869DDC1.pf
    C:WindowsPrefetchDFSVC.EXE-AD35CBCB.pf
    C:WindowsPrefetchDISPLAYSWITCH.EXE-4D432882.pf
    C:WindowsPrefetchDISTNOTED.EXE-DE72C2C6.pf
    C:WindowsPrefetchDLLHOST.EXE-38926D07.pf
    C:WindowsPrefetchDLLHOST.EXE-50AF0BCC.pf
    C:WindowsPrefetchDLLHOST.EXE-6AA5D6C5.pf
    C:WindowsPrefetchDLLHOST.EXE-716E1264.pf
    C:WindowsPrefetchDLLHOST.EXE-C1C2EFBE.pf
    C:WindowsPrefetchDOWNLOADER.EXE-1E5B7B87.pf
    C:WindowsPrefetchDWM.EXE-F29FE9E2.pf
    C:WindowsPrefetchdynreservedpri.db
    C:WindowsPrefetchERUNT.EXE-13EE2BE2.pf
    C:WindowsPrefetchEULA.EXE-0C63FE43.pf
    C:WindowsPrefetchEULA.EXE-185A99EE.pf
    C:WindowsPrefetchEXPLORER.EXE-03C49D11.pf
    C:WindowsPrefetchFIRSTRUN.EXE-3834855C.pf
    C:WindowsPrefetchFIRSTRUN.EXE-ED4F9EAB.pf
    C:WindowsPrefetchGLCND.EXE-DD45F588.pf
    C:WindowsPrefetchGOOGLEUPDATE.EXE-05D9223F.pf
    C:WindowsPrefetchGOOGLEUPDATE.EXE-296EF55A.pf
    C:WindowsPrefetchGOOGLEUPDATE.EXE-62E5E10F.pf
    C:WindowsPrefetchGOOGLEUPDATE.EXE-8F25D5F9.pf
    C:WindowsPrefetchHCONTROL.EXE-752ABE5C.pf
    C:WindowsPrefetchHKCMD.EXE-15DC91D5.pf
    C:WindowsPrefetchHOROSCOPE.EXE-39F22478.pf
    C:WindowsPrefetchIEXPLORE.EXE-7A9337F2.pf
    C:WindowsPrefetchIEXPLORE.EXE-F4FB5D2F.pf
    C:WindowsPrefetchIGFXSRVC.EXE-F41E6E8E.pf
    C:WindowsPrefetchIGFXTRAY.EXE-21BDFE68.pf
    C:WindowsPrefetchINSONWMI.EXE-D024CEF9.pf
    C:WindowsPrefetchINSTALL.EXE-168BA674.pf
    C:WindowsPrefetchINSTALLER.EXE-166619CC.pf
    C:WindowsPrefetchINSTALLER.EXE-2463F9E4.pf
    C:WindowsPrefetchINSTALLERPACKAGE.EXE-C9871E88.pf
    C:WindowsPrefetchINSTALL_READER11_FR_MSSD_AAA_-B4A67C9F.pf
    C:WindowsPrefetchITUNES.EXE-07AC1693.pf
    C:WindowsPrefetchITUNES64SETUP.EXE-17113D82.pf
    C:WindowsPrefetchITUNESHELPER.EXE-722A54DB.pf
    C:WindowsPrefetchJUSCHED.EXE-4B303C70.pf
    C:WindowsPrefetchLAUNCHER.EXE-925A5160.pf
    C:WindowsPrefetchLayout.ini
    C:WindowsPrefetchLIVECOMM.EXE-32EE8CFF.pf
    C:WindowsPrefetchLOGONUI.EXE-E35F76FB.pf
    C:WindowsPrefetchLSDRIVEDETECT.EXE-CE98813C.pf
    C:WindowsPrefetchMBAM-SETUP-1.75.0.1300.TMP-9BAA085B.pf
    C:WindowsPrefetchMBAM-SETUP-1.75.0.1300.TMP-C9983A51.pf
    C:WindowsPrefetchMBAM.EXE-125A28F9.pf
    C:WindowsPrefetchMCUICNT.EXE-D0E68351.pf
    C:WindowsPrefetchMDCRASHREPORTTOOL.EXE-3BC35FEE.pf
    C:WindowsPrefetchMOVIEMAKER.EXE-A6401490.pf
    C:WindowsPrefetchMPCMDRUN.EXE-6520183E.pf
    C:WindowsPrefetchMSCORSVW.EXE-55FE3087.pf
    C:WindowsPrefetchMSCORSVW.EXE-D593A5D9.pf
    C:WindowsPrefetchMSDT.EXE-A16F1692.pf
    C:WindowsPrefetchMSIEXEC.EXE-BAE57A74.pf
    C:WindowsPrefetchMSNMSGR.EXE-424B3DE6.pf
    C:WindowsPrefetchMSOOBE.EXE-AE41C2E0.pf
    C:WindowsPrefetchNGEN.EXE-383F81D5.pf
    C:WindowsPrefetchNGEN.EXE-A8DBB043.pf
    C:WindowsPrefetchNGENTASK.EXE-4DB88ADA.pf
    C:WindowsPrefetchNGENTASK.EXE-CD4E002C.pf
    C:WindowsPrefetchNOTEPAD.EXE-1A4CC1C3.pf
    C:WindowsPrefetchNOTEPAD.EXE-B28CC291.pf
    C:WindowsPrefetchNOTEPAD.EXE-F0516D55.pf
    C:WindowsPrefetchNVTRAY.EXE-981FA625.pf
    C:WindowsPrefetchNVVSVC.EXE-D5489D80.pf
    C:WindowsPrefetchNVXDSYNC.EXE-7855AED2.pf
    C:WindowsPrefetchOBK.EXE-DCF2DD96.pf
    C:WindowsPrefetchODSCANUI.EXE-899461D2.pf
    C:WindowsPrefetchODSLV.EXE-1ECDDD1C.pf
    C:WindowsPrefetchODSW.EXE-983DD055.pf
    C:WindowsPrefetchOp-EXPLORER.EXE-03C49D11-000000F5.pf
    C:WindowsPrefetchOPENWITH.EXE-BA0DC300.pf
    C:WindowsPrefetchOTL.EXE-A732DED9.pf
    C:WindowsPrefetchPDVD10SERV.EXE-99C8A7B5.pf
    C:WindowsPrefetchPfSvPerfStats.bin
    C:WindowsPrefetchPING.EXE-167FE968.pf
    C:WindowsPrefetchPOWER2GOEXPRESS.EXE-F5293CA2.pf
    C:WindowsPrefetchPOWERCFG.EXE-C4097EFB.pf
    C:WindowsPrefetchRAVBG64.EXE-B555701F.pf
    C:WindowsPrefetchRAVCPL64.EXE-C0BB540D.pf
    C:WindowsPrefetchREADER_SL.EXE-BC0A991D.pf
    C:WindowsPrefetchReadyBoot
    C:WindowsPrefetchRECOVERYDRIVE.EXE-0EE8638F.pf
    C:WindowsPrefetchRUNDLL32.EXE-00972AFF.pf
    C:WindowsPrefetchRUNDLL32.EXE-346952CF.pf
    C:WindowsPrefetchRUNDLL32.EXE-405FEB5D.pf
    C:WindowsPrefetchRUNDLL32.EXE-6999291C.pf
    C:WindowsPrefetchRUNDLL32.EXE-6BFEE589.pf
    C:WindowsPrefetchRUNDLL32.EXE-719E97F9.pf
    C:WindowsPrefetchRUNDLL32.EXE-9E940D77.pf
    C:WindowsPrefetchRUNDLL32.EXE-AC024951.pf
    C:WindowsPrefetchRUNDLL32.EXE-EA0A52C8.pf
    C:WindowsPrefetchRUNTIMEBROKER.EXE-17E2786F.pf
    C:WindowsPrefetchSC.EXE-443D0E78.pf
    C:WindowsPrefetchSDIAGNHOST.EXE-D8BC1DC6.pf
    C:WindowsPrefetchSEARCHFILTERHOST.EXE-10E4267C.pf
    C:WindowsPrefetchSEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf
    C:WindowsPrefetchSECCENTER.EXE-B7787518.pf
    C:WindowsPrefetchSETTINGSYNCHOST.EXE-DD400067.pf
    C:WindowsPrefetchSETUP.EXE-8238713E.pf
    C:WindowsPrefetchSETUP.EXE-8A9CE894.pf
    C:WindowsPrefetchSETUP.EXE-A61F6D06.pf
    C:WindowsPrefetchSETUP.EXE-C1C3DD17.pf
    C:WindowsPrefetchSETUP.EXE-D5D45E0A.pf
    C:WindowsPrefetchSETUPDOWNLOADER.EXE-3304E9C0.pf
    C:WindowsPrefetchSETUP_WM.EXE-5D2609E7.pf
    C:WindowsPrefetchSFTGC.EXE-1155E149.pf
    C:WindowsPrefetchSIMUSEREXEC.EXE-5BCC1EE0.pf
    C:WindowsPrefetchSKYDRIVESETUP.EXE-ACD69350.pf
    C:WindowsPrefetchSMSS.EXE-81AD91F0.pf
    C:WindowsPrefetchSNDVOL.EXE-276AC160.pf
    C:WindowsPrefetchSOFFICE.BIN-4DEC791F.pf
    C:WindowsPrefetchSVCHOST.EXE-5511E724.pf
    C:WindowsPrefetchSYNCSERVER.EXE-261E368E.pf
    C:WindowsPrefetchSYSTEMSETTINGS.EXE-D8CC3B5E.pf
    C:WindowsPrefetchTASKENG.EXE-23205583.pf
    C:WindowsPrefetchTASKHOST.EXE-29D61DAB.pf
    C:WindowsPrefetchTASKHOST.EXE-3C5D03F7.pf
    C:WindowsPrefetchTASKHOST.EXE-86081325.pf
    C:WindowsPrefetchTASKHOST.EXE-882A5176.pf
    C:WindowsPrefetchTASKHOST.EXE-D687BE54.pf
    C:WindowsPrefetchTASKHOST.EXE-F2C7AEBC.pf
    C:WindowsPrefetchTASKHOSTEX.EXE-7356AAC0.pf
    C:WindowsPrefetchTASKKILL.EXE-3D8A2F61.pf
    C:WindowsPrefetchTASKLIST.EXE-74FDEEA1.pf
    C:WindowsPrefetchTASKMGR.EXE-39AABA37.pf
    C:WindowsPrefetchTHE WORLD CLOCK.EXE-1030EBBF.pf
    C:WindowsPrefetchTHUMBNAILEXTRACTIONHOST.EXE-C3FB8861.pf
    C:WindowsPrefetchTIWORKER.EXE-375F3D59.pf
    C:WindowsPrefetchTRUSTEDINSTALLER.EXE-B018CCBF.pf
    C:WindowsPrefetchUNINS000.EXE-1CF61FE7.pf
    C:WindowsPrefetchUPDATESRV.EXE-9AD36E5A.pf
    C:WindowsPrefetchVCREDIST_X86.EXE-F7C89C6A.pf
    C:WindowsPrefetchVSSERV.EXE-33A15939.pf
    C:WindowsPrefetchW32TM.EXE-78C041DB.pf
    C:WindowsPrefetchWAJAM_DOWNLOAD.EXE-85DB3B14.pf
    C:WindowsPrefetchWAJAM_INSTALL.EXE-D8D8BE0A.pf
    C:WindowsPrefetchWERFAULT.EXE-94CE7668.pf
    C:WindowsPrefetchWINLOGON.EXE-0D9AB72B.pf
    C:WindowsPrefetchWLMAIL.EXE-A89F57F3.pf
    C:WindowsPrefetchWLSETUP-WEB.EXE-B5407236.pf
    C:WindowsPrefetchWLSTARTUP.EXE-9F0A892A.pf
    C:WindowsPrefetchWLXPHOTOGALLERY.EXE-55FF63A1.pf
    C:WindowsPrefetchWMIPRVSE.EXE-BB49B536.pf
    C:WindowsPrefetchWMPLAYER.EXE-8A348205.pf
    C:WindowsPrefetchWMPLAYER.EXE-B0AD61F0.pf
    C:WindowsPrefetchWUDFHOST.EXE-0D78D366.pf
    C:WindowsPrefetchWWAHOST.EXE-08E78623.pf
    C:WindowsPrefetchWWAHOST.EXE-349FF887.pf
    C:WindowsPrefetchWWAHOST.EXE-4C1933AC.pf
    C:WindowsPrefetchWWAHOST.EXE-6132DF3D.pf
    C:WindowsPrefetchWWAHOST.EXE-9178D9A9.pf
    C:WindowsPrefetchWWAHOST.EXE-917C29EF.pf
    C:WindowsPrefetchWWAHOST.EXE-DAF4E5BB.pf
    C:WindowsPrefetchWWAHOST.EXE-DBA9DFF9.pf
    C:WindowsPrefetchWWAHOST.EXE-EABC9C04.pf
    C:WindowsPrefetchWWAHOST.EXE-F7FB8768.pf
    C:WindowsPrefetchZHPDIAG.EXE-C7289479.pf
    C:WindowsPrefetchZHPDIAG2.TMP-174AEA90.pf
    C:WindowsPrefetchZHPDIAG2.TMP-1EF80010.pf
    C:WindowsPrefetchZHPDIAG2.TMP-81AC398A.pf
    C:WindowsPrefetchZHPFIX.EXE-AFDB3DAC.pf
    C:WindowsPrefetchZHPHEP.EXE-5F2753B1.pf
    C:WindowsPrefetchZHPHEP.EXE-8162C2FA.pf
    C:WindowsPrefetch_IU14D2N.TMP-A8098D0F.pf
    C:WindowsPrefetchReadyBootrblayout.xin
    C:WindowsPrefetchReadyBootTrace1.fx
    C:WindowsPrefetchReadyBootTrace10.fx
    C:WindowsPrefetchReadyBootTrace7.fx
    C:WindowsPrefetchReadyBootTrace8.fx
    C:WindowsPrefetchReadyBootTrace9.fx

    Corbeille vidée.

    Fin du rapport.

    mon ordinateur semble débarassé de ce virus !

  • Anonyme
    Nombre d'articles : 1400

    re lcemegane,

    dis moi comment va le pc s’il te plaît

    fais ceci et poste le rapport

    dans delfix, vérifie que ces cases soient cochées

    réactiver l’uac

    supprimer les outils de désinfection (case pre-cochée par défault)

    purger la restauration système

    clique sur exécuter

    • Télécharges Delfix sur ton Bureau.
    • Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche la case suivantes :
      • Réactiver l’UAC

    :merci2:

  • lcemegane
    Participant
    Nombre d'articles : 15

    Je n’arrive pas à exécuter ce logiciel, il disparait au moment où je veux exécuter, je l’ai retélécharger par 2 fois et ça ne marche toujours pas

  • Anonyme
    Nombre d'articles : 1400

    re

    télécharge le logiciel, puis redémarre le pc en mode sans échec pour l’exécuter>>mode sans échec w8

    :merci2:

  • lcemegane
    Participant
    Nombre d'articles : 15

    J’avais déjà essayé la dernière fois le mode sans échec sans y parvenir, c’est un nouvel ordinateur je ne trouvais du tout avec windows 8… y a-t-il une autre solution ?

  • Anonyme
    Nombre d'articles : 1400

    re

    regarde bien le lien de la procédure que je t’ai mis dans le message précédent, ça fonctionne, je l’ai fait sur le

    pc d’1 copain

    dis moi si tu y arrives

    :merci2:

  • lcemegane
    Participant
    Nombre d'articles : 15

    Excusez moi de ne répondre que maintenant je n’avais plus internet
    Je n’ai toujours pas réussi

  • Anonyme
    Nombre d'articles : 1400

    :hello: lcemegane,

    Je n’ai toujours pas réussi

    tu n’as pas réussi à télécharger et exécuter delfix, où tu n’as pas réussi à accéder au mode sans échec :interro:

    en attente de ta réponse:merci2:

  • lcemegane
    Participant
    Nombre d'articles : 15

    A accéder au mode sans échec

  • Anonyme
    Nombre d'articles : 1400

    :hello: Icemegane,

    essaie de télécharger et d’exécuter delfix en mode normal

    fais ceci et poste le rapport

    dans delfix, vérifie que ces cases soient cochées

    réactiver l’uac

    supprimer les outils de désinfection (case pre-cochée par défault)

    purger la restauration système

    clique sur exécuter

    Télécharges Delfix sur ton Bureau.
    Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

    Coche la case suivantes :

    Réactiver l’UAC

    Image

    :merci2:

  • Anonyme
    Nombre d'articles : 1400

    [norephelpe:289bkebr][/norephelpe:289bkebr]

Le sujet ‘Virus rvzr-a. akamaihd’ est fermé à de nouvelles réponses.