Ga naar inhoud

Virus??


Aanbevolen berichten

Sinds enkele weken opent mijn computer het ene na het andere scherm met de mededeling dat firefox,wachtdog,chrome helper enz.niet kan openen.Vervolgens loopt de computer vast en moet ik de stekker uit het stopcontact halen om de boel weer op te starten.Inmiddels heb ik met de ccleaner de computer gecontroleerd en herstelt.Wie weet wat ik aan dit probleem kan doen?

Link naar reactie
Delen op andere sites

@ carry,

:welkom: op PCH!.

Om uit te sluiten dat malware / virus de oorzaak is van het probleem voer onderstaande uit:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.


  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen


  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Carry at 2014-04-08 08:59:06

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2

System drive C: has 677 GB (72%) free of 939 GB

Total RAM: 4093 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 08:59:12, on 08/04/2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19507)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe

C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe

C:\Windows\SysWOW64\conime.exe

C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe

C:\ProgramData\Updater\updater.exe

C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

C:\Program Files (x86)\Ask.com\Updater\Updater.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Bench\Wd\wd.exe

C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe

C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe

C:\ProgramData\RHelpers\IEHelper\IeHelper.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Carry.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470&q={searchTerms}

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

O1 - Hosts: ::1 localhost

O1 - Hosts: 54.204.28.26 ckdjndgfgjaglgcnllemofeepjeeaofa

O1 - Hosts: 54.204.28.26 achhmapmjlcjlomcbmbicbgkihghgnie

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHPN.dll

O2 - BHO: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (file missing)

O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files (x86)\iMesh Applications\MediaBar\DataMngr\IEBHO.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\IPS\IPSBHO.DLL

O2 - BHO: Instant Savings App BHO - {6EB4A4C0-6036-4D2E-B010-20707C4B62E8} - C:\Program Files (x86)\Instant Savings App\FrameworkBHO.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll

O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files (x86)\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\pdfforgeToolbarIE.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll

O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\pdfforgeToolbarIE.dll

O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHPN.dll

O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files (x86)\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Hyperionics DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll

O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

O4 - HKLM\..\Run: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [updater] C:\ProgramData\Updater\Updater.exe

O4 - HKLM\..\Run: [mobilegeni daemon] "C:\Program Files (x86)\Mobogenie\DaemonProcess.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Wd] "C:\Program Files (x86)\Bench\Wd\wd.exe"

O4 - HKLM\..\RunOnce: [instant Savings App-repairJob] wscript.exe "C:\Users\Carry\AppData\Local\Instant Savings App\repair.js" "Instant Savings App-repairJob"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [updater] C:\ProgramData\Updater\updater.exe

O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Carry\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

O4 - HKCU\..\Run: [FLV Player] C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)

O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe

O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Internet Updater (InternetUpdater) - Parallel Lines Development, LLC - C:\ProgramData\InternetUpdater\InternetUpdaterService.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe

O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe

O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--

End of file - 31748 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

wininit.exe

C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Windows\system32\Dwm.exe"

taskeng.exe {A17CE0BD-563E-4C31-9B28-22EB99E52EC0}

C:\Windows\Explorer.EXE

taskeng.exe {7DD091D5-FA87-415A-9CB5-8E7572185396}

taskeng.exe {289B76FF-F311-4354-9FB0-EA98F425F7F5}

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe"

C:\PVSW\Bin\WGE_SRV.exe

C:\Windows\SysWOW64\svchost.exe -k netsvcs

"C:\PVSW\BIN\W3dbsmgr.EXE" -SRDE -SERVICE

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

"C:\ProgramData\InternetUpdater\InternetUpdaterService.exe"

"c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"

"C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe" -sEBP

"C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\diMaster.dll" /prefetch:1

"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\diMaster.dll" /prefetch:1

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"

"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-28160086-2712-40df-93fd-79169169b1a9 -SystemEventPortName:HostProcess-34044708-c68f-4dfb-9864-6aed6f3a7745 -IoCancelEventPortName:HostProcess-ede0433b-16fd-43be-9049-a4f79cc1cea0 -NonStateChangingEventPortName:HostProcess-79db406d-6ade-47df-9ff8-8149d12897d3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cbbea3d8-8cc3-4e25-8024-902707664350 -DeviceGroupId:WpdFsGroup

"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe" /c /a /s UserSession

"C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe" /c /a /s UserSession

WLIDSvcM.exe 2868

C:\Windows\SysWOW64\DllHost.exe /Processid:{304CE942-6E39-40D8-943A-B913C40C9CD4}

C:\Windows\system32\conime.exe

"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon

"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe"

"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun

"C:\Windows\ehome\ehtray.exe"

"C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

"C:\ProgramData\Updater\updater.exe"

"C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe"

C:\Windows\ehome\ehmsas.exe -Embedding

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"

"C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe"

"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"

"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"

"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\PROGRA~1\HEWLET~1\HPREMO~1\HPREMO~1.EXE" -Embedding

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files\Windows Media Player\wmpnscfg.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Bench\Wd\wd.exe"

"C:\Program Files\iPod\bin\iPodService.exe"

C:\Windows\system32\wbem\wmiprvse.exe

"C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe"

"C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe"

"C:\ProgramData\RHelpers\IEHelper\IeHelper.exe"

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C4400 series#1270990727" -Startup

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding

C:\Windows\system32\msiexec /V

"C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI

"c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding

"C:\Program Files\Windows Mail\WinMail.exe"

"C:\Windows\system32\wuauclt.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://www.pc-helpforum.be/f163/virus-69287-new/"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.0.48735572\28212348" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.1.2138649197\2016851544" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.2.1239355571\29295463" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.3.766589743\575510155" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.4.1840914331\699119275" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.5.503055554\44870191" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.7.161878693\60494566" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.8.1574973885\1432090482" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6092.9.1902595360\475684283" --ppapi-flash-args --lang=fr --ignored=" --type=renderer " /prefetch:-632637702

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6092.10.2056295710\2068554114" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,5,12,22,26 --disable-accelerated-video-decode --gpu-vendor-id=0x10de --gpu-device-id=0x0a60 --gpu-driver-vendor=NVIDIA --gpu-driver-version=7.15.11.8586 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=fr --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/ --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6092.30.2024363379\1472305217" /prefetch:673131151

splwow64

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 640 644 652 65536 648

"C:\Users\Carry\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\bench-S-1-5-21-1974969438-329552401-2338139960-1000.job

C:\Windows\tasks\bench-sys.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000UA.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\HPCeeScheduleForCarry.job

C:\Windows\tasks\PCConfidential.job

C:\Windows\tasks\PCDRScheduledMaintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}]

Instant Savings App BHO - C:\Program Files (x86)\Instant Savings App\FrameworkBHO64.dll [2014-03-04 325160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]

HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}]

PHPNukeFR Toolbar - C:\Program Files (x86)\PHPNukeFR\tbPHPN.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]

Bubble Dock SurfMatch - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]

UrlHelper Class - C:\Program Files (x86)\iMesh Applications\MediaBar\DataMngr\IEBHO.dll [2010-05-27 392072]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\IPS\IPSBHO.DLL [2014-02-21 392344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}]

Instant Savings App BHO - C:\Program Files (x86)\Instant Savings App\FrameworkBHO.dll [2014-03-04 258088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-04 329504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]

AOL Toolbar BHO - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

DefaultTab Browser Helper - C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll [2014-02-06 468600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]

Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll [2014-03-11 654176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}]

MediaBar - C:\Program Files (x86)\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll [2009-11-20 87472]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]

pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-04 59168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll [2009-07-29 1153024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

SMTTB2009 Class - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{D629FDE2-1C75-40B2-9B20-CE72D3A430AF} - Instant Savings App - C:\Program Files (x86)\Instant Savings App\FrameworkBHO64.dll [2014-03-04 325160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]

{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]

{1c491116-c175-45e1-a570-6fb14fea8b7b} - PHPNukeFR Toolbar - C:\Program Files (x86)\PHPNukeFR\tbPHPN.dll [2009-12-31 2349080]

{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - MediaBar - C:\Program Files (x86)\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll [2009-11-20 87472]

{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432]

{338B4DFE-2E2C-4338-9E41-E176D497299E} - Hyperionics DB Toolbar - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720]

{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll [2014-03-11 654176]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]

"HP Remote Software"=C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe [2009-02-06 172032]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-05-01 16252448]

"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]

"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-03-05 915512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]

"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe []

"Facebook Update"=C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-16 138096]

"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

"Updater"=C:\ProgramData\Updater\updater.exe [2013-12-19 486264]

"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2006-11-02 44544]

"FLV Player"=C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [2012-10-26 202752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart]

c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-04-09 185640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent]

c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-03-19 1148200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04 75016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-06-07 421776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NavRegReminder]

C:\Windows\temp\NavBrowser.exe /r /i C:\Windows\temp\NavLoad.ini []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]

C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]

C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu]

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-03-05 915512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

C:\Program Files (x86)\Steam\Steam.exe [2013-12-11 1823656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent]

c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2009-04-09 1328424]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]

"UpdateP2GoShortCut"=c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"UpdatePDIRShortCut"=c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]

"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]

"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2010-10-13 111928]

""= []

"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2013-04-30 1721480]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-06-07 421776]

"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"Updater"=C:\ProgramData\Updater\Updater.exe [2013-12-19 486264]

"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

"Wd"=C:\Program Files (x86)\Bench\Wd\wd.exe [2014-03-04 60416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]

"Instant Savings App-repairJob"=wscript.exe C:\Users\Carry\AppData\Local\Instant Savings App\repair.js Instant Savings App-repairJob []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Notification de cadeaux MSN.lnk - C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

"DisableTaskMgr"=0

"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-08 08:59:06 ----D---- C:\Program Files\trend micro

2014-04-08 08:44:45 ----D---- C:\rsit

2014-04-08 08:44:45 ----D---- C:\Program Files (x86)\trend micro

2014-04-03 09:59:57 ----D---- C:\Program Files\CCleaner

2014-04-02 13:47:07 ----D---- C:\Users\Carry\AppData\Roaming\spotmau

2014-04-02 13:46:55 ----D---- C:\ProgramData\TuneUp360

2014-04-02 13:46:50 ----D---- C:\Program Files (x86)\Wondershare

2014-04-01 14:49:55 ----N---- C:\Windows\system32\MpSigStub.exe

2014-03-13 06:48:55 ----A---- C:\Windows\SYSWOW64\wer.dll

2014-03-13 06:48:55 ----A---- C:\Windows\system32\wer.dll

2014-03-13 06:48:51 ----A---- C:\Windows\SYSWOW64\tzres.dll

2014-03-13 06:48:51 ----A---- C:\Windows\system32\tzres.dll

2014-03-13 06:48:36 ----A---- C:\Windows\SYSWOW64\qedit.dll

2014-03-13 06:48:36 ----A---- C:\Windows\system32\qedit.dll

2014-03-13 06:48:33 ----A---- C:\Windows\system32\mshtml.dll

2014-03-13 06:48:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-03-13 06:48:31 ----A---- C:\Windows\system32\ieframe.dll

2014-03-13 06:48:30 ----A---- C:\Windows\system32\wininet.dll

2014-03-13 06:48:30 ----A---- C:\Windows\system32\urlmon.dll

2014-03-13 06:48:30 ----A---- C:\Windows\system32\occache.dll

2014-03-13 06:48:30 ----A---- C:\Windows\system32\mstime.dll

2014-03-13 06:48:30 ----A---- C:\Windows\system32\msfeeds.dll

2014-03-13 06:48:30 ----A---- C:\Windows\system32\iertutil.dll

2014-03-13 06:48:30 ----A---- C:\Windows\system32\iedkcs32.dll

2014-03-13 06:48:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-03-13 06:48:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-03-13 06:48:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-03-13 06:48:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-03-13 06:48:29 ----A---- C:\Windows\system32\mshtmled.dll

2014-03-13 06:48:29 ----A---- C:\Windows\system32\msfeedsbs.dll

2014-03-13 06:48:29 ----A---- C:\Windows\system32\licmgr10.dll

2014-03-13 06:48:29 ----A---- C:\Windows\system32\jsproxy.dll

2014-03-13 06:48:29 ----A---- C:\Windows\system32\ieui.dll

2014-03-13 06:48:29 ----A---- C:\Windows\system32\iesetup.dll

2014-03-13 06:48:29 ----A---- C:\Windows\system32\iernonce.dll

2014-03-13 06:48:29 ----A---- C:\Windows\system32\iepeers.dll

2014-03-13 06:48:29 ----A---- C:\Windows\system32\corpol.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\url.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\occache.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\mstime.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\licmgr10.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\iepeers.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe

2014-03-13 06:48:28 ----A---- C:\Windows\SYSWOW64\corpol.dll

2014-03-13 06:48:28 ----A---- C:\Windows\system32\url.dll

2014-03-13 06:48:28 ----A---- C:\Windows\system32\msfeedssync.exe

2014-03-13 06:48:28 ----A---- C:\Windows\system32\ieUnatt.exe

2014-03-13 06:48:28 ----A---- C:\Windows\system32\iesysprep.dll

2014-03-13 06:48:28 ----A---- C:\Windows\system32\ie4uinit.exe

2014-03-13 06:48:27 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2014-04-08 08:59:12 ----D---- C:\Windows\Prefetch

2014-04-08 08:59:06 ----RD---- C:\Program Files

2014-04-08 08:59:03 ----D---- C:\Windows\Temp

2014-04-08 08:44:45 ----D---- C:\Program Files (x86)

2014-04-08 08:43:12 ----SHD---- C:\Windows\Installer

2014-04-08 08:43:11 ----D---- C:\Config.Msi

2014-04-08 08:40:37 ----D---- C:\Users\Carry\AppData\Roaming\newnext.me

2014-04-08 08:39:21 ----SHD---- C:\System Volume Information

2014-04-05 14:16:23 ----D---- C:\Windows\SysWOW64

2014-04-04 08:32:12 ----D---- C:\Windows

2014-04-03 10:04:23 ----D---- C:\ProgramData\Spybot - Search & Destroy

2014-04-03 10:04:22 ----D---- C:\Program Files (x86)\Steam

2014-04-03 10:04:16 ----D---- C:\Users\Carry\AppData\Roaming\uTorrent

2014-04-03 10:04:15 ----D---- C:\Users\Carry\AppData\Roaming\TS3Client

2014-04-03 10:04:14 ----D---- C:\Users\Carry\AppData\Roaming\Skype

2014-04-03 10:04:12 ----D---- C:\Program Files (x86)\PDFCreator

2014-04-03 10:03:32 ----D---- C:\Windows\Panther

2014-04-03 10:03:32 ----D---- C:\Windows\inf

2014-04-03 10:03:27 ----D---- C:\Windows\Minidump

2014-04-03 10:03:27 ----D---- C:\Windows\Logs

2014-04-03 10:03:27 ----D---- C:\Windows\Debug

2014-04-03 09:59:59 ----D---- C:\Windows\system32\Tasks

2014-04-03 09:09:20 ----D---- C:\Windows\system32\drivers\NAVx64

2014-04-03 07:23:48 ----D---- C:\ProgramData\Norton

2014-04-03 07:20:13 ----D---- C:\Program Files (x86)\Norton AntiVirus

2014-04-02 17:20:47 ----D---- C:\Windows\system32\wbem

2014-04-02 17:18:58 ----D---- C:\Windows\Tasks

2014-04-02 17:18:58 ----D---- C:\Windows\system32\spool

2014-04-02 17:18:58 ----D---- C:\Windows\system32\catroot2

2014-04-02 17:18:58 ----D---- C:\Windows\registration

2014-04-02 17:18:58 ----D---- C:\ProgramData\HP Product Assistant

2014-04-02 14:34:44 ----HD---- C:\Windows\system32\GroupPolicy

2014-04-02 14:34:44 ----D---- C:\Windows\SYSWOW64\GroupPolicy

2014-04-02 13:57:45 ----D---- C:\Program Files (x86)\SMINST

2014-04-02 13:46:55 ----HD---- C:\ProgramData

2014-04-01 14:49:55 ----D---- C:\Windows\System32

2014-04-01 09:06:29 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-04-01 08:55:54 ----D---- C:\ProgramData\CanonIJPLM

2014-04-01 08:53:54 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-03-29 05:10:36 ----D---- C:\ProgramData\HP

2014-03-28 18:16:03 ----D---- C:\Windows\system32\drivers\NSTx64

2014-03-28 18:11:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2014-03-19 18:02:02 ----D---- C:\Windows\LiveKernelReports

2014-03-19 04:01:10 ----D---- C:\Windows\system32\MRT

2014-03-19 04:01:03 ----A---- C:\Windows\system32\mrt.exe

2014-03-15 04:10:35 ----D---- C:\ProgramData\Microsoft Help

2014-03-14 11:17:40 ----D---- C:\Windows\rescache

2014-03-14 10:35:04 ----D---- C:\Windows\SYSWOW64\fr-FR

2014-03-14 10:35:04 ----D---- C:\Windows\system32\fr-FR

2014-03-14 10:34:59 ----D---- C:\Program Files (x86)\Internet Explorer

2014-03-14 10:34:54 ----D---- C:\Program Files\Internet Explorer

2014-03-14 10:34:48 ----D---- C:\Windows\SYSWOW64\migration

2014-03-14 10:34:26 ----D---- C:\Windows\system32\migration

2014-03-14 10:14:09 ----D---- C:\Windows\winsxs

2014-03-13 06:48:12 ----D---- C:\Windows\system32\catroot

2014-03-11 23:51:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAVx64\1502000.026\SYMDS64.SYS [2013-10-30 493656]

R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAVx64\1502000.026\SYMEFA64.SYS [2014-03-04 1148120]

R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.2.0.38\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [2014-03-19 1525976]

R1 ccSet_NAV;NAV Settings Manager; C:\Windows\system32\drivers\NAVx64\1502000.026\ccSetx64.sys [2014-02-25 162392]

R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [2013-09-27 162392]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-04-02 484952]

R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.2.0.38\Definitions\IPSDefs\20140405.001\IDSvia64.sys [2014-04-02 525016]

R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NAVx64\1502000.026\SRTSP64.SYS [2014-02-13 875736]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1502000.026\SRTSPX64.SYS [2013-10-30 36952]

R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1502000.026\Ironx64.SYS [2013-10-30 264280]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NAVx64\1502000.026\SYMTDIV.SYS [2014-02-18 510168]

R3 DCamUSBVM;Lenovo Q350 USB PC Camera; C:\Windows\System32\Drivers\usbVM31b.sys [2005-09-19 142336]

R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 145408]

R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 19968]

R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 42496]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-02-11 1708192]

R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.2.0.38\Definitions\VirusDefs\20140407.018\ENG64.SYS [2014-04-02 126040]

R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\21.2.0.38\Definitions\VirusDefs\20140407.018\EX64.SYS [2014-04-02 2099288]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-04-24 79392]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-05-01 11725728]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2009-01-20 195584]

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-04-03 177752]

R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 40960]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]

S3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys []

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]

S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-02-02 23536]

S3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NAVx64\1008030.006\SYMFW.SYS []

S3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NAVx64\1008030.006\SYMNDISV.SYS []

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-04-25 52736]

S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

S4 RsFx0153;RsFx0153 Driver; C:\Windows\system32\DRIVERS\RsFx0153.sys [2012-06-29 321992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]

R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [2013-10-26 107520]

R2 EBP Pervasive.SQL;EBP Pervasive.SQL; C:\PVSW\Bin\WGE_SRV.exe [2006-12-07 32768]

R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]

R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-01-23 1858048]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]

R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-12-04 94208]

R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 27648]

R2 InternetUpdater;Internet Updater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [2014-01-15 45568]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-03-17 73728]

R2 MSSQL$EBP;SQL Server (EBP); C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe [2012-06-29 62218696]

R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe [2014-03-12 262968]

R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [2014-03-11 130104]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 27648]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-05-01 381984]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 27648]

R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2012-06-29 277448]

R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 27648]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 DefaultTabSearch;DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-12-20 574464]

S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-05 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928]

S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]

S3 gupdatem;Service Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-05 136176]

S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]

S3 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]

S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-12 407336]

S3 Symantec Core LC;Symantec Core LC; C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2009-09-03 1251720]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 1012344]

S4 MSSQLServerADHelper100;Service SQL Active Directory Helper; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]

S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 SQLAgent$EBP;Agent SQL Server (EBP); C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\SQLAGENT.EXE [2012-06-29 441288]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Oeps ... dit is nog eens een voorbeeld van hoeveel rotzooi je kan verzamelen op 1 PC :dong: Werk aan de winkel:

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java en download daar de correcte Java versie.

  • Klik op "Gratis Java-download".
  • Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
  • Het bestand JavaSetup wordt aangeboden - kies hier voor "bestand opslaan".
  • Sluit alle programma's die eventueel open zijn - zeker je web browser!
  • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  • Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
  • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  • Herhaal dit tot alle oudere versies verdwenen zijn.
  • Na het verwijderen van alle oudere versies, herstart je pc.
  • Klik vervolgens op JavaSetup om de nieuwste versie van Java te installeren.
  • Vink de installatie van de Ask toolbar uit en ga dan verder met de installatie.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {1c491116-c175-45e1-a570-6fb14fea8b7b};c
 C:\Program Files (x86)\PHPNukeFR;fs
 {23AF19F7-1D5B-442c-B14C-3D1081953C94};c
 C:\Program Files (x86)\Nosibay\Bubble Dock;fs
 {474597C5-AB09-49d6-A4D5-2E8D7341384E};c
 C:\Program Files (x86)\iMesh Applications;fs
 {5C255C8A-E604-49b4-9D64-90988571CECB};c
 {6EB4A4C0-6036-4D2E-B010-20707C4B62E8};c
 C:\Program Files (x86)\Instant Savings;fs
 {7C554162-8CB7-45A4-B8F4-8EA1C75885F9};c
 C:\Program Files (x86)\AOL\AOL Toolbar 5.0;fs
 {7F6AFBF1-E065-4627-A2FD-810366367D01};c
 C:\Users\Carry\AppData\Roaming\defaulttab;fs
 {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F};c
 {B922D405-6D13-4A2B-AE89-08A030DA4402};c
 C:\Program Files (x86)\pdfforge Toolbar;fs
 {D4027C7F-154A-4066-A1AD-4243D8127440};c
 C:\Program Files (x86)\Ask.com;fs
 {E312764E-7706-43F1-8DAB-FCDD2B1E416D};c
 {FCBCCB87-9224-4B8D-B117-F56D924BEB18};c
 C:\Program Files (x86)\Hyperionics DB Toolbar;fs
 {DE9C389F-3316-41A7-809B-AA305ED9D922}:c
 {338B4DFE-2E2C-4338-9E41-E176D497299E};c
 SweetIM;s
 C:\Program Files (x86)\SweetIM;fs
 ApnUpdater;s
 Updater;s
 mobilegeni daemon;s
 C:\Program Files (x86)\Mobogenie;fs
 Instant Savings App-repairJob;s
 C:\Users\Carry\AppData\Local\Instant Savings App;fs
 C:\Users\Carry\AppData\Roaming\newnext.me;fs
 {925DAB62-F9AC-4221-806A-057BFB1014AA};c
 DefaultTabSearch;s
 C:\Program Files (x86)\DefaultTab;fs
 DefaultTabUpdate;s
 C:\Users\Carry\AppData\Roaming\defaulttab;fs
 C:\Windows\tasks\bench-S-1-5-21-1974969438-329552401-2338139960-1000.job;f
 C:\Windows\tasks\bench-sys.job;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}];r64
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
 "Updater"=-;r64
"NextLive"=-;r64
 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings];r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
 "SweetIM"=-;r64
 ""=-;r64
 "ApnUpdater"=-;r64
 "Updater"=-;r64
resethosts;

 "mobilegeni daemon"=-;r64
 [-HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce];r64
 C:\Users\Carry\AppData\Roaming\spotmau;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Deep Scan
  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by Carry on 08/04/2014 at 11:02:29,00.

Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002 Service Pack 2 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Carry\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

08/04/2014 11:09:00 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright © 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Gamenext deleted successfully

C:\PROGRA~2\Nosibay deleted successfully

C:\PROGRA~2\TomTom DesktopSuite deleted successfully

C:\PROGRA~2\WinZipper deleted successfully

C:\PROGRA~2\Wondershare deleted successfully

C:\PROGRA~2\COMMON~1\PX Storage Engine deleted successfully

C:\Program Files\Symantec deleted successfully

C:\PROGRA~3\Babylon deleted successfully

C:\PROGRA~3\CanonEPP deleted successfully

C:\PROGRA~3\CanonIJEPPEX2 deleted successfully

C:\PROGRA~3\Oracle deleted successfully

C:\Users\Carry\AppData\Roaming\Comptabilit‚ deleted successfully

C:\Users\Carry\AppData\Roaming\Nosibay deleted successfully

C:\Users\Carry\AppData\Roaming\WinZipper deleted successfully

C:\Users\Carry\AppData\Local\Conduit deleted successfully

C:\Users\Carry\AppData\Local\Lollipop deleted successfully

C:\Users\Carry\AppData\Local\OpenCandy deleted successfully

C:\Users\Carry\AppData\Local\PackageAware deleted successfully

C:\Users\Carry\AppData\Local\StimulsoftReportsResources deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442c-B14C-3D1081953C94} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{474597C5-AB09-49d6-A4D5-2E8D7341384E} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3F3E8073-7187-44A1-BC6C-00B2C3EFBAF4} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{799B1CD4-D3AF-4C22-A738-C7A97EF41A1E} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9B6103C1-F818-48a8-9683-314055BE6075} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C0CF59E9-B76F-450D-8707-2BE390E86DC6} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{23AF19F7-1D5B-442c-B14C-3D1081953C94} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{23AF19F7-1D5B-442c-B14C-3D1081953C94} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{925DAB62-F9AC-4221-806A-057BFB1014AA} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully

==== Running Processes ======================

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Users\Carry\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe

C:\PVSW\Bin\WGE_SRV.exe

C:\Windows\SysWOW64\svchost.exe

C:\PVSW\BIN\W3dbsmgr.EXE

C:\Windows\SysWOW64\svchost.exe

C:\ProgramData\InternetUpdater\InternetUpdaterService.exe

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe

C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe

C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe

C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\conime.exe

C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe

C:\ProgramData\Updater\updater.exe

C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Bench\Wd\wd.exe

C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe

C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe

C:\ProgramData\RHelpers\IEHelper\IeHelper.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\Instant Savings App\FrameworkEngine.exe

C:\Users\Carry\Downloads\zoek.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabSearch deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabSearch deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\InternetUpdater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\InternetUpdater deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default

---- Lines BabylonToolbar removed from prefs.js ----

user_pref("extensions.BabylonToolbar.admin", false);

user_pref("extensions.BabylonToolbar.aflt", "orgnl");

user_pref("extensions.BabylonToolbar.bbDpng", 3);

user_pref("extensions.BabylonToolbar.cntry", "FR");

user_pref("extensions.BabylonToolbar.dfltSrch", false);

user_pref("extensions.BabylonToolbar.excTlbr", false);

user_pref("extensions.BabylonToolbar.firstRun", false);

user_pref("extensions.BabylonToolbar.hdrMd5", "50463FDB6D9CA90CDBD94DE573798953");

user_pref("extensions.BabylonToolbar.hmpg", false);

user_pref("extensions.BabylonToolbar.id", "998392f32ad54ec49d18e408a3560227");

user_pref("extensions.BabylonToolbar.instlDay", "15205");

user_pref("extensions.BabylonToolbar.lastActv", "1");

user_pref("extensions.BabylonToolbar.lastDP", 3);

user_pref("extensions.BabylonToolbar.lastVrsnTs", "");

user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "22.0");

user_pref("extensions.BabylonToolbar.newTab", true);

user_pref("extensions.BabylonToolbar.newTabUrl", "http://search.babylon.com/?babsrc=NT_FFUP");

user_pref("extensions.BabylonToolbar.noFFXTlbr", false);

user_pref("extensions.BabylonToolbar.propectorlck", 129979273);

user_pref("extensions.BabylonToolbar.ptch_0717", true);

user_pref("extensions.BabylonToolbar.sid", "998392f32ad54ec49d18e408a3560227");

user_pref("extensions.BabylonToolbar.smplGrp", "czb");

---- Lines funmoods removed from user.js ----

user_pref("extensions.funmoods.hmpg", true);

user_pref("extensions.funmoods.hmpgUrl", "http://searchfunmoods.com/?f=1&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtC0A0B0D0E0C0FyByCzztCtN0D0Tzu0CyEzytBtN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=649671658&ir=");

user_pref("extensions.funmoods.dfltSrch", true);

user_pref("extensions.funmoods.srchPrvdr", "Funmoods");

user_pref("extensions.funmoods.dnsErr", true);

user_pref("extensions.funmoods_i.newTab", false);

user_pref("extensions.funmoods.newTabUrl", "http://searchfunmoods.com/?f=2&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtC0A0B0D0E0C0FyByCzztCtN0D0Tzu0CyEzytBtN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=649671658&ir=");

user_pref("extensions.funmoods.tlbrSrchUrl", "http://searchfunmoods.com/?f=3&a=nv2&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtC0A0B0D0E0C0FyByCzztCtN0D0Tzu0CyEzytBtN1L2XzutBtFtBtFtCtFyDyByBtN1L1Czu1G2XtB&cr=649671658&ir=&q=");

user_pref("extensions.funmoods.id", "002421ABDECF7681");

user_pref("extensions.funmoods.instlDay", "15831");

user_pref("extensions.funmoods.vrsn", "1.8.11.0");

user_pref("extensions.funmoods.vrsni", "1.8.11.0");

user_pref("extensions.funmoods_i.vrsnTs", "1.8.11.014:17:30");

user_pref("extensions.funmoods.prtnrId", "funmoods");

user_pref("extensions.funmoods.prdct", "funmoods");

user_pref("extensions.funmoods.aflt", "nv2");

user_pref("extensions.funmoods_i.smplGrp", "none");

user_pref("extensions.funmoods.tlbrId", "base");

user_pref("extensions.funmoods.instlRef", "");

user_pref("extensions.funmoods.dfltLng", "");

user_pref("extensions.funmoods.appId", "{EA28B360-05E0-4F93-8150-02891F1D8D3C}");

user_pref("extensions.funmoods.excTlbr", false);

user_pref("extensions.funmoods_i.hmpg", true);

---- FireFox user.js and prefs.js backups ----

user_042014_1128_.backup

prefs_042014_1128_.backup

ProfilePath: C:\Users\Carry\AppData\Roaming\Thunderbird\Profiles\2gt6omxd.default

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_042014_1128_.backup

ProfilePath: C:\Users\Carry\AppData\Roaming\TomTom\HOME\Profiles\2j5zfpdp.default

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_042014_1128_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]

@="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Safari.exe\shell\open\command]

@="C:\\Program Files (x86)\\Safari\\Safari.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"bProtector Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"bProtectTabs"=-

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Updater"=-

"NextLive"=-

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"SweetIM"=-

""=-

"ApnUpdater"=-

"Updater"=-

"mobilegeni daemon"=-

[-HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Nosibay\Bubble Dock not found

C:\Program Files (x86)\Instant Savings not found

C:\Program Files (x86)\Ask.com not found

C:\Program Files (x86)\Mobogenie not found

C:\Program Files (x86)\PHPNukeFR deleted

C:\Program Files (x86)\iMesh Applications deleted

C:\Program Files (x86)\AOL\AOL Toolbar 5.0 deleted

C:\Users\Carry\AppData\Roaming\defaulttab deleted

C:\Program Files (x86)\pdfforge Toolbar deleted

C:\Program Files (x86)\Hyperionics DB Toolbar deleted

C:\Users\Carry\AppData\Roaming\newnext.me deleted

C:\Program Files (x86)\DefaultTab deleted

C:\Users\Carry\AppData\Roaming\spotmau deleted

C:\Users\Carry\AppData\Local\genienext deleted

C:\Users\Carry\daemonprocess.txt deleted

C:\Users\Carry\.android deleted

C:\PROGRA~2\Mozilla Firefox\searchplugins\babylon.xml deleted

C:\PROGRA~2\Mozilla Firefox\searchplugins\iMeshWebSearch.xml deleted

C:\PROGRA~2\Mozilla Firefox\searchplugins\Search_Results.xml deleted

C:\PROGRA~2\Iminent deleted

C:\PROGRA~2\Boxore deleted

C:\PROGRA~2\Babylon deleted

C:\PROGRA~2\OfferBox deleted

C:\PROGRA~2\Desk 365 deleted

C:\PROGRA~2\Gophoto.it deleted

C:\PROGRA~2\Conduit deleted

C:\Users\Carry\AppData\Roaming\Uniblue deleted

C:\Users\Carry\AppData\Roaming\Smiley.ico deleted

C:\Users\Carry\AppData\Roaming\OfferBox deleted

C:\Users\Carry\AppData\Roaming\Desk 365 deleted

C:\Users\Carry\AppData\Roaming\Funmoods deleted

C:\Users\Carry\AppData\Roaming\Babylon deleted

C:\Users\Carry\AppData\Roaming\GetRightToGo deleted

C:\Users\Carry\AppData\Roaming\pdfforge deleted

C:\Users\Carry\AppData\Roaming\OpenCandy deleted

C:\Users\Carry\048298C9A4D3490B9FF9AB023A9238F3.TMP deleted

C:\PROGRA~3\Websteroids deleted

C:\PROGRA~3\eSafe deleted

C:\PROGRA~3\BrowserDefender deleted

C:\PROGRA~3\SweetIM deleted

C:\PROGRA~3\InternetUpdater deleted

C:\PROGRA~3\iMesh deleted

C:\Users\Carry\AppData\Local\BenchUpdater deleted

C:\Users\Carry\AppData\Local\Minibar deleted

C:\Users\Carry\AppData\Local\PutLockerDownloader deleted

C:\Users\Carry\AppData\Local\Software deleted

C:\Users\Carry\AppData\Local\iMesh deleted

C:\Users\Carry\AppData\Local\Mobogenie deleted

C:\Users\Carry\AppData\Local\cache deleted

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data deleted

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk deleted

C:\Users\Carry\Downloads\SoftonicDownloader_voor_magix-music-maker-mx.exe deleted

C:\Users\Carry\AppData\LocalLow\imeshmediabartb deleted

C:\Users\Carry\AppData\LocalLow\searchresultstb deleted

C:\Users\Carry\AppData\LocalLow\pdfforge deleted

C:\Users\Carry\AppData\LocalLow\Search Settings deleted

C:\Users\Carry\AppData\LocalLow\BabylonToolbar deleted

C:\Users\Carry\AppData\LocalLow\PHPNukeFR deleted

C:\Users\Carry\AppData\LocalLow\PriceGong deleted

C:\Users\Carry\AppData\LocalLow\Conduit deleted

C:\Users\Carry\AppData\LocalLow\Toolbar4 deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted

C:\windows\SysNative\tasks\Funmoods deleted

C:\windows\SysNative\tasks\Desk 365 RunAsStdUser deleted

C:\windows\SysNative\tasks\bench-S-1-5-21-1974969438-329552401-2338139960-1000 deleted

C:\windows\SysNative\tasks\bench-sys deleted

C:\Windows\tasks\bench-S-1-5-21-1974969438-329552401-2338139960-1000.job deleted

C:\Windows\tasks\bench-sys.job deleted

C:\windows\SysNative\tasks\DTReg deleted

C:\end deleted

C:\Windows\Syswow64\InstallUtil.InstallLog deleted

C:\Windows\Syswow64\ConduitEngine.tmp deleted

C:\Windows\Syswow64\SearchProtect deleted

C:\Users\Carry\Documents\Mobogenie deleted

C:\Users\Carry\Documents\PC Speed Maximizer deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\babylon.xml deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\conduit-search.xml deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\iMeshWebSearch.xml deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\live-search.xml deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\MyStart Search.xml deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\safesearch.xml deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\search-here.xml deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\search.xml deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\Search_Results.xml deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\ffxtlbr@babylon.com deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\ftdownloader3@ftdownloader.com.xpi deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\Invalidprefs.js deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\bProtector_extensions.rdf deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\bProtector_extensions.sqlite deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\bprotector_prefs.js deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\alot-toolbar deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\SweetIMToolbarData deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\SweetPacksToolbarData deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\jetpack deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\CT2405725 deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\CT2542115 deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\imeshmediabartb deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{0277C0FC-9B29-BEC2-1C18-216A87676D84} deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{0fc85f5d-6207-4515-a490-45a549d285c0} deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{2A39D365-6906-B62D-BB4C-E544F9440E50} deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352} deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\conduit deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\conduitCommon deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC} deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\smartbar deleted

"C:\Windows\Installer\10713abb.msi" deleted

"C:\Windows\Installer\2f80e96.msi" deleted

"C:\Windows\Installer\15731182.msi" deleted

"C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\Funmoods.xml" deleted

"C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\conduit.xml" deleted

"C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\gophoto@gophoto.it.xpi" deleted

"C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\addon@defaulttab.com.xpi" deleted

"C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\defaulttab.config" deleted

"C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi" deleted

"C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\searchplugins\sweetim.xml" deleted

"C:\PROGRA~2\Mozilla Firefox\searchplugins\nationzoom.xml" deleted

"C:\PROGRA~2\Instant Savings App\FrameworkEngine.exe" deleted

"C:\PROGRA~3\Updater\updater.exe" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgIEPlayer.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" deleted

"C:\PROGRA~2\Bench\Wd\wd.exe" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgAdaptersProxy.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgcommon.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgcommunication.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgconfig.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mghooking.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgIEPlayer.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgUpdateSupport.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgxml_wrapper.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\msvcp71.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\msvcr71.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\SweetIM.exe" deleted

"C:\PROGRA~3\RHelpers\ChromeHelper\ChromeHelper.exe" deleted

"C:\PROGRA~3\RHelpers\FirefoxHelper\FirefoxHelper.exe" deleted

"C:\PROGRA~3\RHelpers\IeHelper\IeHelper.exe" deleted

"C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe" deleted

"C:\Program Files (x86)\SweetIM" not deleted

"C:\Users\Carry\AppData\Local\Instant Savings App" not deleted

"C:\PROGRA~2\Instant Savings App" deleted

"C:\PROGRA~2\Bench" deleted

"C:\PROGRA~2\SweetIM" not deleted

"C:\PROGRA~3\Updater" not deleted

"C:\PROGRA~3\RHelpers" not deleted

"C:\Users\Carry\AppData\Local\Instant Savings App" not deleted

"C:\Users\Carry\AppData\Local\WebPlayer" deleted

"C:\Users\Carry\AppData\Local\Instant Savings App" not deleted

"C:\Program Files (x86)\SweetIM\Messenger" not deleted

"C:\PROGRA~2\Bench\Wd" deleted

"C:\PROGRA~2\SweetIM\Messenger" not deleted

"C:\PROGRA~3\RHelpers\ChromeHelper" not deleted

"C:\PROGRA~3\RHelpers\FirefoxHelper" not deleted

"C:\PROGRA~3\RHelpers\IeHelper" not deleted

"C:\Users\Carry\AppData\Local\WebPlayer\FLV Player" deleted

==== System Specs ======================

Windows: Windows Vista Home Premium Edition (64-bit) Service Pack 2 (Build 6002)

Memory (RAM): 4094 MB

CPU Info: Pentium® Dual-Core CPU E5200 @ 2.50GHz

CPU Speed: 2570,8 MHz

Sound Card: Haut-parleurs (Realtek High Def |

Display Adapters: NVIDIA GeForce G210 | NVIDIA GeForce G210 | RDPDD Chained DD | RDP Encoder Mirror Driver

Monitors: 1x; HP 2159 Series Wide LCD Monitor |

Screen Resolution: 1440 X 900 - 32 bit

Network: Network Present

Network Adapters: Realtek RTL8101E Family PCI-E FE NIC

CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVD-RAM GH40L

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C: 917,0GB | D: 14,5GB

Hard Disks - Free: C: 661,0GB | D: 2,0GB

Manufacturer *: Phoenix Technologies, LTD

BIOS Info: AT/AT COMPATIBLE | 05/07/09 | HPQOEM - 42302e31

Time Zone: Paris, Madrid

Motherboard *: MSI Boston

Country: France

Language: FRA

==== System Specs (Software) ======================

Anti-Virus: Norton AntiVirus On-access scanning disabled (Outdated)

Anti-Spyware: Norton AntiVirus disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Internet Explorer version: 8.0.6001.19507

Google Chrome version: 31.0.1650.63

Adobe Reader version: 9.5.5.316

Sun Java version: 1.7.0_51 (32-bit)

Flash Player version: 12.0.0.77

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Carry\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2014-04-08 08:54:44 9B10927CFD0F7AD39E40C0E34005B1AD 877480 ----a-w- C:\Windows\SysWOW64\npdeployJava1.dll

2014-04-08 08:54:44 4CC1F431910276174B4BC20E306FE742 800168 ----a-w- C:\Windows\SysWOW64\deployJava1.dll

2014-04-08 08:39:39 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2014-04-08 08:39:02 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe

2014-04-08 08:39:02 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-04-08 08:39:02 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-04-01 12:49:55 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\Sysnative\MpSigStub.exe

====== C:\Windows\Sysnative\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-04-08 06:59:06 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-04-08 08:40:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

2014-04-08 06:44:45 -------- d-----w- C:\PROGRA~2\trend micro

======= C: =====

====== C:\Users\Carry\AppData\Roaming ======

2014-04-02 11:47:08 CCF68BD665C8C4950B80C0365D6F30EF 142582 ----a-w- C:\Users\Carry\AppData\Roaming\userenv.xml.urlencode

2014-04-02 11:47:06 9DB6FC8616E19A58232F50AAA87125C5 106861 ----a-w- C:\Users\Carry\AppData\Roaming\userenv.xml

2014-04-01 06:19:40 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps

====== C:\Users\Carry ======

2014-04-08 09:34:27 -------- d-----w- C:\ProgramData\Websteroids

2014-04-08 08:39:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-04-08 08:34:45 5C68A2107DBD9B08CACE3130FE55B062 921000 ----a-w- C:\Users\Carry\Downloads\chromeinstall-7u51.exe

2014-04-08 06:58:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Carry\Desktop\RSITx64.exe

2014-04-08 06:44:09 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Carry\Downloads\RSIT.exe

2014-04-03 07:58:46 565592D342E241EB6FCA351F9C810AE3 4787368 ----a-w- C:\Users\Carry\Downloads\ccsetup412.exe

2014-04-02 11:46:55 -------- d-----w- C:\ProgramData\TuneUp360

2014-04-02 11:46:19 24A6EC3B3378F203145BAF747B8DF1BE 4335888 ----a-w- C:\Users\Carry\Downloads\1-click-pc-care_full1017.exe

====== C: exe-files ==

2014-04-08 08:38:13 F4BA3A5D5FDE0A321CD7C4A74749CE5B 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe

2014-04-08 08:38:13 EBAB810C999D8C31F0D5D8B28B3EEDD1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe

2014-04-08 08:38:13 C422AF851B98378A39B51D99FE707E64 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe

2014-04-08 08:38:13 ACA236A716C2291E40ED069F2CBB3D35 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe

2014-04-08 08:38:13 6E2BECF6E17FF8DC850C058A38A50C4F 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe

2014-04-08 08:38:13 6E1B0EEBF3D1CC7ECF4104E1473900FF 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe

2014-04-08 08:38:13 397A6EA17BB97800939DE44D7BFEEC04 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe

2014-04-08 08:38:13 18BC25C50200C3DD4E67611D2467DAA2 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe

2014-04-08 08:38:13 0E37C7C174521E16CEA0A6BC46F03BCD 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe

2014-04-08 08:38:11 ED1F5F1906F8D963612A4831CDB331D6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe

2014-04-08 08:38:11 B9436A665A8621073A12338B16D7BFD4 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe

2014-04-08 08:38:11 A8F2A6D5782AA0166D8367FF674DDF77 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe

2014-04-08 08:38:11 762E372DCFDAE32FAE52C1A50A0029C2 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe

2014-04-08 08:38:11 6EEAD2C8A5CAC1F0F2066ABD77BA9092 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe

2014-04-08 08:38:11 49A5F3169A23C00F9F2023DFE04D7AF6 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe

2014-04-08 08:38:05 E9BFEA5B2F3F7598DA990F9728768790 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe

2014-04-08 08:38:05 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe

2014-04-08 08:38:05 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe

2014-04-08 08:38:04 FBC27FD8E76C53E6E8066944BBE2BF73 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe

2014-04-08 08:38:04 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe

2014-04-08 08:38:04 5877E6618DA03EE8E7A869F57EE6ACE5 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe

2014-04-08 08:36:07 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Carry\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe

2014-04-08 08:34:45 5C68A2107DBD9B08CACE3130FE55B062 921000 ----a-w- C:\Users\Carry\Downloads\chromeinstall-7u51.exe

2014-04-08 06:59:06 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Carry.exe

2014-04-08 06:58:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Carry\Desktop\RSITx64.exe

2014-04-08 06:44:46 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\Carry.exe

2014-04-08 06:44:09 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Carry\Downloads\RSIT.exe

2014-04-03 07:58:46 565592D342E241EB6FCA351F9C810AE3 4787368 ----a-w- C:\Users\Carry\Downloads\ccsetup412.exe

2014-04-02 11:46:19 24A6EC3B3378F203145BAF747B8DF1BE 4335888 ----a-w- C:\Users\Carry\Downloads\1-click-pc-care_full1017.exe

=== C: other files ==

2014-04-08 08:38:14 863EB6802B1C3B7630290871599BE0BD 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip

2014-04-03 05:20:31 F718A57D946EAC76EFCB351D74E269F4 875736 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\srtsp64.sys

2014-04-03 05:20:31 B18CE01B9C09C59422BA7C7064248B35 36952 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\srtspx64.sys

2014-04-03 05:20:31 9F31630D7FC2DD9D5DA1CE359AAD1F46 1148120 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\SymEFA64.sys

2014-04-03 05:20:31 5C9EE2303CA7F267665D75237862B39C 493656 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\SymDS64.sys

2014-04-03 05:20:31 5570A74FF9B1EFBC5154DD1E2F05C517 593112 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\symnets.sys

2014-04-03 05:20:31 48C2934683CBD06F662B088EEF49EF6A 264280 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\Ironx64.sys

2014-04-03 05:20:31 20F758E6339A16F97DD83389D582E09A 23568 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\SymELAM.sys

2014-04-03 05:20:31 0510396A957E9FD7205BA62D3CAE4528 162392 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\ccSetx64.sys

2014-04-03 05:20:31 018D1F8343C301B4AF9DD042D2FFBCC8 510168 ----a-r- C:\Windows\System32\drivers\NAVx64\1502000.026\symtdiv.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

"Facebook Update"="C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"WMPNSCFG"="C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe"

"FLV Player"="C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe"

"Updater"="C:\ProgramData\Updater\updater.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"

"UpdateP2GoShortCut"="c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0"

"UpdatePDIRShortCut"="c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\PowerDirector UpdateWithCreateOnce SOFTWARE\CyberLink\PowerDirector\7.0"

"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"

"hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"Wd"="C:\Program Files (x86)\Bench\Wd\wd.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

"Facebook Update"="C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"WMPNSCFG"="C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe"

"FLV Player"="C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe"

"Updater"="C:\ProgramData\Updater\updater.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\PROGRA~3\\Wincert\\WIN32C~1.DLL C:\\PROGRA~2\\SEARCH~1\\Datamngr\\mgrldr.dll "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HP Remote Software"="C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe"

"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"

"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

"SmartMenu"="%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe Reader Speed Launcher"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer for HP TouchSmart]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CLMLServer for HP TouchSmart"

"hkey"="HKLM"

"command"="\"c:\\Program Files (x86)\\Hewlett-Packard\\TouchSmart\\Media\\Kernel\\CLML\\CLMLSvc.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DVDAgent]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DVDAgent"

"hkey"="HKLM"

"command"="\"c:\\Program Files (x86)\\Hewlett-Packard\\Media\\DVD\\DVDAgent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Health Check Scheduler]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HP Health Check Scheduler"

"hkey"="HKLM"

"command"="c:\\Program Files (x86)\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HPADVISOR"

"hkey"="HKCU"

"command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe view=DOCKVIEW,SYSTRAY"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NavRegReminder]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NavRegReminder"

"hkey"="HKLM"

"command"="\"C:\\Windows\\temp\\NavBrowser.exe\" /r /i \"C:\\Windows\\temp\\NavLoad.ini\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="QuickTime Task"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RGSC]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RGSC"

"hkey"="HKCU"

"command"="C:\\Program Files (x86)\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe /silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SmartMenu]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SmartMenu"

"hkey"="HKLM"

"command"="%ProgramFiles%\\Hewlett-Packard\\HP MediaSmart\\SmartMenu.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SpybotSD TeaTimer"

"hkey"="HKCU"

"command"="C:\\Program Files (x86)\\Spybot - Search & Destroy\\TeaTimer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Steam"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TomTomHOME.exe"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TSMAgent]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TSMAgent"

"hkey"="HKLM"

"command"="\"c:\\Program Files (x86)\\Hewlett-Packard\\TouchSmart\\Media\\TSMAgent.exe\""

==== Startup Folders ======================

2009-08-24 13:44:23 1001 ----a-w- C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk

2010-03-26 13:12:03 1964 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/03/2014 23:51]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000Core.job --a------ C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe [16/07/2012 15:43]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000UA.job --a------ C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe [16/07/2012 15:43]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/05/2011 12:12]

C:\Windows\tasks\HPCeeScheduleForCarry.job --a------ C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [24/02/2009 18:17]

C:\Windows\tasks\PCConfidential.job --a------ C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe []

C:\Windows\tasks\PCDRScheduledMaintenance.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000Core" [C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1974969438-329552401-2338139960-1000UA" [C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HP Health Check" ["c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"]

"C:\Windows\SysNative\tasks\HPCeeScheduleForCarry" [C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\WSCStub.exe"]

"C:\Windows\SysNative\tasks\PCConfidential" [C:\Program Files (x86)\Winferno\PC Confidential\PCConfidential.exe]

"C:\Windows\SysNative\tasks\PCDRScheduledMaintenance" [C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe]

"C:\Windows\SysNative\tasks\RecoveryCD" ["C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe"]

"C:\Windows\SysNative\tasks\{3D74D096-C270-4EDF-8D89-7EDA8B910D6A}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe]

"C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Analyzer" [C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Processor" [C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.2.0.38\IPSFF" [03/04/2014 09:13]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [08/01/2010 13:11]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default

- ALOT Toolbar - %ProfilePath%\extensions\toolbar@alot.com

- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

- MediaBar - %ProfilePath%\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593}

- Yahoo Toolbar - %ProfilePath%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

- Funmoods New Tab - %ProfilePath%\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi

ProfilePath: C:\Users\Carry\AppData\Roaming\Thunderbird\Profiles\2gt6omxd.default

- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

ProfilePath: C:\Users\Carry\AppData\Roaming\TomTom\HOME\Profiles\2j5zfpdp.default

- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com

- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

- Emulator - %ProfilePath%\extensions\Navcore.9.053.520930@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Search Settings Plugin - %AppDir%\extensions\search@searchsettings.com

- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

- pdfforge Toolbar Plugin - %AppDir%\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default

95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash

FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Carry\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

9B10927CFD0F7AD39E40C0E34005B1AD - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

99F97C9FE748C37528C338A423577FCB - C:\Users\Carry\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Deleted Firefox Extensions ======================

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593} deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi deleted

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} deleted

C:\Program Files (x86)\Mozilla Firefox\extensions\search@searchsettings.com deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bbffdhejhaoiflnpooogkckfdcmmjppn - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx[]

dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx[]

ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[]

kbjlipmgfoamgjaogmbihaffnpkpjajp - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\GCSurfMatch.crx[]

kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files (x86)\DefaultTab\DefaultTab.crx[]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45]

nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx[11/03/2014 22:44]

pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx[]

Instant Savings App - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\achhmapmjlcjlomcbmbicbgkihghgnie

Extended Protection - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml

Instant Savings App - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdjndgfgjaglgcnllemofeepjeeaofa

XJZ Survey Remover - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cphljojhgmnabimjemakjleocdheengh

Select City - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

DefaultTab - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Google Wallet - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Norton Identity Protection - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob

GoPhoto.it - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk

DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== Chrome Fix ======================

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage-journal deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kdidombaedgpfiiedeimiebkmbilgmlc_0.localstorage deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pfmopbbadnfoelckkcmjjeaaegjpjjbk_0.localstorage deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\achhmapmjlcjlomcbmbicbgkihghgnie deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_achhmapmjlcjlomcbmbicbgkihghgnie_0.localstorage deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_achhmapmjlcjlomcbmbicbgkihghgnie_0.localstorage-journal deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdjndgfgjaglgcnllemofeepjeeaofa deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ckdjndgfgjaglgcnllemofeepjeeaofa_0.localstorage deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ckdjndgfgjaglgcnllemofeepjeeaofa_0.localstorage-journal deleted successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.fr/"

"Default_Page_URL"="http://www.nationzoom.com/?type=hp&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470"

"Search Bar"="http://g.msn.fr/0SEFRFR/SAOS02"

"Default_Search_URL"="http://www.nationzoom.com/web/?type=ds&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470&q={searchTerms}"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.nationzoom.com/?type=hp&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470"

"Default_Page_URL"="http://www.nationzoom.com/?type=hp&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470"

"Search Page"="http://www.nationzoom.com/web/?type=ds&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470&q={searchTerms}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.nationzoom.com/?type=hp&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470"

"Default_Page_URL"="http://www.nationzoom.com/?type=hp&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470"

"Search Page"="http://www.nationzoom.com/web/?type=ds&ts=1388849492&from=amt&uid=WDCXWD10EADS-65L5B1_WD-WCAU4A95447054470&q={searchTerms}"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://www.google.com/search?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com/ie"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{afdbddaa-5d3f-42ee-b79c-185a7020515b}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.fr/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Unknown Url="Not_Found"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{105E99FF-8B9A-4492-B155-06194B9056D2} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"

{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{9CA88F39-8FD0-45DD-9BE0-2917E302CCB3} Kelkoo Url="http://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932"

{9D5BD211-422C-4164-9298-BB4186A30F31} Live Search Url="http://search.live.com/results.aspx?q={searchTerms}&mkt=fr-FR&FORM=MIMWA2"

{9F7FB1F9-E791-4A18-9DC7-9589D3F668AC} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

{AB15C27A-FB6D-4FB8-97AE-C0B69138C365} AOL Recherche Url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcndtie7-fr-fr"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\bubbledock@nosibay.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Carry\Desktop\EBP Compta 16.0.lnk - C:\Program Files (x86)\EBP\Compta16.0\compta.exe

C:\Users\Carry\Desktop\Fichiers d’installation Norton.lnk -

C:\Users\Carry\Desktop\FLV Player.lnk - C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe

C:\Users\Carry\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Nation Zoom

C:\Users\Carry\Desktop\QuickPar.lnk - C:\Program Files (x86)\QuickPar\QuickPar.exe

C:\Users\Carry\Desktop\µTorrent.lnk -

C:\Users\Carry\Desktop\gijs\ASIO4ALL v2 Instruction Manual.lnk - C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf

C:\Users\Carry\Desktop\gijs\FL Studio 11.lnk - C:\Program Files (x86)\Image-Line\FL Studio 11\FL.exe

C:\Users\Carry\Desktop\gijs\MAGIX Music Maker 17 Version à télécharger.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe

C:\Users\Public\Desktop\EBP Compta Classic Open Line 2013 5.1.lnk - C:\Program Files\EBP\Accounting5.1FRFR20\EBP.Accounting.Application.exe

C:\Users\Public\Desktop\EBP Migration vers Open Line 2.0.lnk - C:\ProgramData\EBP\CppMigrator2.0\EBP.CppMigrator.Application.exe

C:\Users\Public\Desktop\HP MediaSmart.lnk - c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_2F0AA623FDE06A97508B91.exe

C:\Users\Public\Desktop\MappyPlus.lnk - C:\Windows\Installer\{478F482D-C30B-4876-A080-BE3916268682}\app_icon.ico

C:\Users\Public\Desktop\Norton AntiVirus.lnk - C:\Program Files (x86)\Norton AntiVirus\Engine64\21.2.0.38\uiStub.exe

C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\LiveUpdate.lnk - C:\Program Files (x86)\Norton AntiVirus\Engine64\21.2.0.38\uiStub.exe /lu

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\NBRT.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Norton AntiVirus.lnk - C:\Program Files (x86)\Norton AntiVirus\Engine64\21.2.0.38\uiStub.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Support.lnk - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\symerr.exe /support

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus\Uninstall Norton AntiVirus.lnk - C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\562C4DD5\21.2.0.38\InstStub.exe /X /shortcut

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe\Désinstaller Norton Identity Safe.LNK -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe\Norton Identity Safe.LNK - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\cosastub.exe /install /force

==== shortcuts in Quick Launch ======================

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk - C:\Windows\Installer\{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}\SafariIco.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk - C:\Windows\system32\calc.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Nation Zoom

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk - c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_BD15A4BF3888028F418EC7.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk - C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Nation Zoom

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MediaWidget.lnk - C:\Program Files (x86)\Media Widget\MediaWidget.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\monAlbumPhoto.lnk - C:\Program Files (x86)\monAlbumPhoto\monAlbumphoto.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Nation Zoom

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\NewsLeecher.lnk - C:\Program Files (x86)\NewsLeecher\newsLeecher.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Skype.lnk -

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Mail.lnk - C:\Program Files (x86)\Windows Mail\WinMail.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk - c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_BD15A4BF3888028F418EC7.exe

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk - c:\Windows\Installer\{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}\_BD15A4BF3888028F418EC7.exe

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Carry\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Carry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6EB8FE4C9986914497E92C7F5A702E3 deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\059103D1F2AE2884A90A9464776548A2 deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kbjlipmgfoamgjaogmbihaffnpkpjajp deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iMesh deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InternetUpdater deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\4351_Instant Savings App deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4EF8BE6A-899C-4196-94E7-297C5F7A203E} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D301950-EA2F-4882-9AA0-49467756842A} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NavRegReminder deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\IPS\IPSBHO.DLL

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

O4 - HKLM\..\Run: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Wd] "C:\Program Files (x86)\Bench\Wd\wd.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Carry\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [FLV Player] C:\Users\Carry\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe

O4 - HKCU\..\Run: [updater] C:\ProgramData\Updater\updater.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\Carry\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe

O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe

O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\PROGRA~2\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5173 folders=818 289106269 bytes)

==== Empty Temp Folders ======================

C:\Users\Carry\AppData\Local\Temp will be emptied at reboot

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Carry\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted

"C:\Program Files (x86)\SweetIM" not found

"C:\Users\Carry\AppData\Local\Instant Savings App" not found

"C:\PROGRA~2\SweetIM" not found

"C:\PROGRA~3\Updater" not found

"C:\PROGRA~3\RHelpers" not found

"C:\Users\Carry\AppData\Local\Instant Savings App" not found

"C:\Users\Carry\AppData\Local\Instant Savings App" not found

==== EOF on 08/04/2014 at 15:43:11,83 ======================

Link naar reactie
Delen op andere sites

Dat is een berg rommel die nu al van de PC is gehaald. Maar we zijn er nog niet:

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
 [HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Run];r64
 "Updater"=-;r64
 C:\ProgramData\Updater;fs
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];r64
"AppInit_DLLs"=-;r64
 C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\toolbar@alot.com;fs
 C:\Program Files (x86)\Mozilla Firefox\extensions\search@searchsettings.com;fs
 C:\Program Files (x86)\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402};fs
 C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd};fs
 Updater;s
 Chrdefaults;
 autoclean;

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by Carry on 08/04/2014 at 18:05:25,85.

Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002 Service Pack 2 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Carry\Downloads\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-04-08-134311.log 106503 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\S-1-5-21-1974969438-329552401-2338139960-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Updater"=-

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\Updater not found

C:\Program Files (x86)\Mozilla Firefox\extensions\search@searchsettings.com not found

C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\extensions\toolbar@alot.com deleted

C:\Program Files (x86)\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted

C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} deleted

C:\PROGRA~3\Websteroids deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.2.0.38\IPSFF" [03/04/2014 09:13]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [08/01/2010 13:11]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default

- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

ProfilePath: C:\Users\Carry\AppData\Roaming\Thunderbird\Profiles\2gt6omxd.default

- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

ProfilePath: C:\Users\Carry\AppData\Roaming\TomTom\HOME\Profiles\2j5zfpdp.default

- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com

- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

- Emulator - %ProfilePath%\extensions\Navcore.9.053.520930@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default

95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash

FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Carry\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

9B10927CFD0F7AD39E40C0E34005B1AD - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

99F97C9FE748C37528C338A423577FCB - C:\Users\Carry\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45]

nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx[11/03/2014 22:44]

XJZ Survey Remover - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cphljojhgmnabimjemakjleocdheengh

Norton Identity Protection - Carry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.fr/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.fr/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{105E99FF-8B9A-4492-B155-06194B9056D2} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{9CA88F39-8FD0-45DD-9BE0-2917E302CCB3} Kelkoo Url="http://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932"

{9D5BD211-422C-4164-9298-BB4186A30F31} Live Search Url="http://search.live.com/results.aspx?q={searchTerms}&mkt=fr-FR&FORM=MIMWA2"

{9F7FB1F9-E791-4A18-9DC7-9589D3F668AC} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

{AB15C27A-FB6D-4FB8-97AE-C0B69138C365} AOL Recherche Url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcndtie7-fr-fr"

==== Reset Google Chrome ======================

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5244 folders=833 290344399 bytes)

==== Empty Temp Folders ======================

C:\Users\Carry\AppData\Local\Temp will be emptied at reboot

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Carry\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Carry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted

==== EOF on 08/04/2014 at 23:37:23,95 ======================

Link naar reactie
Delen op andere sites

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op Scan.
  • Klik vervolgens op Clean als er items zijn gevonden.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

# AdwCleaner v3.023 - Rapport créé le 09/04/2014 à 11:02:37

# Mis à jour le 01/04/2014 par Xplode

# Système d'exploitation : Windows Vista Home Premium Service Pack 2 (64 bits)

# Nom d'utilisateur : Carry - PC-DE-CARRY

# Exécuté depuis : C:\Users\Carry\Downloads\adwcleaner.exe

# Option : Nettoyer

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

[!] Dossier Supprimé : C:\ProgramData\~0

[!] Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeze.com

[!] Dossier Supprimé : C:\Program Files\Accelerer PC

[!] Dossier Supprimé : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender

[!] Dossier Supprimé : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com

[!] Dossier Supprimé : C:\Users\Carry\Documents\iMesh

[!] Dossier Supprimé : C:\Program Files (x86)\Software

Fichier Supprimé : C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\user.js

***** [ Raccourcis ] *****

Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk

Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

***** [ Registre ] *****

Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\iMesh.exe

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine

Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser

Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1

Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX

Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1

Clé Supprimée : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery

Clé Supprimée : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1

Clé Supprimée : HKLM\SOFTWARE\Classes\FTDownloader

Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.AudioCD

Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.Device

Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.file

Clé Supprimée : HKLM\SOFTWARE\Classes\imweb.imwebcontrol

Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils

Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1

Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator

Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1

Clé Supprimée : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2

Clé Supprimée : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2.1

Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap

Clé Supprimée : HKLM\SOFTWARE\Classes\speedupmypc

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival

Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc

Clé Supprimée : HKCU\Software\853db8cb33ae440

Clé Supprimée : HKLM\SOFTWARE\853db8cb33ae440

Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar

Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1

Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009

Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3

Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009

Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1

Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2102473

Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2542115

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{01AD9322-02FF-4F4F-AC52-92FDA5AE65F0}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BD3DAC32-3648-466D-97BC-5828038C5DE7}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BD3DAC32-3648-466D-97BC-5828038C5DE7}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}

Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]

Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1C491116-C175-45E1-A570-6FB14FEA8B7B}]

Clé Supprimée : HKCU\Software\1ClickDownload

Clé Supprimée : HKCU\Software\BabSolution

Clé Supprimée : HKCU\Software\Babylon

Clé Supprimée : HKCU\Software\Conduit

[#] Clé Supprimée : HKCU\Software\DataMngr_Toolbar

Clé Supprimée : HKCU\Software\Default Tab

Clé Supprimée : HKCU\Software\DefaultTab

Clé Supprimée : HKCU\Software\Funmoods

Clé Supprimée : HKCU\Software\ilivid

Clé Supprimée : HKCU\Software\Imesh

Clé Supprimée : HKCU\Software\iMeshMediabarTb

Clé Supprimée : HKCU\Software\InstallCore

Clé Supprimée : HKCU\Software\lollipop

Clé Supprimée : HKCU\Software\Nosibay

Clé Supprimée : HKCU\Software\Offerbox

Clé Supprimée : HKCU\Software\Search Settings

Clé Supprimée : HKCU\Software\Softonic

Clé Supprimée : HKCU\Software\Somoto Toolbar

Clé Supprimée : HKCU\Software\Webplayer

Clé Supprimée : HKCU\Software\YahooPartnerToolbar

Clé Supprimée : HKCU\Software\AppDataLow\Toolbar

Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit

Clé Supprimée : HKCU\Software\AppDataLow\Software\DefaultTab

Clé Supprimée : HKCU\Software\AppDataLow\Software\DynConIE

Clé Supprimée : HKCU\Software\AppDataLow\Software\iMeshMediabarTb

Clé Supprimée : HKCU\Software\AppDataLow\Software\pdfforge

Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong

Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar

Clé Supprimée : HKCU\Software\AppDataLow\Software\PHPNukeFR

Clé Supprimée : HKLM\Software\Bench

Clé Supprimée : HKLM\Software\Boxore

Clé Supprimée : HKLM\Software\Conduit

Clé Supprimée : HKLM\Software\DataMngr

Clé Supprimée : HKLM\Software\Default Tab

Clé Supprimée : HKLM\Software\DefaultTab

Clé Supprimée : HKLM\Software\Desksvc

Clé Supprimée : HKLM\Software\Freeze.com

Clé Supprimée : HKLM\Software\hdcode

Clé Supprimée : HKLM\Software\iLividSRTB

Clé Supprimée : HKLM\Software\Imesh

Clé Supprimée : HKLM\Software\Iminent

Clé Supprimée : HKLM\Software\InstallCore

Clé Supprimée : HKLM\Software\installedbrowserextensions

Clé Supprimée : HKLM\Software\Instant Savings App

Clé Supprimée : HKLM\Software\Minibar

Clé Supprimée : HKLM\Software\nationzoomSoftware

Clé Supprimée : HKLM\Software\Offerbox

Clé Supprimée : HKLM\Software\pdfforge

Clé Supprimée : HKLM\Software\Search Settings

Clé Supprimée : HKLM\Software\Uniblue

Clé Supprimée : HKLM\Software\V9

Clé Supprimée : HKLM\Software\winzipersvc

Clé Supprimée : HKLM\Software\PHPNukeFR

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iMesh MediaBar

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PHPNukeFR Toolbar

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0E25BB07-62EB-476F-87FC-6AF426AB059E}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF8BE6A-899C-4196-94E7-297C5F7A203E}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Desk 365

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\eSafeSecControl

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iMesh MediaBar

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Imesh

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Instant Savings App

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PHPNukeFR Toolbar

Clé Supprimée : [x64] HKLM\SOFTWARE\DomaIQ

Donnée Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN32C~1.DLL

Donnée Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll

Clé Supprimée : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Donnée Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*.offerbox.com

***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.19507

-\\ Mozilla Firefox v22.0 (fr)

[ Fichier : C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ Fichier : C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [36364 octets] - [09/04/2014 10:59:05]

AdwCleaner[s0].txt - [27986 octets] - [09/04/2014 11:02:37]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [28047 octets] ##########

Link naar reactie
Delen op andere sites

# AdwCleaner v3.023 - Rapport créé le 09/04/2014 à 11:02:37

# Mis à jour le 01/04/2014 par Xplode

# Système d'exploitation : Windows Vista Home Premium Service Pack 2 (64 bits)

# Nom d'utilisateur : Carry - PC-DE-CARRY

# Exécuté depuis : C:\Users\Carry\Downloads\adwcleaner.exe

# Option : Nettoyer

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

[!] Dossier Supprimé : C:\ProgramData\~0

[!] Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeze.com

[!] Dossier Supprimé : C:\Program Files\Accelerer PC

[!] Dossier Supprimé : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender

[!] Dossier Supprimé : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com

[!] Dossier Supprimé : C:\Users\Carry\Documents\iMesh

[!] Dossier Supprimé : C:\Program Files (x86)\Software

Fichier Supprimé : C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\user.js

***** [ Raccourcis ] *****

Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk

Raccourci Désinfecté : C:\Users\Carry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

***** [ Registre ] *****

Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\iMesh.exe

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine

Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser

Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1

Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX

Clé Supprimée : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1

Clé Supprimée : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery

Clé Supprimée : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1

Clé Supprimée : HKLM\SOFTWARE\Classes\FTDownloader

Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.AudioCD

Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.Device

Clé Supprimée : HKLM\SOFTWARE\Classes\iMesh.file

Clé Supprimée : HKLM\SOFTWARE\Classes\imweb.imwebcontrol

Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils

Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1

Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator

Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1

Clé Supprimée : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2

Clé Supprimée : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2.1

Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap

Clé Supprimée : HKLM\SOFTWARE\Classes\speedupmypc

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival

Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc

Clé Supprimée : HKCU\Software\853db8cb33ae440

Clé Supprimée : HKLM\SOFTWARE\853db8cb33ae440

Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar

Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1

Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009

Clé Supprimée : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3

Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009

Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1

Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2102473

Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2542115

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{01AD9322-02FF-4F4F-AC52-92FDA5AE65F0}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BD3DAC32-3648-466D-97BC-5828038C5DE7}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BD3DAC32-3648-466D-97BC-5828038C5DE7}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}

Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]

Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1C491116-C175-45E1-A570-6FB14FEA8B7B}]

Clé Supprimée : HKCU\Software\1ClickDownload

Clé Supprimée : HKCU\Software\BabSolution

Clé Supprimée : HKCU\Software\Babylon

Clé Supprimée : HKCU\Software\Conduit

[#] Clé Supprimée : HKCU\Software\DataMngr_Toolbar

Clé Supprimée : HKCU\Software\Default Tab

Clé Supprimée : HKCU\Software\DefaultTab

Clé Supprimée : HKCU\Software\Funmoods

Clé Supprimée : HKCU\Software\ilivid

Clé Supprimée : HKCU\Software\Imesh

Clé Supprimée : HKCU\Software\iMeshMediabarTb

Clé Supprimée : HKCU\Software\InstallCore

Clé Supprimée : HKCU\Software\lollipop

Clé Supprimée : HKCU\Software\Nosibay

Clé Supprimée : HKCU\Software\Offerbox

Clé Supprimée : HKCU\Software\Search Settings

Clé Supprimée : HKCU\Software\Softonic

Clé Supprimée : HKCU\Software\Somoto Toolbar

Clé Supprimée : HKCU\Software\Webplayer

Clé Supprimée : HKCU\Software\YahooPartnerToolbar

Clé Supprimée : HKCU\Software\AppDataLow\Toolbar

Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit

Clé Supprimée : HKCU\Software\AppDataLow\Software\DefaultTab

Clé Supprimée : HKCU\Software\AppDataLow\Software\DynConIE

Clé Supprimée : HKCU\Software\AppDataLow\Software\iMeshMediabarTb

Clé Supprimée : HKCU\Software\AppDataLow\Software\pdfforge

Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong

Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar

Clé Supprimée : HKCU\Software\AppDataLow\Software\PHPNukeFR

Clé Supprimée : HKLM\Software\Bench

Clé Supprimée : HKLM\Software\Boxore

Clé Supprimée : HKLM\Software\Conduit

Clé Supprimée : HKLM\Software\DataMngr

Clé Supprimée : HKLM\Software\Default Tab

Clé Supprimée : HKLM\Software\DefaultTab

Clé Supprimée : HKLM\Software\Desksvc

Clé Supprimée : HKLM\Software\Freeze.com

Clé Supprimée : HKLM\Software\hdcode

Clé Supprimée : HKLM\Software\iLividSRTB

Clé Supprimée : HKLM\Software\Imesh

Clé Supprimée : HKLM\Software\Iminent

Clé Supprimée : HKLM\Software\InstallCore

Clé Supprimée : HKLM\Software\installedbrowserextensions

Clé Supprimée : HKLM\Software\Instant Savings App

Clé Supprimée : HKLM\Software\Minibar

Clé Supprimée : HKLM\Software\nationzoomSoftware

Clé Supprimée : HKLM\Software\Offerbox

Clé Supprimée : HKLM\Software\pdfforge

Clé Supprimée : HKLM\Software\Search Settings

Clé Supprimée : HKLM\Software\Uniblue

Clé Supprimée : HKLM\Software\V9

Clé Supprimée : HKLM\Software\winzipersvc

Clé Supprimée : HKLM\Software\PHPNukeFR

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iMesh MediaBar

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PHPNukeFR Toolbar

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0E25BB07-62EB-476F-87FC-6AF426AB059E}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF8BE6A-899C-4196-94E7-297C5F7A203E}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Desk 365

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\eSafeSecControl

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iMesh MediaBar

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Imesh

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Instant Savings App

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PHPNukeFR Toolbar

Clé Supprimée : [x64] HKLM\SOFTWARE\DomaIQ

Donnée Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN32C~1.DLL

Donnée Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll

Clé Supprimée : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Donnée Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*.offerbox.com

***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.19507

-\\ Mozilla Firefox v22.0 (fr)

[ Fichier : C:\Users\Carry\AppData\Roaming\Mozilla\Firefox\Profiles\n57ew8ax.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ Fichier : C:\Users\Carry\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [36364 octets] - [09/04/2014 10:59:05]

AdwCleaner[s0].txt - [27986 octets] - [09/04/2014 11:02:37]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [28047 octets] ##########

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.