Bibou Le Forum
Portail sur la sécurité
 
PortailAccueilRechercherS'enregistrerMembresGroupesConnexion

Partagez | 
 

 Mes fenêtres se réduisent toutes seuls.

Voir le sujet précédent Voir le sujet suivant Aller en bas 
AuteurMessage
Neiroxiapix
bibounet
bibounet


Masculin
Nombre de messages : 11
Age : 20
Localisation : Nul part
Date d'inscription : 15/08/2013

MessageSujet: Mes fenêtres se réduisent toutes seuls.   Jeu 15 Aoû 2013 - 10:38

Bonjour à tous et à toute,

Depuis quelques jours mes fenêtres se réduisent toutes seuls lorsqu'elles sont en plein écran et lorsqu'elles sont fenêtrées fait comme si j'avais cliquer hors de la fenêtre (le délai de réduction est irrégulier). Je suis sous Windows 7 et mon ordinateur est un ASUS G73 avec un carte graphique NVIDIA GEFORCE GTX 460M (à jour). En espérant trouver un réponse à mon problème, d'avance merci.
Revenir en haut Aller en bas
oskare68
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages : 2496
Age : 53
Localisation : France (Alsace)
Humeur : C'est selon...
Date d'inscription : 30/04/2010

MessageSujet: Re: Mes fenêtres se réduisent toutes seuls.   Jeu 15 Aoû 2013 - 12:25

Bjr Neiroxiapix,sois le bienvenu

Suis cette procédure stp afin qu'un helper puisse analyser ton pc.Il se peut que ton pc contient des "bêbêtes"
http://www.bibou0007.com/t2887-procedure-a-suivre-avant-de-poster

Cdlt

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
Neiroxiapix
bibounet
bibounet


Masculin
Nombre de messages : 11
Age : 20
Localisation : Nul part
Date d'inscription : 15/08/2013

MessageSujet: Re: Mes fenêtres se réduisent toutes seuls.   Ven 16 Aoû 2013 - 9:37

# AdwCleaner v2.306 - Rapport créé le 16/08/2013 à 09:30:46
# Mis à jour le 19/07/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Koxx-Xtp - KOXX-XTP-PC
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Koxx-Xtp\AppData\Local\Temp\is1326335552\430312_Setup.EXE
# Option [Recherche]


***** [Services] *****

Présent : BrowserDefendert
Présent : SrvUpdater
Présent : Yontoo Desktop Updater

***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Program Files (x86)\Boxore
Dossier Présent : C:\Program Files (x86)\Desk 365
Dossier Présent : C:\Program Files (x86)\LyricsWoofer
Dossier Présent : C:\Program Files (x86)\Nosibay
Dossier Présent : C:\Program Files (x86)\Software
Dossier Présent : C:\Program Files (x86)\SoftwareUpdater
Dossier Présent : C:\Program Files (x86)\Wajam
Dossier Présent : C:\Program Files (x86)\Yontoo
Dossier Présent : C:\ProgramData\APN
Dossier Présent : C:\ProgramData\Ask
Dossier Présent : C:\ProgramData\Babylon
Dossier Présent : C:\ProgramData\BrowserDefender
Dossier Présent : C:\ProgramData\eSafe
Dossier Présent : C:\ProgramData\IBUpdaterService
Dossier Présent : C:\ProgramData\Tarma Installer
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Local\lollipop
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Local\PackageAware
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Local\Temp\Wajam
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Local\Wajam
Dossier Présent : C:\Users\Koxx-Xtp\AppData\LocalLow\boost_interprocess
Dossier Présent : C:\Users\Koxx-Xtp\AppData\LocalLow\Conduit
Dossier Présent : C:\Users\Koxx-Xtp\AppData\LocalLow\delta
Dossier Présent : C:\Users\Koxx-Xtp\AppData\LocalLow\mediabarim
Dossier Présent : C:\Users\Koxx-Xtp\AppData\LocalLow\mixidj
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Roaming\Babylon
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Roaming\DataMgr
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Roaming\Desk 365
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Roaming\eIntaller
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Roaming\Nosibay
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Roaming\OfferBox
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Roaming\PerformerSoft
Dossier Présent : C:\Users\Koxx-Xtp\AppData\Roaming\Yontoo
Dossier Présent : C:\Users\xNeXuS_Freedom.Koxx-Xtp-PC\AppData\LocalLow\AskToolbar
Dossier Présent : C:\Users\xNeXuS_Freedom.Koxx-Xtp-PC\AppData\LocalLow\incredibar.com
Dossier Présent : C:\Users\xNeXuS_Freedom.Koxx-Xtp-PC\AppData\LocalLow\mediabarim
Dossier Présent : C:\Windows\Installer\{0E25BB07-62EB-476F-87FC-6AF426AB059E}
Dossier Présent : C:\Windows\Installer\{89601BB9-C8C0-493D-9912-AD7F51A918A3}
Fichier Présent : C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Fichier Présent : C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Fichier Présent : C:\Windows\Tasks\LyricsWoofer Update.job
Fichier Présent : C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
Fichier Présent : C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job

***** [Registre] *****

Clé Présente : HKCU\Software\AppDataLow\Software\LyricsWoofer
Clé Présente : HKCU\Software\InstallCore
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{73F8F433-14C8-48AA-8412-54BC6F8D3FA3}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{73F8F433-14C8-48AA-8412-54BC6F8D3FA3}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Présente : HKCU\Software\Nosibay
Clé Présente : HKCU\Software\Offerbox
Clé Présente : HKCU\Software\SmartBar
Clé Présente : HKCU\Software\Softonic
Clé Présente : HKCU\Software\Tutorials
Clé Présente : HKCU\Software\TutoTag
Clé Présente : HKCU\Software\UpdateStar
Clé Présente : HKCU\Software\Wajam
Clé Présente : HKCU\Software\90d7dcbc3cba13
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Clé Présente : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Clé Présente : HKLM\Software\Classes\Installer\Features\70BB52E0BE26F67478CFA64F62BA50E9
Clé Présente : HKLM\Software\Classes\Installer\Features\9BB106980C8CD3949921DAF7159A813A
Clé Présente : HKLM\Software\Classes\Installer\Products\70BB52E0BE26F67478CFA64F62BA50E9
Clé Présente : HKLM\Software\Classes\Installer\Products\9BB106980C8CD3949921DAF7159A813A
Clé Présente : HKLM\SOFTWARE\Classes\Prod.cap
Clé Présente : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass
Clé Présente : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1
Clé Présente : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine
Clé Présente : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0
Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT2377581
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Clé Présente : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Clé Présente : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Clé Présente : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Clé Présente : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Clé Présente : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Clé Présente : HKLM\Software\eSafeSecControl
Clé Présente : HKLM\Software\Iminent
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Présente : HKLM\Software\Offerbox
Clé Présente : HKLM\Software\SoftwareUpdater
Clé Présente : HKLM\Software\V9
Clé Présente : HKLM\Software\Wajam
Clé Présente : HKLM\SOFTWARE\Wow6432Node\90d7dcbc3cba13
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0E25BB07-62EB-476F-87FC-6AF426AB059E}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Clé Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Clé Présente : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Clé Présente : HKLM\SOFTWARE\Tarma Installer
Clé Présente : HKU\S-1-5-21-4172766360-812181187-3318302473-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Clé Présente : HKU\S-1-5-21-4172766360-812181187-3318302473-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Donnée Présente : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll
Donnée Présente : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll,
Donnée Présente : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll,
Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Valeur Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Bubble Dock]
Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [tuto4pc_fr_43]
Valeur Présente : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Valeur Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valeur Présente : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Navigateurs] *****

-\\ Internet Explorer v10.0.9200.16660

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=B6954E5D60830C8E&affID=121139&tsp=4945
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=B6954E5D60830C8E&affID=121139&tsp=4945

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Preferences

Présente [l.29] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Présente [l.32] : keyword = "delta-search.com",
Présente [l.36] : search_url = "hxxp://mixidj.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B6954E5D60830C8E&affID=121139&tsp=4945",
Présente [l.2151] : homepage = "hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=B6954E5D60830C8E&affID=121139&tsp=4945",
Présente [l.2410] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/?babsrc=HP_ss_wls&mntrId=B6954E5D60830C8E&affID=120519&tsp=4944" ]

*************************

AdwCleaner[R1].txt - [27058 octets] - [16/08/2013 09:30:46]

########## EOF - C:\AdwCleaner[R1].txt - [27119 octets] ##########
Revenir en haut Aller en bas
Neiroxiapix
bibounet
bibounet


Masculin
Nombre de messages : 11
Age : 20
Localisation : Nul part
Date d'inscription : 15/08/2013

MessageSujet: Re: Mes fenêtres se réduisent toutes seuls.   Ven 16 Aoû 2013 - 9:46

~ Rapport de ZHPDiag v2013.8.14.22 - Nicolas Coolman  (14/08/2013)
~ Lancé par Koxx-Xtp (16/08/2013 09:38:52)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16660
GCIE: Google Chrome v27.0.1453.116 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v3.26  =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.8

---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader X
Java 7 Update 25

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3948 MB (40% free)
System Restore: Désactivé (Disabled)
System drive C: has 17 GB (11%) free of 149 GB

---\\ Mode de connexion au système
~ Computer Name: KOXX-XTP-PC
~ User Name: Koxx-Xtp
~ All Users Names: xNeXuS_Freedom, UpdatusUser, Koxx-Xtp, HomeGroupUser$, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\Koxx-Xtp\AppData\Roaming\
~ %Desktop% : C:\Users\Koxx-Xtp\Desktop\
~ %Favorites% : C:\Users\Koxx-Xtp\Favorites\
~ %LocalAppData% : C:\Users\Koxx-Xtp\AppData\Local\
~ %StartMenu% : C:\Users\Koxx-Xtp\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C:\ Hard drive, Flash drive, Thumb drive (Free 17 Go of 149 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 34 Go of 35 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Hard drive, Flash drive, Thumb drive (Free 391 Go of 391 Go)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 37 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.AC155DD9BD1E6D3B740826A4D1C68AAE] - (.Microsoft Corporation - Internet Extensions for Win32.) (.26/07/2013 - 06:13:37.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/45
~ Mes Favoris (My Favorites) : 1/30
~ Mes Documents (My Documents) : 17/4083
~ Mon Bureau (My Desktop) : 2/125
~ Menu demarrer (Programs) : 1/55
~ Hidden Files:  Scanned in 00mn 05s



---\\ Processus lancés au démarrage su système
[MD5.868E3486E7EC522330344152A5535783] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe   [305720] [PID.1348]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe   [3058304] [PID.2308]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe   [103720] [PID.2408]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe   [532040] [PID.296]
[MD5.6B412FCE75E2B1462C71D17B6E5C1484] - (.NVIDIA Corporation - NVIDIA Update COM object.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe   [1209120] [PID.2244]
[MD5.BEE83619A26F90A6C8273F9CA9680397] - (.asus - ControlDeck.) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe   [1080448] [PID.3348]
[MD5.15378E660B6ECFE704074748E050B056] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe   [1028896] [PID.1080]
[MD5.4458989C34FA84B5A75DD3ABCFBE786A] - (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe   [3093624] [PID.1340]
[MD5.B141F8F8B0FF37FFC51F9B71EE7A641B] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   [19875432] [PID.4848]
[MD5.7E10CCE27CB13580FF46D724AAD52EB8] - (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe   [1807272] [PID.4308]
[MD5.8153C240BDA59ADC4D60585329A0544B] - (.Pas de propriétaire - CPMonitor Application.) -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe   [84464] [PID.4928]
[MD5.7E7C0EB0F46307C18A5C46C346F549D4] - (...) -- C:\ExpressGateUtil\VAWinAgent.exe   [21504] [PID.1636]
[MD5.A092258F26296C791D982E83814685BD] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe   [6806144] [PID.4912]
[MD5.D98BC64645C2DAEDC1E79B4CCCCBBC8E] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe   [170624] [PID.4456]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe   [105016] [PID.260]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [253816] [PID.3300]
[MD5.F265E08A4A53E0FAFF655BF04C490F0C] - (...) -- C:\Users\Koxx-Xtp\AppData\Local\Temp\is1326335552\430312_Setup.exe   [666633] [PID.5408]
[MD5.5521928AA79079565B7CB8FCE6806131] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [825808] [PID.4344]
[MD5.B74F4307C4D3C0312BE615A9AB1BCE19] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [7820288] [PID.5188]
[MD5.2222073BE0232E70A397B8302293AA9D] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe   [413472] [PID.844]
[MD5.DC893FAB5E18E383DC7147F37C8C0CA2] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe   [428600] [PID.1420]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe   [84536] [PID.1480]
[MD5.7910158929571214A959D5A6D16DD9C0] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe   [96896] [PID.1504]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65640] [PID.3012]
[MD5.A1C148801B4AF64847AEB9F3AD9594EF] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe   [262144] [PID.120]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe   [418376] [PID.996]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe   [701512] [PID.2696]
[MD5.056EF5C4AF4BD002AEAE417412C8EB71] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe   [1889568] [PID.1580]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe   [3064000] [PID.2948]
[MD5.0ADF410187B71C9B855721C8D59CEC7A] - (...) -- C:\ExpressGateUtil\VAWinService.exe   [77312] [PID.2712]
[MD5.24FB8DB6D1D55E2C5D0A53DFE48E6AF8] - (.Microsoft - Y2Desktop.Updater.) -- C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe   [23552] [PID.3468]  =>Adware.Yontoo
[MD5.C0BF554D2277F7A4C735D475ADE2E3B2] - (.ASUSTek Computer Inc. - ADSMSrv.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe   [225280] [PID.3804]
[MD5.739DB668DBD812285ECC553E64A5E212] - (.Pas de propriétaire - spmgr Module.) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe   [125496] [PID.4220]
[MD5.9E1380328C39D661E085B24D6A6E044E] - (.Valve Corporation - Steam Client Service (buildbot_winslave04_s.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe   [563624] [PID.3624]
[MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe   [130384] [PID.3492]
[MD5.41118D920B2B268C0ADC36421248CDCF] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe   [2314240] [PID.4616]
[MD5.4AA2CC5979AFF984227364F2C23B04F3] - (.Wajam - Auto-updater.) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe   [109064] [PID.3812]  =>Toolbar.Wajam
~ Processes Running:  Scanned in 00mn 05s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://mixidj.delta-search.com  =>Toolbar.DeltaSearch
G0 - GCSP: Preference [User Data\Default][HomePage] http://mixidj.delta-search.com  =>Toolbar.DeltaSearch
G0 - GCSP: Preference [User Data\Default] http://search.babylon.com  =>Toolbar.Babylon
G2 - GCE: Preference [User Data\Default] [bdephonbpjofbmmhhlhiegdokbhhccch] LyricsWoofer v.1.128 (Activé)  =>Adware.AddLyrics
G2 - GCE: Preference [User Data\Default] [jpmbfleldcgkldadpdinhjjopdfpjfjp] Wajam v.1.24 (Activé)  =>Toolbar.Wajam
G2 - GCE: Preference [User Data\Default] [pbpohikckhbcljgombipcdoinkaedlfa] Smart Display v.1.6 (Activé)  =>Spyware.SmartDisplay
~ Google Browser: 12 Legitimates Filtered in 00mn 06s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mixidj.delta-search.com  =>Toolbar.DeltaSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com  =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com  =>Hijacker.SmartBar
~ IE Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421; =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 3



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: LyricsWoofer [64Bits] - {53795d9b-41f0-4eea-8072-e1693b4f35c3} . (.LyricsWoofer - Pas de description.) -- C:\Program Files (x86)\LyricsWoofer\128.dll  =>Adware.AddLyrics
O2 - BHO: Wajam IE BHO [64Bits] - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files (x86)\Wajam\IE\priam_bho.dll  =>Toolbar.Wajam
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll  =>Adware.Yontoo
~ BHO: 12 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Run: [THXCfg64] . (.Creative Technology Ltd. - Pas de description.) -- C:\Windows\system32\THXCfg64.dll
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
O4 - HKCU\..\Run: [DS3 Tool] . (.www.motioninjoy.com - DS3_Tool.) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc - Akamai NetSession Client.) -- C:\Users\Koxx-Xtp\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [Bubble Dock] . (.Nosibay - Bubble Dock.) -- C:\Users\Koxx-Xtp\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe  =>Toolbar.BubbleDock
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [CPMonitor] . (.Pas de propriétaire - CPMonitor Application.) -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [VAWinAgent] . (...) -- C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Wow6432Node\Run: [ASUS VIBE] . (.ecm - WindowsApplication2.) -- C:\Program Files (x86)\ASUS\ASUS VIBE\ASUS VIBE.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_43] Clé orpheline  =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKUS\S-1-5-21-4172766360-812181187-3318302473-1007\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-4172766360-812181187-3318302473-1007\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Application:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\Windows\system32\WFS.exe
O4 - GS\TaskBar: Gestionnaire des tâches de Windows.lnk . (.Microsoft Corporation - Gestionnaire des tâches de Windows.)  -- C:\Windows\System32\taskmgr.exe
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Jouer à League of Legends.lnk . (...)  -- C:\Riot Games\League of Legends\lol.launcher.exe
O4 - GS\TaskBar: Mumble.lnk . (.Thorvald Natvig - Mumble - Low-latency VoIP client.)  -- C:\Program Files (x86)\Mumble\mumble.exe
O4 - GS\TaskBar: Skype.lnk . (...)  -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\TaskBar: TERA.lnk . (.Solid State Networks - TERA.)  -- C:\Program Files (x86)\TERA\tera-launcher.exe
O4 - GS\TaskBar: War Thunder.lnk . (.Gaijin Entertainment - War Thunder Launcher.)  -- C:\Program Files (x86)\War Thunder\launcher.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe
O4 - GS\TaskBar: World of Tanks.lnk . (.Wargaming.net - World of Tanks Launcher.)  -- C:\Games\World_of_Tanks\WOTLauncher.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: PlanetSide 2 PSG.lnk . (.Sony Online Entertainment - Sony Online Entertainment LaunchPad.)  -- C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: TERA.lnk . (.Solid State Networks - TERA.)  -- C:\Program Files (x86)\TERA\tera-launcher.exe
O4 - GS\QuickLaunch: World of Tanks.lnk . (.Wargaming.net - World of Tanks Launcher.)  -- C:\Games\World_of_Tanks\WOTLauncher.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.)  -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Koxx-Xtp\Desktop\Team Fortress 2.url . (...)  -- C:\Users\Koxx-Xtp\Desktop\Team Fortress 2.url
O4 - GS\Desktop: TERA.lnk . (.Solid State Networks - TERA.)  -- C:\Program Files (x86)\TERA\tera-launcher.exe
~ Global Startup:  Scanned in 00mn 07s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.clonewarsadventures.com
O15 - Trusted Zone: [HKCU\...\Domains] *.freerealms.com
O15 - Trusted Zone: [HKCU\...\Domains] *.soe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sony.com
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{51F942E6-BD4C-4747-8149-8CC4E5DEC249}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C89FEFDF-70CF-48BA-983B-2B777F361FA3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{51F942E6-BD4C-4747-8149-8CC4E5DEC249}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C89FEFDF-70CF-48BA-983B-2B777F361FA3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{51F942E6-BD4C-4747-8149-8CC4E5DEC249}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C89FEFDF-70CF-48BA-983B-2B777F361FA3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll (.not file.)  =>PUP.Datamngr
~ AppInit DLL:  Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: BrowserDefendert (BrowserDefendert) . (...) - C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe  =>Hijacker.Eazel
O23 - Service: Service Software Update (Software_update (Software_update) . (.The Software Group - Software Update.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe  =>Adware.Boxore
O23 - Service: Software Updater (SrvUpdater) . (.Pas de propriétaire - Updater.) - C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe  =>PUP.Eorezo
O23 - Service: VideAceWindowsService (VideAceWindowsService) . (...) - C:\ExpressGateUtil\VAWinService.exe
O23 - Service: WajamUpdater (WajamUpdater) . (.Wajam - Auto-updater.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe  =>Toolbar.Wajam
O23 - Service: Wsys Service (WsysSvc) . (.Wsys Co., Ltd. - Wsys Control 1.0.0.2598.) - C:\ProgramData\eSafe\eGdpSvc.exe  =>PUP.eSafeSecurity
~ Services: 25 Legitimates Filtered in 00mn 25s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\LyricsWoofer Update.job   [400]  =>Adware.AddLyrics
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job   [918]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job   [922]
[MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.)   [0]  =>Hijacker.22Find
[MD5.E628C5591F6441E058E0F6BED3232088] [APT] [LyricsWoofer Update] (...) -- C:\Program Files (x86)\LyricsWoofer\LyricsWooferUPD.exe   [210432]  =>Adware.AddLyrics
[MD5.FC387225841FF92463C5F65054998E0B] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe   [119408]
[MD5.FC387225841FF92463C5F65054998E0B] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe   [119408]
[MD5.00000000000000000000000000000000] [APT] [{27723EF9-2584-4E44-B0A9-1F1CEAE60274}] (...) -- E:\Software\ASUS\AI_Recovery\Vista32_Vista64_Win7_32_Win7_64_1.0.10\SETUP.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{351DB346-DE43-4435-8F21-EE5A43CE9798}] (...) -- E:\Software\ASUS\AI_Recovery\Vista32_Vista64_Win7_32_Win7_64_1.0.10\SETUP.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{3FDAEE94-4F7B-490A-BC78-91F69B7C096F}] (...) -- C:\Users\Koxx-Xtp\Downloads\JavaSetup7u6 (1).exe (.not file.)   [0]
[MD5.180C9FE03C9B229B1E5167BC43297C6A] [APT] [{5DF4C428-1A01-415E-803E-01ADC45AC025}] (.Perfect world.) -- C:\Users\Koxx-Xtp\Desktop\FW_FR_Installer_0.235.0\uninstall.exe   [270336]
[MD5.00000000000000000000000000000000] [APT] [{7824D11F-50C8-4A57-9D04-3C327BF31480}] (...) -- E:\Setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{BC3EE2DD-AEED-4777-9D95-9F8151B1D043}] (...) -- C:\Users\Koxx-Xtp\Downloads\Minecraft_Server.exe (.not file.)   [0]
[MD5.38191B436AEFD265FD8328C125EF6D7B] [APT] [{C9B2B220-5143-4751-9945-E0017D3E926F}] (.Perfect world.) -- C:\Users\Koxx-Xtp\Desktop\FW_FR_Installer_0.235.0\install.exe   [1243048]
[MD5.00000000000000000000000000000000] [APT] [{D126F45A-CB25-4EB8-8EE6-B7795654AB2D}] (...) -- C:\Users\Koxx-Xtp\Downloads\JavaSetup7u6 (1).exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{D3A6D777-8F9F-4ADE-BD24-CDAC805E1928}] (...) -- E:\Software\ASUS\AI_Recovery\Vista32_Vista64_Win7_32_Win7_64_1.0.10\SETUP.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{FFF03FA0-E29D-47C4-BCA5-1E8418BD01E0}] (...) -- E:\AOCSETUP.exe (.not file.)   [0]
~ Scheduled Task: 49 Legitimates Filtered in 00mn 07s



---\\ Logiciels installés (O42)
O42 - Logiciel: Akamai NetSession Interface - (...) [HKCU][64Bits] -- Akamai
O42 - Logiciel: Akamai NetSession Interface - (...) [HKLM][64Bits] -- Akamai
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {0E25BB07-62EB-476F-87FC-6AF426AB059E}  =>Adware.Boxore
O42 - Logiciel: BrowserDefender - (...) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}  =>Hijacker.Eazel
O42 - Logiciel: LyricsWoofer - (.Lyrics Woofer LTD.) [HKLM][64Bits] -- lwoofer@lyricswoofer.co  =>Adware.AddLyrics
O42 - Logiciel: Wajam - (.Wajam.) [HKLM][64Bits] -- Wajam  =>Toolbar.Wajam
O42 - Logiciel: Yontoo 2.04 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B}  =>Adware.Yontoo
~ Logic: 153 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\90d7dcbc3cba13]
[HKCU\Software\AppDataLow\Software\LyricsWoofer]  =>Adware.AddLyrics
[HKCU\Software\InstallCore]  =>Adware.InstallCore
[HKCU\Software\MÃ¥ngyGamez]
[HKCU\Software\OfferBox]  =>PUP.OfferBox
[HKCU\Software\OfferMosquito]  =>Toolbar.OfferMosquito
[HKCU\Software\PWRD]
[HKCU\Software\Protector]
[HKCU\Software\Smartbar]  =>Hijacker.SmartBar
[HKCU\Software\Softonic]  =>Toolbar.Conduit
[HKCU\Software\SweetIM]  =>PUP.SweetIM
[HKCU\Software\TutoTag]  =>Spyware.AgenceExcusive
[HKCU\Software\Tutorials]  =>Spyware.AgenceExcusive
[HKCU\Software\Wajam]  =>Toolbar.Wajam
[HKLM\Software\DomaIQ]  =>Adware.DomaIQ
[HKLM\Software\Tarma Installer]  =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]
[HKLM\Software\Wow6432Node\Iminent]  =>Adware.IMBooster
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\OfferBox]  =>PUP.OfferBox
[HKLM\Software\Wow6432Node\V9]
[HKLM\Software\Wow6432Node\eSafeSecControl]  =>PUP.eSafeSecurity
~ Key Software: 231 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/07/2013 - 18:33:25 - [208,656] ----D C:\Program Files (x86)\1-click run
O43 - CFD: 27/06/2012 - 12:01:23 - [0] ----D C:\Program Files (x86)\Agrar Simulator 2011
O43 - CFD: 16/08/2013 - 09:22:38 - [0] ----D C:\Program Files (x86)\Boxore  =>Adware.Boxore
O43 - CFD: 15/07/2013 - 16:06:36 - [0,008] ----D C:\Program Files (x86)\Desk 365  =>Hijacker.22Find
O43 - CFD: 30/08/2012 - 10:21:40 - [0] ----D C:\Program Files (x86)\java7
O43 - CFD: 16/08/2013 - 09:23:49 - [1,100] ----D C:\Program Files (x86)\LyricsWoofer  =>Adware.AddLyrics
O43 - CFD: 16/08/2013 - 09:30:54 - [0,818] ----D C:\Program Files (x86)\Wajam  =>Toolbar.Wajam
O43 - CFD: 28/02/2013 - 16:04:18 - [0,801] ----D C:\Program Files (x86)\Yontoo  =>Adware.Yontoo
O43 - CFD: 16/08/2013 - 09:24:38 - [26,453] ----D C:\Program Files (x86)\Common Files\Akamai
O43 - CFD: 04/04/2012 - 12:54:34 - [0,004] ----D C:\ProgramData\2235D
O43 - CFD: 14/12/2012 - 16:52:35 - [0,004] ----D C:\ProgramData\23A0
O43 - CFD: 26/04/2013 - 17:32:08 - [0,004] ----D C:\ProgramData\83A0
O43 - CFD: 03/07/2013 - 11:31:49 - [0] ----D C:\ProgramData\APN
O43 - CFD: 28/01/2013 - 08:25:59 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 28/02/2013 - 16:03:54 - [0] ----D C:\ProgramData\Babylon  =>Toolbar.Babylon
O43 - CFD: 11/08/2013 - 18:05:19 - [8,084] ----D C:\ProgramData\BrowserDefender  =>Hijacker.Eazel
O43 - CFD: 16/08/2013 - 09:00:07 - [1,290] ----D C:\ProgramData\eSafe
O43 - CFD: 27/04/2013 - 17:31:25 - [0,002] ----D C:\ProgramData\IBUpdaterService  =>Adware.InstallBrain
O43 - CFD: 28/02/2013 - 16:04:17 - [2,581] ----D C:\ProgramData\Tarma Installer  =>Toolbar.Tarma
O43 - CFD: 01/04/2013 - 11:36:16 - [66,912] ----D C:\Users\Koxx-Xtp\AppData\Roaming\.age-of-craft
O43 - CFD: 28/02/2013 - 16:03:54 - [0,061] ----D C:\Users\Koxx-Xtp\AppData\Roaming\Babylon  =>Toolbar.Babylon
O43 - CFD: 28/06/2013 - 21:16:40 - [0,161] ----D C:\Users\Koxx-Xtp\AppData\Roaming\DataMgr
O43 - CFD: 15/07/2013 - 16:04:06 - [4,850] ----D C:\Users\Koxx-Xtp\AppData\Roaming\Desk 365  =>Hijacker.22Find
O43 - CFD: 16/08/2013 - 09:30:11 - [0,818] ----D C:\Users\Koxx-Xtp\AppData\Roaming\eIntaller
O43 - CFD: 01/05/2013 - 10:04:31 - [0,383] ----D C:\Users\Koxx-Xtp\AppData\Roaming\OfferBox  =>PUP.OfferBox
O43 - CFD: 29/06/2013 - 15:33:37 - [0] ----D C:\Users\Koxx-Xtp\AppData\Roaming\PerformerSoft
O43 - CFD: 16/08/2013 - 09:26:06 - [1,107] ----D C:\Users\Koxx-Xtp\AppData\Roaming\Yontoo  =>Adware.Yontoo
O43 - CFD: 20/03/2012 - 17:10:10 - [31,743] ----D C:\Users\Koxx-Xtp\AppData\Local\Akamai
O43 - CFD: 15/07/2013 - 16:06:10 - [0] ----D C:\Users\Koxx-Xtp\AppData\Local\Lollipop  =>Adware.Lollipop
O43 - CFD: 27/04/2013 - 15:59:42 - [0,054] ----D C:\Users\Koxx-Xtp\AppData\Local\Wajam  =>Toolbar.Wajam
O43 - CFD: 25/07/2013 - 18:33:32 - [0,002] ----D C:\Users\Koxx-Xtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
O43 - CFD: 01/10/2011 - 14:59:26 - [0,000] ----D C:\Users\Koxx-Xtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Savage 2 A Tortured Soul
O43 - CFD: 16/08/2013 - 09:30:48 - [0,001] ----D C:\Users\Koxx-Xtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam  =>Toolbar.Wajam
~ Program Folder: 280 Legitimates Filtered in 00mn 33s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.18F34F32806B826486BE1FEAAE01F59A] - 16/08/2013 - 08:25:00 ---A- . (...) -- C:\Windows\SysNative\ServiceFilter.ini   [1764]
O44 - LFC:[MD5.18F34F32806B826486BE1FEAAE01F59A] - 16/08/2013 - 08:25:00 RSHAD . (...) -- C:\Windows\System32\ServiceFilter.ini   [1764]
O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 16/08/2013 - 08:23:21 ---A- . (...) -- C:\Windows\SysNative\acovcnt.exe   [45056]
O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 16/08/2013 - 08:23:21 ---A- . (...) -- C:\Windows\System32\acovcnt.exe   [45056]
O44 - LFC:[MD5.A020DE89C0EB0798A65CF394D101146C] - 15/08/2013 - 08:03:02 ---A- . (...) -- C:\Windows\SysNative\AutoRunFilter.ini   [1952]
O44 - LFC:[MD5.A020DE89C0EB0798A65CF394D101146C] - 15/08/2013 - 08:03:02 RSHAD . (...) -- C:\Windows\System32\AutoRunFilter.ini   [1952]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/08/2013 - 18:28:54 ---A- . (...) -- C:\AILog.txt   [0]
~ Files: 114 Legitimates Filtered in 00mn 35s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
O58 - SDL:[MD5.1E6438D4EA6E1174A3B3B1EDC4DE660B] - 18/03/2009 - 17:35:42 --HA- . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\System32\hamachi.sys   [33856]
O58 - SDL:[MD5.E2F1DCF4A68CC6CF694FBFBA1842F4CD] - 09/03/2005 - 19:50:16 ---A- . (...) -- C:\Windows\SysWOW64\drivers\libusb0.sys   [33792]
~ Drivers:  Scanned in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 03/08/2007 - Pas de propriétaire (ghaio)  .(...) - LEGACY_GHAIO
~ Legacy: 89 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - http://feed.snapdo.com  =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Mixi.DJ Search) - http://mixidj.delta-search.com  =>Toolbar.DeltaSearch
~ Keys:  Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1F60BAC3FE34D6D628FA7908D0E015F6] [SPRF][26/01/2013] (...) -- C:\ProgramData\Ip8n1qW.bat   [86]
[MD5.606B8DDF06D3DF566EBDDC4E00BC70FC] [SPRF][26/01/2013] (...) -- C:\ProgramData\Ip8n1qW.reg   [153]
[MD5.0D666B125A7DF6BA2E8D209080209991] [SPRF][13/07/2012] (...) -- C:\Users\Koxx-Xtp\AppData\Local\fusioncache.dat   [96]
[MD5.A68B7B05E7F545309BE6E70FA226C14A] [SPRF][16/08/2013] (...) -- C:\Users\Koxx-Xtp\AppData\Local\Temp\ICReinstall_setup.exe   [655200]
[MD5.5CA7D648B0D95CF2536938E652F13A5D] [SPRF][16/08/2013] (.Pas de propriétaire - LyricsWoofer.) -- C:\Users\Koxx-Xtp\AppData\Local\Temp\lfw.exe   [615340]  =>Adware.AddLyrics
[MD5.5AF914D5F7821F566F7F25634D9BDB55] [SPRF][27/04/2013] (.Pas de propriétaire - ArmA Setup.) -- C:\Users\Koxx-Xtp\Desktop\ARMA2Free_setup.exe   [1023856640]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][24/10/2011] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\Koxx-Xtp\Desktop\MinecraftSP.exe   [695296]
[MD5.2155FC1467A7E1429E4DF8303692B79B] [SPRF][27/04/2013] (.Pas de propriétaire - Installer.) -- C:\Users\Koxx-Xtp\Desktop\pcpholasetup.exe   [592120]
[MD5.612F0C3264806C1C57893D4EF7CBEDD6] [SPRF][28/06/2013] (.Pas de propriétaire - Installer.) -- C:\Users\Koxx-Xtp\Desktop\pcpholasetup[1].exe   [555264]
[MD5.F24246073C159036F717ABF56355D74A] [SPRF][22/12/2011] (...) -- C:\Users\Koxx-Xtp\Desktop\SCP087.exe   [8948736]
[MD5.D92C1F2935E04582D276102468235661] [SPRF][23/09/2011] (.EA Digital Illusions CE AB - EA Battlefield Heroes Updater.) -- C:\Windows\Downloaded Program Files\BFHUpdater.dll   [223168]
[MD5.DA01CE1F5730503AAF59591FE8020345] [SPRF][20/02/2013] (.EA Digital Illusions CE AB - EA Battlefield Heroes Updater.) -- C:\Windows\Downloaded Program Files\BFHUpdater.exe   [1784224]
[MD5.7C0EA0E450D79AEDCC78A5E7A88B8D68] [SPRF][20/02/2013] (.EA Digital Illusions CE AB - EA Battlefield Heroes Updater.) -- C:\Windows\Downloaded Program Files\BFHUpdater_x86.dll   [592288]
[MD5.B5D7FCE533B1B7AE45B7E8D6C8FB4CE2] [SPRF][28/06/2012] (.EA Digital Illusions CE AB - Battlefield Play4Free Updater.) -- C:\Windows\Downloaded Program Files\BP4FUpdater.dll   [260080]
[MD5.9361EDDBA219838ED311C798F489829E] [SPRF][28/06/2012] (.EA Digital Illusions CE AB - Battlefield Play4Free Updater.) -- C:\Windows\Downloaded Program Files\BP4FUpdater.exe   [1034224]
~ Files:  Scanned in 00mn 26s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{F5820376-2F02-4720-9413-6921D7F6AE82}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.)  =>PUP.iMesh
O87 - FAEL: "{A848D4EF-E2F8-49BC-B802-F2D97D965C5D}" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.)  =>PUP.iMesh
O87 - FAEL: "TCP Query User{F0D93DF0-B6A6-4CEF-A8AA-20A95D1DE103}C:\program files (x86)\imesh applications\imesh\imesh.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\imesh applications\imesh\imesh.exe (.not file.)  =>PUP.iMesh
O87 - FAEL: "UDP Query User{F4E172B6-6030-4DDE-9D49-FCDBE871CD68}C:\program files (x86)\imesh applications\imesh\imesh.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\imesh applications\imesh\imesh.exe (.not file.)  =>PUP.iMesh
O87 - FAEL: "{6E0ED7D0-A3CD-4461-9444-1355CCB96567}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\dtUser.exe (.not file.)  =>PUP.Datamngr
O87 - FAEL: "{E605E5E4-FA9F-4EFA-864D-F7418368CCA1}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\ToolBar\dtUser.exe (.not file.)  =>PUP.Datamngr
O87 - FAEL: "TCP Query User{D7010A04-C5C6-47CD-8CFD-CF6CC1ED0394}C:\program files (x86)\imesh applications\imesh\imesh.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\imesh applications\imesh\imesh.exe (.not file.)  =>PUP.iMesh
O87 - FAEL: "UDP Query User{283C9A3A-8E7C-435C-B36D-AA30FA8AD03A}C:\program files (x86)\imesh applications\imesh\imesh.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\imesh applications\imesh\imesh.exe (.not file.)  =>PUP.iMesh
O87 - FAEL: "{1C12EEE3-76E2-471F-BF16-694D4C01F753}" | In - Public - P6 - TRUE | .(.Wsys Co., Ltd. - Wsys Control 1.0.0.2598.) -- C:\ProgramData\eSafe\eGdpSvc.exe  =>PUP.eSafeSecurity
O87 - FAEL: "TCP Query User{582887E4-17F0-49BC-9FF1-BF2EE5CB0F8D}C:\program files (x86)\war thunder\aces.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\war thunder\aces.exe
O87 - FAEL: "UDP Query User{C0635FB4-F668-406F-96CE-65126F0BA241}C:\program files (x86)\war thunder\aces.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\war thunder\aces.exe
O87 - FAEL: "{4CC32FE6-861F-4332-A430-5CFD96F3AFE9}" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\war thunder\aces.exe
O87 - FAEL: "{A0ADE5EF-54F7-4A69-90A6-5E4632F6577A}" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\war thunder\aces.exe
~ Firewall: 290 Legitimates Filtered in 00mn 02s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "70BB52E0BE26F67478CFA64F62BA50E9" . (.Boxore Client.) -- C:\Windows\Installer\{0E25BB07-62EB-476F-87FC-6AF426AB059E}\boxore.ico  =>Adware.Boxore
O90 - PUC: "9BB106980C8CD3949921DAF7159A813A" . (.Boxore Client.) -- C:\Windows\Installer\{89601BB9-C8C0-493D-9912-AD7F51A918A3}\boxore.ico  =>Adware.Boxore
~ Update Products: 248 Legitimates Filtered in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
Revenir en haut Aller en bas
Neiroxiapix
bibounet
bibounet


Masculin
Nombre de messages : 11
Age : 20
Localisation : Nul part
Date d'inscription : 15/08/2013

MessageSujet: Suite du rapport de ZHPDiag (1)   Ven 16 Aoû 2013 - 9:48

[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"
[HKCU\Software\90d7dcbc3cba13]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb"
[HKCU\Software\90d7dcbc3cba13]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\90d7dcbc3cba13]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\90d7dcbc3cba13]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
~ Export Key Software:  Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.E9FCD60AEE0C9DA7687695DDEBDC618B] [WIS][11/12/2010] (.Intel - Intel(R) Turbo Boost Technology Monitor.) -- C:\Windows\Installer\12f84.msi   [9041408]
[MD5.5888E4B54C52F0A94879D6EA9DADE0B6] [WIS][01/10/2010] (.Fresco Logic Inc. - Fresco Logic USB3.0 Host Controller.) -- C:\Windows\Installer\196c7.msi   [3408384]
[MD5.3E765C9DA387C8C8C067266C3AE3FB9B] [WIS][24/10/2012] (.Skype Technologies S.A. - Skype Click to Call.) -- C:\Windows\Installer\1f1e6926.msi   [10137600]
[MD5.85C5DEF2B079CA6E8CA7FCBD45793BEF] [WIS][16/07/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.0.) -- C:\Windows\Installer\b1459ce.msi   [2243584]  =>PUP.SweetIM
[MD5.73122534D527893BDEFD1F707FFB34F6] [WIS][21/07/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\f761f64.msi   [21803008]
[MD5.79E6443F01B4B1C3B957AA38DDD564FF] [WIS][17/07/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\fa2ded3.msi   [45056]  =>Adware.Boxore
~ WIS: 253 Legitimates Filtered in 00mn 36s



Revenir en haut Aller en bas
Neiroxiapix
bibounet
bibounet


Masculin
Nombre de messages : 11
Age : 20
Localisation : Nul part
Date d'inscription : 15/08/2013

MessageSujet: Suite du rapport de ZHPDiag (2)   Ven 16 Aoû 2013 - 9:49

---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 10/05/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 16/07/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Demand 31/03/2008 225280 |  (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
SR - | Auto 22/06/2010 379520 |  (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_8fa3539.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe
SS - | Auto 24/05/2012 55184 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 15/06/2009 84536 |  (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 15/12/2009 96896 |  (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SS - | Demand  49152 |  (BEService) . (...) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
SS - | Auto  2847696 |  (BrowserDefendert) . (...) - C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe  =>Hijacker.Eazel
SS - | Demand 11/12/2010 79360 |  (Creative Audio Engine Licensing Service) . (.Creative Labs.) - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
SS - | Auto 11/12/2010 135664 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/12/2010 135664 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/12/2010 182768 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 28/06/2013 2470736 |  (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SS - | Auto ??\??\???? 0 | C:\Windows\System32\libusbd-nt.exe (libusbd) . (.http://libusb-win32.sourceforge.net.) - c:\system32\libusbd-nt.exe
SR - | Auto 01/10/2009 262144 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/04/2013 418376 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 27/07/2013 14984480 |  (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 21/06/2013 884512 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 27/07/2013 1889568 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 02/10/2012 3064000 |  (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 21/06/2013 162408 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 15/07/2013 119408 |  (Software_update) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
SS - | Demand 15/07/2013 119408 |  (Software_update_m) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
SR - | Demand  125496 |  (spmgr) . (...) - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
SR - | Auto  31744 |  (SrvUpdater) . (...) - C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe  =>PUP.Eorezo
SR - | Demand 26/07/2013 563624 |  (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 21/06/2013 413472 |  (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 17/04/2010 134928 |  (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SR - | Auto 01/10/2009 2314240 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto  77312 |  (VideAceWindowsService) . (...) - C:\ExpressGateUtil\VAWinService.exe
SR - | Auto 28/03/2013 109064 |  (WajamUpdater) . (.Wajam.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe  =>Toolbar.Wajam
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SS - | Auto 02/08/2013 891456 |  (WsysSvc) . (.Wsys Co., Ltd..) - C:\ProgramData\eSafe\eGdpSvc.exe  =>PUP.eSafeSecurity
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 15/02/2013 23552 |  (Yontoo Desktop Updater) . (.Microsoft.) - C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe  =>Adware.Yontoo
~ Services:  Scanned in 00mn 39s



---\\ Scan Additionnel (O88)
Database Version : v2.12855 - (14/08/2013)
Clés trouvées (Keys found) : 250
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 26
Fichiers trouvés  (Files found) : 23

[HKLM\Software\Google\Chrome\Extensions\bdephonbpjofbmmhhlhiegdokbhhccch]   =>Adware.AddLyrics^
[HKLM\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp]   =>Toolbar.Wajam^
[HKLM\Software\Google\Chrome\Extensions\pbpohikckhbcljgombipcdoinkaedlfa]   =>Spyware.SmartDisplay^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53795D9B-41F0-4EEA-8072-E1693B4F35C3}]   =>Adware.AddLyrics^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>Toolbar.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]   =>Adware.Yontoo^
[HKLM\SYSTEM\CurrentControlSet\Services\BrowserDefendert]   =>Hijacker.Eazel^
[HKLM\SYSTEM\CurrentControlSet\Services\Software_update (Software_update]   =>Adware.Boxore^
[HKLM\SYSTEM\CurrentControlSet\Services\SrvUpdater]   =>PUP.Eorezo^
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater]   =>Toolbar.Wajam^
[HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc]   =>PUP.eSafeSecurity^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E25BB07-62EB-476F-87FC-6AF426AB059E}]   =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]   =>Hijacker.Eazel^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\lwoofer@lyricswoofer.co]   =>Adware.AddLyrics^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam]   =>Toolbar.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}]   =>Adware.Yontoo^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}]   =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}]   =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}]   =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}]   =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}]   =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}]   =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]   =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]   =>Adware.SPointer
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]   =>Adware.SPointer
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}]   =>Adware.Yontoo
[HKLM\Software\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}]   =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}]   =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}]   =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASAPI32]   =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}]   =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]   =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]   =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]   =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]   =>Toolbar.Skype
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASMANCS]   =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}]   =>PUP.iMesh
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}]   =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}]   =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}]   =>Adware.Agent
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}]   =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Skype
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}]   =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}]   =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}]   =>Toolbar.Avira
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}]   =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}]   =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]   =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}]   =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]   =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS]   =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp]   =>Toolbar.Wajam
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160]   =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E]   =>Toolbar.Ask
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Iminent]   =>Adware.IMBooster
[HKCU\Software\OfferBox]   =>PUP.OfferBox
[HKLM\Software\Wow6432Node\OfferBox]   =>PUP.OfferBox
[HKCU\Software\Softonic]   =>Toolbar.Conduit
[HKCU\Software\SweetIM]   =>PUP.SweetIM
[HKLM\Software\Tarma Installer]   =>Toolbar.Tarma
[HKCU\Software\Tutorials]   =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}]   =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]   =>Toolbar.DeltaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]   =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP]   =>Adware.IMBooster
[HKLM\Software\Classes\Prod.cap]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32]   =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS]   =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32]   =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS]   =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32]   =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS]   =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]   =>Toolbar.Bing
[HKLM\Software\Classes\AppID\priam_bho.DLL]   =>Toolbar.Wajam
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8]   =>Adware.Boxore
[HKCU\Software\InstallCore]   =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings]   =>PUP.BProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>Toolbar.Tarma
[HKLM\Software\Classes\Installer\Features\9BB106980C8CD3949921DAF7159A813A]   =>Adware.Boxore
[HKLM\Software\Classes\Installer\Products\9BB106980C8CD3949921DAF7159A813A]   =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9BB106980C8CD3949921DAF7159A813A]   =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Features\9BB106980C8CD3949921DAF7159A813A]   =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Products\9BB106980C8CD3949921DAF7159A813A]   =>Adware.Boxore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}]   =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}]   =>PUP.Funmoods
[HKCU\Software\Protector]   =>PUP.AdvancedSystemProtector
[HKLM\Software\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E}]   =>PUP.Datamngr
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]   =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]   =>Toolbar.DeltaSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater]   =>Adware.Yontoo
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc]   =>Hijacker.22find
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}]   =>Adware.SmileyBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}]   =>Adware.SmileyBar
[HKLM\Software\Wow6432Node\eSafeSecControl]   =>PUP.eSafeSecurity
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}]   =>Toolbar.MixiDJ
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}]   =>Toolbar.MixiDJ
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32]   =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS]   =>Adware.Boxore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}]   =>Hijacker.HolaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}]   =>Hijacker.HolaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}]   =>Hijacker.HolaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}]   =>Hijacker.HolaSearch
[HKCU\Software\OfferMosquito]   =>Toolbar.OfferMosquito
[HKLM\Software\Wow6432Node\SoftwareUpdater]   =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater]   =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\lwoofer@lyricswoofer.co]   =>Adware.AddLyrics
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc]   =>PUP.eSafeSecurity
[HKLM\Software\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]   =>Toolbar.Avast
[HKLM\Software\Classes\Toolbar.CT2377581]   =>Toolbar.Conduit
[HKLM\Software\Classes\wajam.WajamBHO]   =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamBHO.1]   =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader]   =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader.1]   =>Toolbar.Wajam
[HKLM\Software\Classes\YontooIEClient.Api]   =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Api.1]   =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers]   =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers.1]   =>Adware.Yontoo
[HKLM\Software\Classes\AppID\YontooIEClient.DLL]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2377581]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO.1]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader.1]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\AppID\YontooIEClient.DLL]   =>Adware.Yontoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}]   =>Adware.Bandoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C]   =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA]   =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]   =>Adware.Boxore^
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}]   =>Toolbar.Conduit^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Bubble Dock   =>Toolbar.BubbleDock^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_43   =>PUP.Eorezo^
C:\Program Files (x86)\Boxore   =>Adware.Boxore^
C:\Program Files (x86)\Desk 365   =>Hijacker.22Find^
C:\Program Files (x86)\LyricsWoofer   =>Adware.AddLyrics^
C:\Program Files (x86)\Wajam   =>Toolbar.Wajam^
C:\Program Files (x86)\Yontoo   =>Adware.Yontoo^
C:\ProgramData\Babylon   =>Toolbar.Babylon^
C:\ProgramData\BrowserDefender   =>Hijacker.Eazel^
C:\ProgramData\IBUpdaterService   =>Adware.InstallBrain^
C:\ProgramData\Tarma Installer   =>Toolbar.Tarma^
C:\Users\Koxx-Xtp\AppData\Roaming\Babylon   =>Toolbar.Babylon^
C:\Users\Koxx-Xtp\AppData\Roaming\Desk 365   =>Hijacker.22Find^
C:\Users\Koxx-Xtp\AppData\Roaming\OfferBox   =>PUP.OfferBox^
C:\Users\Koxx-Xtp\AppData\Roaming\Yontoo   =>Adware.Yontoo^
C:\Users\Koxx-Xtp\AppData\Local\Lollipop   =>Adware.Lollipop^
C:\Users\Koxx-Xtp\AppData\Local\Wajam   =>Toolbar.Wajam^
C:\Users\Koxx-Xtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam   =>Toolbar.Wajam^
C:\Program Files (x86)\Software   =>Adware.Boxore
C:\Users\Koxx-Xtp\AppData\Roaming\DataMgr   =>PUP.Datamngr
C:\Users\Koxx-Xtp\AppData\Roaming\eIntaller   =>PUP.eSafeSecurity
C:\Users\Koxx-Xtp\AppData\Local\Software   =>Adware.Boxore
C:\Users\Koxx-Xtp\AppData\LocalLow\Conduit   =>Toolbar.Conduit
C:\Users\Koxx-Xtp\AppData\LocalLow\mediabarim   =>PUP.iMesh
C:\Users\Koxx-Xtp\AppData\LocalLow\mixidj   =>Adware.SmileyBar
C:\Users\Koxx-Xtp\AppData\LocalLow\wincoreimband   =>PUP.iMesh
C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa   =>Spyware.SmartDisplay
C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp   =>Toolbar.Wajam
C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe   =>Adware.Yontoo^
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe   =>Toolbar.Wajam^
C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdephonbpjofbmmhhlhiegdokbhhccch   =>Adware.AddLyrics^
C:\Program Files (x86)\LyricsWoofer\128.dll   =>Adware.AddLyrics^
C:\Program Files (x86)\Wajam\IE\priam_bho.dll   =>Toolbar.Wajam^
C:\Program Files (x86)\Yontoo\YontooIEClient.dll   =>Adware.Yontoo^
C:\Users\Koxx-Xtp\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe   =>Toolbar.BubbleDock^
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe   =>Hijacker.Eazel^
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe   =>Adware.Boxore^
C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe   =>PUP.Eorezo^
C:\ProgramData\eSafe\eGdpSvc.exe   =>PUP.eSafeSecurity^
C:\Windows\Tasks\LyricsWoofer Update.job   =>Adware.AddLyrics^
C:\Program Files (x86)\LyricsWoofer\LyricsWooferUPD.exe   =>Adware.AddLyrics^
[HKCU\Software\AppDataLow\Software\LyricsWoofer]   =>Adware.AddLyrics^
[HKCU\Software\Smartbar]   =>Hijacker.SmartBar^
[HKCU\Software\TutoTag]   =>Spyware.AgenceExcusive^
[HKCU\Software\Wajam]   =>Toolbar.Wajam^
[HKLM\Software\DomaIQ]   =>Adware.DomaIQ^
C:\Users\Koxx-Xtp\AppData\Local\Temp\lfw.exe   =>Adware.AddLyrics^
C:\Windows\Installer\{0E25BB07-62EB-476F-87FC-6AF426AB059E}\boxore.ico   =>Adware.Boxore^
C:\Windows\Installer\{89601BB9-C8C0-493D-9912-AD7F51A918A3}\boxore.ico   =>Adware.Boxore^
C:\Windows\Installer\b1459ce.msi   =>PUP.SweetIM^
C:\Windows\Installer\fa2ded3.msi   =>Adware.Boxore^
~ Additionnel Scan: 259630 Items scanned in 00mn 28s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26811836-adware-yontoo   =>Adware.Yontoo
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam   =>Toolbar.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch   =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon  =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics  =>Adware.AddLyrics
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar   =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy    =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock   =>Toolbar.BubbleDock
~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo   =>PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr   =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel   =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore  =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity   =>PUP.eSafeSecurity
~ http://nicolascoolman.webs.com/apps/blog/show/26630379-hijacker-22find   =>Hijacker.22Find
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore   =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox   =>PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit   =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim   =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/30393137-adware-domaiq   =>Adware.DomaIQ
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma   =>Toolbar.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster  =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain  =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop   =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/28441146-pup-imesh   =>PUP.iMesh
~ http://nicolascoolman.webs.com/apps/blog/show/28000037-pup-rewardsarcade    =>PUP.RewardsArcade
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer   =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz   =>Adware.SocialSkinz
~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype   =>Toolbar.Skype
~ http://nicolascoolman.webs.com/apps/blog/show/31536787-toolbar-bing    =>Toolbar.Bing
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask   =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad   =>Adware.PredictAd
~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive   =>Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo  =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector   =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods   =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector   =>PUP.AdvancedSystemProtector
~ http://nicolascoolman.webs.com/apps/blog/show/27530912-adware-smileybar   =>Adware.SmileyBar
~ http://nicolascoolman.webs.com/apps/blog/show/28136809-hijacker-holasearch   =>Hijacker.HolaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/30898585-toolbar-avast   =>Toolbar.Avast
~ MSI: 39 link(s) detected in 00mn 28s



~ 1588 Legitimates filtered by white list
End of the scan (1244 lines in 04mn 02s)(0)
Revenir en haut Aller en bas
Neiroxiapix
bibounet
bibounet


Masculin
Nombre de messages : 11
Age : 20
Localisation : Nul part
Date d'inscription : 15/08/2013

MessageSujet: Re: Mes fenêtres se réduisent toutes seuls.   Ven 16 Aoû 2013 - 10:06

OTL Extras logfile created on: 16/08/2013 09:51:07 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Koxx-Xtp\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,86 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 55,04% Memory free
7,71 Gb Paging File | 5,42 Gb Available in Paging File | 70,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 17,00 Gb Free Space | 11,41% Space Free | Partition Type: NTFS
Drive D: | 35,02 Gb Total Space | 34,26 Gb Free Space | 97,83% Space Free | Partition Type: NTFS
Drive F: | 390,62 Gb Total Space | 390,52 Gb Free Space | 99,97% Space Free | Partition Type: NTFS

Computer Name: KOXX-XTP-PC | User Name: Koxx-Xtp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C52EED-CE7D-49B5-8151-61AA25CF7F06}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0851D31E-45C2-47C3-A816-FBF61AB1F4A3}" = rport=137 | protocol=17 | dir=out | app=system |
"{0E93C7A1-F4B2-49C1-BEB5-8F3F91C27880}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{28982470-BB65-467A-B32C-532708B72A92}" = lport=51738 | protocol=6 | dir=in | name=akamai netsession interface |
"{2B6D7950-6263-4B09-BA37-95EC9707C754}" = rport=138 | protocol=17 | dir=out | app=system |
"{33B4F8A1-1CB0-4032-B3BC-736DD9E58CB1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{35B89873-DD74-41E7-AE47-BA3E595C736D}" = rport=139 | protocol=6 | dir=out | app=system |
"{3E85AE0D-D944-4CD5-BC80-9FC57F96D6C9}" = lport=138 | protocol=17 | dir=in | app=system |
"{41482C4E-2113-4591-8B7F-EF0F9F6B4828}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{45546F93-2F10-443D-99CE-ED208E3833E5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4A68BFE7-5957-43E8-B78D-AF4F01A02CDD}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{597634D9-A23A-4CCC-9296-1E36B9BF24EC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{59B3B108-DF27-4460-866B-1171AC863274}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B726016-57FF-4DB1-AB97-BC64C0A611AF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{61F13E60-CFA1-43CE-A42E-2D7BF5A47AAE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FE52BAA-ADAB-4EDF-B55D-B48D70981A17}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{70EBD563-7CFC-408F-AA0E-AAF1644E4CBE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8601D9A8-C422-4EFC-868A-16ECE56FE6EF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8644647B-EA4A-4A77-9689-03C63C03AE2B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8C579234-2660-4501-A699-71E2ED466C07}" = lport=139 | protocol=6 | dir=in | app=system |
"{8F99684A-658B-4C0B-A96A-FE6D06ABA5EF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92713D01-E9D5-4FE2-986B-3A09D8635B78}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{A0D5AA56-8E41-4841-95CD-E09A2754F067}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A59B6CA0-7908-4EDB-9908-A412F580689A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A7A9C9F9-4D3E-4FF4-92D5-519E69AE4DA4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BE32C402-10C4-42F8-A6ED-2BB69381E716}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C90A8334-5B0D-4881-9B86-366971E91923}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{C9B11A34-A17C-4CDC-B5DC-A31A40864607}" = lport=445 | protocol=6 | dir=in | app=system |
"{D28BA2B0-6354-482A-A4DA-6E8D253D9679}" = lport=137 | protocol=17 | dir=in | app=system |
"{DD120006-BB52-4937-B8FC-87ED36B7EA0E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD3358CF-DC24-434A-9166-85C4EDF91B30}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD52C25A-FE4A-478A-8017-965CA5F3DA97}" = rport=445 | protocol=6 | dir=out | app=system |
"{E773FB4C-42F2-4B6E-895F-C0A6D1660B55}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0408434A-9738-4AD6-8289-77C6980E4973}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{089A7F8B-5C81-45AF-ACD3-3CE870D1F7C7}" = protocol=6 | dir=in | app=c:\program files (x86)\1-click run\cube world v0.1.0 (fixed)(5 july 2013)\server.exe |
"{0AE9CD04-ABEE-470B-9F8E-982FB85D1E83}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"{0B12E2E8-11E2-40E9-B94B-6D0BE0CFA802}" = protocol=6 | dir=out | app=system |
"{0B6DFC54-2735-4725-8C9D-56CA69BD5425}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0C48A2E7-1258-43C0-BA82-21E345184BB9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0EA2169F-8B81-4FA2-95B4-6EFE5C05BDE7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1066A56B-F443-4324-81C0-D071B8AF1CD9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12D422AE-1E42-4124-88CA-74E959B64411}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{131F36DD-3E36-4BCE-81AF-75A19E9E3878}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{1ABF495E-F542-42DC-A740-F92E02F58AFC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1AFDAB0B-F1C2-46B8-B892-59995CBCB1ED}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{1B78731D-8B2E-4859-B586-A200A25001D1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1C12EEE3-76E2-471F-BF16-694D4C01F753}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{1C61F72B-383B-411E-9D82-9B82C61C0A60}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{1EB87C90-B773-4BA3-9EB0-F03EE494C021}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{27F05805-AC8F-42D4-8BBF-485580969477}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2AFFCBDA-53D5-4EA9-B877-AE166ADB3D72}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2CCBC8BB-8599-4FF2-BF0B-227B965AF050}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{2E365F27-81E3-40F8-923B-4161DCBCF0EE}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\arma2.exe |
"{30FBF1FC-E89D-4034-B8C0-3168F2FC877E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3462E634-3761-441B-938A-3C1EEE493DF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{3479A59E-2C14-4BEB-8649-D486035C6C27}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{39168233-CB56-48FD-ADCE-532B9DFD26F9}" = dir=in | app=c:\users\koxx-xtp\documents\the war z\warz.exe |
"{3A9762ED-92CB-45A5-B14B-B050104FBA8B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3E957B2F-E62C-4E60-8DEE-EF4736179EF0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{40B59D7F-033B-4F53-8DB2-F205C85D5194}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{414F242C-D5AF-4915-B27D-25362BAA6FBE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{4307A7B1-26D0-447B-8CBC-2D3FEB50B686}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{44BE0B50-095D-4B78-A9C6-CA55D9E76A6D}" = protocol=17 | dir=in | app=c:\program files (x86)\1-click run\cube world v0.1.0 (fixed)(5 july 2013)\server.exe |
"{4758BCF1-A072-49F7-BD39-3AD3191E920D}" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\arma2oa.exe |
"{4A57F331-A684-4275-8720-3204089B61D2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4CC32FE6-861F-4332-A430-5CFD96F3AFE9}" = protocol=17 | dir=in | app=c:\program files (x86)\war thunder\aces.exe |
"{59BBA5EB-61F4-456A-B3B8-1E5544B66B42}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\arma2.exe |
"{59F2A7D3-C3CA-45A1-B285-78251A11589E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6010C8A8-FEE9-454B-BC8C-66BFEF5FB396}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6108C45F-F016-4261-AF4A-F025F15C7091}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{62D433D0-8375-45C9-A2F3-31DE2F8120ED}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{637BF6F6-A32B-4D3C-8C4F-029C07963A0C}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\arma2oa.exe |
"{6E0ED7D0-A3CD-4461-9444-1355CCB96567}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\mediabar\datamngr\toolbar\dtuser.exe |
"{701FFBC7-CD02-4C7C-9F0D-1FAFF1F3B011}" = protocol=6 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{709122EE-9F42-487D-8248-C1EF4AD53146}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{73C25A5E-CCC4-4D9C-B8E0-81B8648087AE}" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"{7728E738-A2B2-40F4-B32E-9C5A21274CE6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{7C40C3D7-C1CD-45E2-89DC-1C09443C6DB8}" = protocol=17 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{7E4A34EE-D9D6-48BC-8BE5-DD87B6D5067F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7FB782DB-7CDF-4155-9E36-A5053286141F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{81EDEE5F-723F-498D-B82E-17D2CCBEC529}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{8E7DE460-E65D-40FD-A290-FD00B98667B1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{95C4790A-C7F0-4A70-B847-38784B87306A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9C0842E2-3E02-43B6-B3CB-6FCF2131E838}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A02ACFF3-1363-4AE0-9C6E-862801BAF52D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A0ADE5EF-54F7-4A69-90A6-5E4632F6577A}" = protocol=6 | dir=in | app=c:\program files (x86)\war thunder\aces.exe |
"{A848D4EF-E2F8-49BC-B802-F2D97D965C5D}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{A96BF21D-A1B9-4721-A218-CB7D0CD09EAE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CD9D3F97-6887-4C7A-8535-0AFD49E2B1C4}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D815318A-AC87-4E13-8547-8603BBF9AAB6}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D8972366-C6E0-48F2-8959-DD15E731C09B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DBF065B0-6742-4E84-82DA-10C79D02D770}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DC8B51C1-E22E-46C5-97E9-1113C7016261}" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe |
"{DC9220A7-3BEB-4887-B2B6-A4496EA2FD32}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E17EB7D2-A0B6-45E6-B4DD-0A7B09187705}" = protocol=17 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{E605E5E4-FA9F-4EFA-864D-F7418368CCA1}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\mediabar\datamngr\toolbar\dtuser.exe |
"{E934E83E-487E-4166-A052-7E433DD2FE7E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9B5BE76-E48F-45C2-B3C7-82A3BBB9A2F5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{EA4DCBB9-B725-4CAC-8A16-B17222DE1BEB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EB47E691-A11A-4355-9073-1763AC5DABA9}" = protocol=6 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{EBA87A67-6609-4D94-A90E-FF3A4E2CFD68}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{EBC4A2AE-0F8C-4839-B55D-425FAFD45F32}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ED1A65B3-AD68-49E2-912A-2CC8B450886A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F5820376-2F02-4720-9413-6921D7F6AE82}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{F6497F2E-03F1-470C-BB59-B114A6420928}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe |
"{F7CE77ED-E151-4298-90DA-B5BDC74F23DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F8665686-A3B4-47AD-8BE8-C04DC50FD40E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{FF505CC9-1B19-421A-927F-C131FBA34B37}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"TCP Query User{1C234EE5-FDAE-4C6C-99D2-3A2835B6206A}C:\users\koxx-xtp\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\koxx-xtp\appdata\local\akamai\netsession_win.exe |
"TCP Query User{385C5F43-7DBA-4CE1-9543-2EA477DFB717}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{4F0D1701-BA92-4826-946E-54FCF9E330F7}C:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"TCP Query User{55286C8D-86C2-4BC3-9DCB-A4EA8D4FCF86}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{582887E4-17F0-49BC-9FF1-BF2EE5CB0F8D}C:\program files (x86)\war thunder\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\war thunder\aces.exe |
"TCP Query User{5E842D0E-EDCC-443A-8730-4EC91E6E15EA}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\empires2.icd |
"TCP Query User{7F8E357D-A018-426B-9CFF-3999D1438974}C:\program files (x86)\1-click run\cube world v0.1.0 (fixed)(5 july 2013)\server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1-click run\cube world v0.1.0 (fixed)(5 july 2013)\server.exe |
"TCP Query User{8691B86C-399E-4519-BF76-1D7EEBC27296}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{A13DEBFA-5856-477F-951D-A3F8A3367661}C:\program files (x86)\bohemia interactive\arma 2\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\arma2oa.exe |
"TCP Query User{A797CBA0-1E08-4655-BC8E-E0AD75FD9A60}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe |
"TCP Query User{A8696C45-395C-4362-8457-B375F0BA6739}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{AE7CD46A-3853-4FEE-899E-EC002B84EA74}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{AF9BC970-418E-496E-BAEC-6CD4D89DF857}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{CDD21838-E3C7-4C18-A9B4-5E1B780423B8}C:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe |
"TCP Query User{D2C0658E-51A6-494E-8494-E519218E0959}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"TCP Query User{D7010A04-C5C6-47CD-8CFD-CF6CC1ED0394}C:\program files (x86)\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"TCP Query User{DF498072-7FDD-4AFE-9663-CE1704CEC7E0}C:\users\koxx-xtp\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\koxx-xtp\appdata\local\akamai\netsession_win.exe |
"TCP Query User{E4734730-2C17-45FD-95F6-1C9B35214391}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{E5CAC4A6-303F-46A4-A8CB-35173E5A9AE9}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{F0D93DF0-B6A6-4CEF-A8AA-20A95D1DE103}C:\program files (x86)\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"TCP Query User{F40772CA-0DCB-44C6-88BF-EF95C46BAA52}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe |
"TCP Query User{FDD4A52D-C1FA-4109-81BC-B8EB29C57D0F}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"UDP Query User{1D77765D-FDDE-4C00-8A60-534F92A63C0A}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{212A2603-048E-4683-A0A0-AA0732A4D6F6}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"UDP Query User{283C9A3A-8E7C-435C-B36D-AA30FA8AD03A}C:\program files (x86)\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"UDP Query User{2C2DF908-BFA9-47D2-B138-1E3DE7E2FD5F}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\empires2.icd |
"UDP Query User{315C375B-726F-4159-BF10-729750AC4AB2}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{44F05228-6015-4A64-9EAF-34421C1E7960}C:\program files (x86)\1-click run\cube world v0.1.0 (fixed)(5 july 2013)\server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1-click run\cube world v0.1.0 (fixed)(5 july 2013)\server.exe |
"UDP Query User{891E6BFD-69D8-4A71-9F0F-E62A020D27D8}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{9336CA72-FBD5-4561-9D4E-DDB6D2AE7D28}C:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"UDP Query User{A084BD17-3101-4FBA-BFA3-4ABA5B6C4B7C}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe |
"UDP Query User{A59BD9F5-9BE7-42EE-ACE4-4D17AF41FB56}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"UDP Query User{AB2A1767-2E01-406B-9705-D660635F183A}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{AC0AB8C2-274F-4BE0-8668-13AE4FCEF8A7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{ADB95F9A-91A8-4B5D-ACB1-D52C151DAECF}C:\users\koxx-xtp\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\koxx-xtp\appdata\local\akamai\netsession_win.exe |
"UDP Query User{BA582E7C-CC6E-4D1C-AA0F-A9983F67EED1}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{C0635FB4-F668-406F-96CE-65126F0BA241}C:\program files (x86)\war thunder\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\war thunder\aces.exe |
"UDP Query User{C2077013-D21F-4EA3-B8F2-2C33A033FD87}C:\users\koxx-xtp\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\koxx-xtp\appdata\local\akamai\netsession_win.exe |
"UDP Query User{CECF3665-E658-4F8B-99A3-64EFB037709F}C:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe |
"UDP Query User{D2490AF7-7C29-4E98-8C24-B2274F71FD66}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{E3BC9FE1-B96D-4C79-AE2B-E0C4C1F9A844}C:\program files (x86)\bohemia interactive\arma 2\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bohemia interactive\arma 2\arma2oa.exe |
"UDP Query User{EA232562-B88D-42D7-BE93-37019D21E5C8}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe |
"UDP Query User{F3AF3602-E399-4B1E-96D8-D08034AF6BFE}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{F4E172B6-6030-4DDE-9D49-FCDBE871CD68}C:\program files (x86)\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client
"{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}" = Microsoft Antimalware Service FR-FR Language Pack
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7F2540AD-FD82-427A-8FDC-33EC53C8B17A}" = Fresco Logic USB3.0 Host Controller
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 2.04
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
Revenir en haut Aller en bas
Neiroxiapix
bibounet
bibounet


Masculin
Nombre de messages : 11
Age : 20
Localisation : Nul part
Date d'inscription : 15/08/2013

MessageSujet: Suite du rapport de Extras.Txt   Ven 16 Aoû 2013 - 10:07

"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 7.2.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.1
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client FR-FR Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB2.0 UVC 2M WebCam" = USB2.0 UVC 2M WebCam

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0ACC2993-2058-4BE7-9A92-9DCDAA9B3412}" = LogMeIn Hamachi
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B74EC0B-2A85-4542-A167-3DE2132E7DAA}" = DayZ Commander
"{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}" = Windows Live UX Platform Language Pack
"{0C4FF2FE-9E75-4DBF-B2DA-11CE1F10C4B5}" = Roxio AACS Certificate
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0E25BB07-62EB-476F-87FC-6AF426AB059E}" = Boxore Client
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{13FAE3E3-283E-4BF4-8FE5-17D256EDDD77}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserDefender
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{32C01DD0-3260-4D2B-BDB2-36CEC3E5B27A}" = Windows Live UX Platform Language Pack
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}" = Complemento Messenger
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{76046298-768C-492C-8C93-2983C9E3719E}" = Windows Live UX Platform Language Pack
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7BF67A61-BE7C-4806-B93C-97F299D6A6FE}" = ASUS AI Recovery
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{939C80FA-96C9-44A6-B318-8E7D8BD8481B}" = Messenger Companion
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96403552-88D1-429F-9C92-388B814B885E}" = Messenger Companion
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7DEE877-3031-4313-B235-96FDEB16EF7E}" = Roxio CinePlayer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5977C5-11AE-4003-BA7D-261C48F2BC35}" = מסייע Messenger
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Français
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BBC019AB-8349-42A2-AF5A-A8B759722E2F}" = Windows Live UX Platform Language Pack
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}" = Roxio CinePlayer
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DAD22D-29D4-438F-B986-03B9ED582EA4}" = Messenger Companion
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF088261-BC81-4FB9-9BA0-7B5B9602D01A}" = Messenger 分享元件
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2131BFA-A0D6-4FDE-8614-75B07A9B15EE}" = Windows Live UX Platform Language Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1019541-10A2-464F-A23E-A4F23DA65160}" = Mumble 1.2.3
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{ED86C4AB-D1E5-42CF-BFA3-56BAAE617D4E}" = Windows Live UX Platform Language Pack
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.252
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FAAA508A-05C0-488B-BFC2-F9217E545A81}" = Logitech Gaming Software
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface
"ASUS AP Bank_is1" = ASUS AP Bank
"ASUS VIBE" = ASUS VIBE
"Asus_G73_Screensaver" = Asus_G73_Screensaver
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Cube World v0.1.0 (FIXED)(5 July 2013)0.1.0" = Cube World v0.1.0 (FIXED)(5 July 2013)
"GameSaike SixaxisDriver_is1" = SixaxisDriver 0.91
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"LogMeIn Hamachi" = LogMeIn Hamachi
"lwoofer@lyricswoofer.co" = LyricsWoofer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SoftwareUpdater" = SoftwareUpdater
"Steam App 440" = Team Fortress 2
"Wajam" = Wajam
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32 bits)
"ZHPDiag_is1" = ZHPDiag 2013

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"HappyCloud" = Happy Cloud Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 30/06/2013 05:33:07 | Computer Name = Koxx-Xtp-PC | Source = MsiInstaller | ID = 11609
Description =

Error - 02/07/2013 12:58:17 | Computer Name = Koxx-Xtp-PC | Source = Bonjour Service | ID = 100
Description =

Error - 02/07/2013 12:58:17 | Computer Name = Koxx-Xtp-PC | Source = Bonjour Service | ID = 100
Description =

Error - 02/07/2013 12:58:17 | Computer Name = Koxx-Xtp-PC | Source = Bonjour Service | ID = 100
Description =

Error - 03/07/2013 12:22:14 | Computer Name = Koxx-Xtp-PC | Source = Application Hang | ID = 1002
Description = Le programme hl2.exe version 0.0.0.0 a cessé d’interagir avec Windows
et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles,
consultez l’historique du problème dans le Centre de maintenance.    ID de processus :
16fc    Heure de début : 01ce77d3e2397961    Heure de fin : 2676    Chemin d’accès de l’application
: C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe    ID de rapport
:  

Error - 03/07/2013 12:50:06 | Computer Name = Koxx-Xtp-PC | Source = Application Hang | ID = 1002
Description = Le programme Skype.exe version 6.3.0.107 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans le Centre de maintenance.    ID
de processus : 10ac    Heure de début : 01ce77ce8c7b80ff    Heure de fin : 343    Chemin d’accès
de l’application : C:\Program Files (x86)\Skype\Phone\Skype.exe    ID de rapport :
 

Error - 03/07/2013 14:01:08 | Computer Name = Koxx-Xtp-PC | Source = SideBySide | ID = 16842832
Description = La création du contexte d’activation a échoué pour « C:\Users\Koxx-Xtp\Downloads\SoftonicDownloader_pour_candles.exe ».
Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne .  Une version
de composant nécessaire à l’application est en conflit avec une autre version de
composant déjà active.  Les composants en conflit sont :  Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Composant
2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 03/07/2013 14:01:10 | Computer Name = Koxx-Xtp-PC | Source = SideBySide | ID = 16842832
Description = La création du contexte d’activation a échoué pour « C:\Users\Koxx-Xtp\Downloads\SoftonicDownloader_pour_scp-087.exe ».
Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne .  Une version
de composant nécessaire à l’application est en conflit avec une autre version de
composant déjà active.  Les composants en conflit sont :  Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Composant
2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 03/07/2013 14:01:11 | Computer Name = Koxx-Xtp-PC | Source = SideBySide | ID = 16842832
Description = La création du contexte d’activation a échoué pour « C:\Users\Koxx-Xtp\Downloads\SoftonicDownloader_pour_candles
(1).exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne
.  Une version de composant nécessaire à l’application est en conflit avec une autre
version de composant déjà active.  Les composants en conflit sont :  Composant 1 :
C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Composant
2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 03/07/2013 14:01:12 | Computer Name = Koxx-Xtp-PC | Source = SideBySide | ID = 16842832
Description = La création du contexte d’activation a échoué pour « C:\Users\Koxx-Xtp\Downloads\SoftonicDownloader_pour_arma-2-free.exe ».
Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne .  Une version
de composant nécessaire à l’application est en conflit avec une autre version de
composant déjà active.  Les composants en conflit sont :  Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Composant
2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

[ Media Center Events ]
Error - 22/02/2013 15:14:14 | Computer Name = Koxx-Xtp-PC | Source = MCUpdate | ID = 0
Description = 20:14:09 - Erreur de connexion à Internet.  20:14:09 -     Impossible
de contacter le service..  

Error - 22/02/2013 16:14:44 | Computer Name = Koxx-Xtp-PC | Source = MCUpdate | ID = 0
Description = 21:14:44 - Erreur de connexion à Internet.  21:14:44 -     Impossible
de contacter le service..  

Error - 22/02/2013 16:15:14 | Computer Name = Koxx-Xtp-PC | Source = MCUpdate | ID = 0
Description = 21:15:13 - Erreur de connexion à Internet.  21:15:13 -     Impossible
de contacter le service..  

Error - 23/02/2013 04:24:16 | Computer Name = Koxx-Xtp-PC | Source = MCUpdate | ID = 0
Description = 09:24:16 - Erreur de connexion à Internet.  09:24:16 -     Impossible
de contacter le service..  

Error - 23/02/2013 04:24:52 | Computer Name = Koxx-Xtp-PC | Source = MCUpdate | ID = 0
Description = 09:24:45 - Erreur de connexion à Internet.  09:24:45 -     Impossible
de contacter le service..  

Error - 28/02/2013 02:28:23 | Computer Name = Koxx-Xtp-PC | Source = MCUpdate | ID = 0
Description = 07:27:54 - Erreur de connexion à Internet.  07:27:55 -     Impossible
de contacter le service..  

Error - 28/02/2013 03:29:05 | Computer Name = Koxx-Xtp-PC | Source = MCUpdate | ID = 0
Description = 08:29:04 - Erreur de connexion à Internet.  08:29:04 -     Impossible
de contacter le service..  

Error - 28/02/2013 04:29:48 | Computer Name = Koxx-Xtp-PC | Source = MCUpdate | ID = 0
Description = 09:29:47 - Erreur de connexion à Internet.  09:29:47 -     Impossible
de contacter le service..  

Error - 28/02/2013 05:30:31 | Computer Name = Koxx-Xtp-PC | Source = MCUpdate | ID = 0
Description = 10:30:30 - Erreur de connexion à Internet.  10:30:30 -     Impossible
de contacter le service..  

Error - 05/03/2013 04:45:17 | Computer Name = Koxx-Xtp-PC | Source = MCUpdate | ID = 0
Description = 09:45:10 - Erreur de connexion à Internet.  09:45:10 -     Impossible
de contacter le service..  

[ System Events ]
Error - 16/08/2013 03:58:00 | Computer Name = Koxx-Xtp-PC | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la connexion du service BrowserDefendert.

Error - 16/08/2013 03:58:00 | Computer Name = Koxx-Xtp-PC | Source = Service Control Manager | ID = 7000
Description = Le service BrowserDefendert n’a pas pu démarrer en raison de l’erreur :
  %%1053

Error - 16/08/2013 03:59:00 | Computer Name = Koxx-Xtp-PC | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la connexion du service BrowserDefendert.

Error - 16/08/2013 03:59:00 | Computer Name = Koxx-Xtp-PC | Source = Service Control Manager | ID = 7000
Description = Le service BrowserDefendert n’a pas pu démarrer en raison de l’erreur :
  %%1053

Error - 16/08/2013 04:00:00 | Computer Name = Koxx-Xtp-PC | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la connexion du service BrowserDefendert.

Error - 16/08/2013 04:00:00 | Computer Name = Koxx-Xtp-PC | Source = Service Control Manager | ID = 7000
Description = Le service BrowserDefendert n’a pas pu démarrer en raison de l’erreur :
  %%1053

Error - 16/08/2013 04:01:00 | Computer Name = Koxx-Xtp-PC | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la connexion du service BrowserDefendert.

Error - 16/08/2013 04:01:00 | Computer Name = Koxx-Xtp-PC | Source = Service Control Manager | ID = 7000
Description = Le service BrowserDefendert n’a pas pu démarrer en raison de l’erreur :
  %%1053

Error - 16/08/2013 04:02:00 | Computer Name = Koxx-Xtp-PC | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la connexion du service BrowserDefendert.

Error - 16/08/2013 04:02:00 | Computer Name = Koxx-Xtp-PC | Source = Service Control Manager | ID = 7000
Description = Le service BrowserDefendert n’a pas pu démarrer en raison de l’erreur :
  %%1053


< End of report >
Revenir en haut Aller en bas
Neiroxiapix
bibounet
bibounet


Masculin
Nombre de messages : 11
Age : 20
Localisation : Nul part
Date d'inscription : 15/08/2013

MessageSujet: Re: Mes fenêtres se réduisent toutes seuls.   Ven 16 Aoû 2013 - 10:09

OTL logfile created on: 16/08/2013 09:51:07 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Koxx-Xtp\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,86 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 55,04% Memory free
7,71 Gb Paging File | 5,42 Gb Available in Paging File | 70,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 17,00 Gb Free Space | 11,41% Space Free | Partition Type: NTFS
Drive D: | 35,02 Gb Total Space | 34,26 Gb Free Space | 97,83% Space Free | Partition Type: NTFS
Drive F: | 390,62 Gb Total Space | 390,52 Gb Free Space | 99,97% Space Free | Partition Type: NTFS

Computer Name: KOXX-XTP-PC | User Name: Koxx-Xtp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/16 09:50:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Koxx-Xtp\Downloads\OTL.exe
PRC - [2013/07/27 10:41:25 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/07/27 10:35:36 | 001,889,568 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/07/27 10:35:26 | 001,209,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013/07/27 00:46:24 | 000,563,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013/07/27 00:46:22 | 001,807,272 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/06/21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/28 16:12:36 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
PRC - [2013/02/15 01:30:31 | 000,023,552 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
PRC - [2012/12/14 12:16:43 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012/10/02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2010/12/11 19:17:53 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010/10/08 06:23:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
PRC - [2010/08/21 04:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2010/08/13 03:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2010/06/24 17:50:50 | 006,806,144 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/06/09 09:55:54 | 001,080,448 | ---- | M] (asus) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
PRC - [2010/05/03 14:41:46 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/10/01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/07/31 10:38:26 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2009/07/31 10:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/15 09:52:04 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/15 09:51:58 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 09:51:54 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 09:51:51 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/15 09:51:50 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\930e99b2f62cea8c4aa070527d15f748\PresentationFramework.ni.dll
MOD - [2013/08/15 09:51:37 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\585b8f6cc7ba86886462d0dc9753c98f\PresentationCore.ni.dll
MOD - [2013/08/15 09:51:28 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll
MOD - [2013/08/15 09:51:25 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/27 00:46:24 | 001,122,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/07/16 12:57:24 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/16 12:53:31 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/07/16 00:32:40 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/07/01 18:20:48 | 000,652,800 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/06/15 01:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/15 01:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/15 01:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/12/14 12:16:43 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2010/11/05 03:58:09 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2010/10/08 06:23:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
MOD - [2010/08/13 03:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2010/07/01 11:21:42 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010/02/23 15:14:22 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
MOD - [2010/02/23 15:14:18 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
MOD - [2010/02/23 15:14:10 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
MOD - [2010/02/23 15:12:22 | 000,186,880 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
MOD - [2010/02/23 15:11:46 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
MOD - [2009/11/03 00:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/03 00:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/08/04 12:02:12 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2007/06/15 10:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/01 17:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/07/27 10:49:33 | 014,984,480 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/06/20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/06/20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/22 11:20:42 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/04/17 02:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2013/08/02 10:41:39 | 000,891,456 | ---- | M] (Wsys Co., Ltd.) [Auto | Stopped] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (WsysSvc)
SRV - [2013/07/27 10:35:36 | 001,889,568 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/07/27 00:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/07/26 12:11:20 | 002,847,696 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe -- (BrowserDefendert)
SRV - [2013/07/16 09:17:56 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/15 16:01:28 | 000,119,408 | ---- | M] (The Software Group) [On_Demand | Stopped] -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe -- (Software_update_m)
SRV - [2013/07/15 16:01:28 | 000,119,408 | ---- | M] (The Software Group) [Auto | Stopped] -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe -- (Software_update)
SRV - [2013/07/11 13:13:32 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/07/01 16:24:28 | 004,569,856 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/06/28 14:02:04 | 002,470,736 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/06/21 09:53:36 | 000,162,408 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/28 16:12:36 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2013/02/18 09:52:54 | 000,031,744 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe -- (SrvUpdater)
SRV - [2012/10/02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2010/12/11 19:18:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/08/21 04:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/10/01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/10/01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2005/03/09 20:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/05/14 21:28:40 | 000,039,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/25 07:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/08/29 15:53:59 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2012/04/25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/25 05:24:26 | 000,229,376 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2010/09/25 05:24:26 | 000,069,120 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2010/07/26 05:27:33 | 000,318,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010/04/21 09:47:49 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/04/17 02:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/03/19 13:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/05 05:19:45 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/03 13:51:39 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/02 10:45:23 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/02/26 10:32:11 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/12/01 15:49:52 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009/11/18 01:11:59 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/09/17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/20 04:41:37 | 001,800,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/13 19:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/05/24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/08/03 06:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2006/12/24 05:15:18 | 000,027,904 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\xPADFL02.sys -- (XPADFL02)
DRV - [2005/03/09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=334&systemid=1&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=FR&userid=10cf2f3f-d251-4dda-8e4c-31abc77f67ce&searchtype=ds&q={searchTerms}&installDate=15/07/2013
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=B6954E5D60830C8E&affID=121139&tsp=4945
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=FR&userid=10cf2f3f-d251-4dda-8e4c-31abc77f67ce&searchtype=ds&q={searchTerms}&installDate=15/07/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=FR&userid=10cf2f3f-d251-4dda-8e4c-31abc77f67ce&searchtype=ds&q={searchTerms}&installDate=15/07/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=B6954E5D60830C8E&affID=121139&tsp=4945
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=FR&userid=10cf2f3f-d251-4dda-8e4c-31abc77f67ce&searchtype=ds&q={searchTerms}&installDate=15/07/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=FR&userid=10cf2f3f-d251-4dda-8e4c-31abc77f67ce&searchtype=ds&q={searchTerms}&installDate=15/07/2013
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=FR&userid=10cf2f3f-d251-4dda-8e4c-31abc77f67ce&searchtype=ds&q={searchTerms}&installDate=15/07/2013
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://mixidj.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B6954E5D60830C8E&affID=121139&tsp=4945
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.0.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.Software.com/Software Update;version=3: C:\Program Files (x86)\Software\Update\1.3.25.0\npSoftwareUpdate3.dll (The Software Group)
FF - HKLM\Software\MozillaPlugins\@tools.Software.com/Software Update;version=9: C:\Program Files (x86)\Software\Update\1.3.25.0\npSoftwareUpdate3.dll (The Software Group)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Koxx-Xtp\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bubbledock@nosibay.com: C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch [2013/03/01 12:52:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lwoofer@lyricswoofer.co: C:\Program Files (x86)\LyricsWoofer\128.xpi [2013/08/16 09:23:49 | 000,005,875 | ---- | M] ()

[2012/04/04 12:30:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Koxx-Xtp\AppData\Roaming\mozilla\Firefox\extensions
[2012/04/04 12:30:09 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- C:\Users\Koxx-Xtp\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
[2012/07/12 13:12:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome  ==========

CHR - default_search_provider: Mixi.DJ Search (Enabled)
CHR - default_search_provider: search_url = http://mixidj.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B6954E5D60830C8E&affID=121139&tsp=4945
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=B6954E5D60830C8E&affID=121139&tsp=4945
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin:  Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: Windows Live0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Happy Cloud Plugin (Enabled) = C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 8.0.0.33 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: LyricsWoofer = C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdephonbpjofbmmhhlhiegdokbhhccch\1.128_0\
CHR - Extension: Adblock Plus = C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.3_0\
CHR - Extension: Wajam = C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: Smart Display = C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa\1.6_0\
CHR - Extension: LyricsWoofer = C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdephonbpjofbmmhhlhiegdokbhhccch\1.128_0\
CHR - Extension: Adblock Plus = C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.3_0\
CHR - Extension: Wajam = C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: Smart Display = C:\Users\Koxx-Xtp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa\1.6_0\

O1 HOSTS File: ([2012/08/28 16:15:20 | 000,000,141 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Revenir en haut Aller en bas
Neiroxiapix
bibounet
bibounet


Masculin
Nombre de messages : 11
Age : 20
Localisation : Nul part
Date d'inscription : 15/08/2013

MessageSujet: Suite du rapport de OTL.Txt   Ven 16 Aoû 2013 - 10:09

O2 - BHO: (Bubble Dock SurfMatch) - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (Nosibay)
O2 - BHO: (LyricsWoofer) - {53795d9b-41f0-4eea-8072-e1693b4f35c3} - C:\Program Files (x86)\LyricsWoofer\128.dll (LyricsWoofer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS VIBE] C:\Program Files (x86)\ASUS\ASUS VIBE\ASUS VIBE.exe (ecm)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [tuto4pc_fr_43]  File not found
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Koxx-Xtp\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Bubble Dock] C:\Users\Koxx-Xtp\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (Nosibay)
O4 - HKCU..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.200.0.cab (Battlefield Heroes Updater)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers2.touslesdrivers.com/maconfig/MaConfig_6_0_1_0.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51F942E6-BD4C-4747-8149-8CC4E5DEC249}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C89FEFDF-70CF-48BA-983B-2B777F361FA3}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) -  File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~2\NVSTRE~1\rxinput.dll) - C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/16 09:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2013/08/16 09:37:47 | 000,000,000 | ---D | C] -- C:\ZHP
[2013/08/16 09:30:48 | 000,000,000 | ---D | C] -- C:\Users\Koxx-Xtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[2013/08/16 09:30:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2013/08/16 09:30:11 | 000,000,000 | ---D | C] -- C:\Users\Koxx-Xtp\AppData\Roaming\eIntaller
[2013/08/16 09:23:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsWoofer
[2013/08/16 09:08:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/16 09:08:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/08/16 09:08:11 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/08/16 09:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/08/15 09:40:14 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/08/15 09:40:14 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/08/15 09:40:13 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/08/15 09:40:13 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/15 09:40:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/15 09:40:13 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/15 09:40:13 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/15 09:40:12 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/15 09:40:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/15 09:40:12 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/08/15 09:40:12 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/15 09:40:10 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/15 09:40:10 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/15 09:40:10 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/15 09:40:10 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/15 09:20:30 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/15 09:20:30 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/15 09:20:29 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/08/15 09:19:23 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/08/15 09:19:22 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/08/15 09:19:21 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/08/15 09:19:20 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/08/15 09:19:20 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/08/15 09:19:20 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/08/15 09:19:19 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/08/15 09:19:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/08/15 09:19:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/08/15 09:19:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/08/15 09:19:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/08/15 09:19:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/08/15 09:19:05 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/08/14 11:36:18 | 000,000,000 | ---D | C] -- C:\NvidiaLogging
[2013/08/14 11:35:49 | 000,039,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2013/08/14 11:35:49 | 000,029,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2013/08/14 11:35:49 | 000,028,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2013/08/14 11:35:28 | 000,000,000 | ---D | C] -- C:\Users\Koxx-Xtp\AppData\Local\NVIDIA
[2013/08/14 11:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/08/14 11:31:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/08/14 11:29:00 | 027,781,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/08/14 11:29:00 | 021,102,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/08/14 11:29:00 | 015,144,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013/08/14 11:29:00 | 013,411,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013/08/14 11:29:00 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013/08/14 11:29:00 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013/08/14 11:29:00 | 002,953,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/08/14 11:29:00 | 002,777,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/08/14 11:29:00 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/08/14 11:29:00 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/08/14 11:29:00 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432049.dll
[2013/08/14 11:29:00 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432049.dll
[2013/08/14 11:29:00 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2013/08/14 11:29:00 | 000,572,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013/08/14 11:29:00 | 000,570,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013/08/14 11:29:00 | 000,467,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013/08/14 11:29:00 | 000,465,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013/08/14 11:29:00 | 000,194,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013/08/14 11:29:00 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013/08/14 11:28:59 | 009,239,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/08/14 11:28:59 | 007,687,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/08/14 11:28:58 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/08/14 11:28:58 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/08/14 11:28:58 | 002,597,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013/08/12 18:19:40 | 000,000,000 | ---D | C] -- C:\Users\Koxx-Xtp\AppData\Roaming\Google
[2013/07/30 09:07:59 | 000,000,000 | ---D | C] -- C:\Users\Koxx-Xtp\AppData\Roaming\.mono
[2013/07/29 19:53:48 | 000,000,000 | ---D | C] -- C:\Users\Koxx-Xtp\AppData\Local\UWebKit
[2013/07/29 13:04:03 | 000,000,000 | ---D | C] -- C:\Users\Koxx-Xtp\AppData\Local\WarThunder
[2013/07/29 13:04:03 | 000,000,000 | ---D | C] -- C:\ProgramData\WarThunder
[2013/07/29 13:03:45 | 000,000,000 | ---D | C] -- C:\Users\Koxx-Xtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\War Thunder
[2013/07/29 13:03:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\War Thunder
[2013/07/25 18:33:32 | 000,000,000 | ---D | C] -- C:\Users\Koxx-Xtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
[2013/07/25 18:33:31 | 000,000,000 | ---D | C] -- C:\Users\Koxx-Xtp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
[2013/07/22 18:50:08 | 000,000,000 | ---D | C] -- C:\Users\Koxx-Xtp\Documents\My Cheat Tables
[2013/07/18 08:30:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/16 09:44:02 | 000,019,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/16 09:44:02 | 000,019,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/16 09:37:56 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2013/08/16 09:37:56 | 000,001,862 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2013/08/16 09:37:56 | 000,001,000 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2013/08/16 09:27:02 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/16 09:25:00 | 000,001,764 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013/08/16 09:23:49 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\LyricsWoofer Update.job
[2013/08/16 09:23:21 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013/08/16 09:23:13 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/16 09:23:03 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2013/08/16 09:22:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/16 09:22:39 | 3105,124,352 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/16 09:08:19 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/16 09:07:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/16 09:06:10 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2013/08/16 08:49:31 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4172766360-812181187-3318302473-1000UA.job
[2013/08/16 08:49:25 | 000,317,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/15 09:37:59 | 001,744,758 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/15 09:37:59 | 000,766,944 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/08/15 09:37:59 | 000,672,702 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/15 09:37:59 | 000,157,780 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/08/15 09:37:59 | 000,129,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/15 09:03:02 | 000,001,952 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013/08/14 20:20:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4172766360-812181187-3318302473-1000Core.job
[2013/08/14 11:33:10 | 000,001,349 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013/08/02 09:10:25 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/07/29 13:03:45 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\War Thunder.lnk
[2013/07/26 07:13:58 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/26 07:12:27 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/26 07:12:08 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/26 07:12:08 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/26 07:12:04 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/26 07:12:04 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/26 07:12:03 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/26 07:12:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/26 05:12:04 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/26 05:12:00 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/26 05:12:00 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/26 05:12:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/26 05:11:59 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/26 04:39:38 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/26 03:59:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/25 11:25:54 | 001,888,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/25 10:57:27 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/18 08:30:24 | 001,700,826 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/16 09:37:56 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2013/08/16 09:37:56 | 000,001,862 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2013/08/16 09:37:56 | 000,001,000 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2013/08/16 09:08:19 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/16 08:49:11 | 000,317,640 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/14 11:33:10 | 000,001,349 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013/07/29 13:03:45 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\War Thunder.lnk
[2013/04/08 18:25:04 | 000,000,218 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Local\recently-used.xbel
[2013/01/26 14:06:49 | 000,000,153 | ---- | C] () -- C:\ProgramData\Ip8n1qW.reg
[2013/01/26 14:06:49 | 000,000,086 | ---- | C] () -- C:\ProgramData\Ip8n1qW.bat
[2012/08/30 10:13:10 | 000,000,000 | ---- | C] () -- C:\Windows\Net4Switch.INI
[2012/08/28 17:46:14 | 000,002,021 | ---- | C] () -- C:\Users\Koxx-Xtp\Adobe Reader X.lnk
[2012/08/28 10:35:18 | 000,005,537 | ---- | C] () -- C:\Windows\wininit.ini
[2012/08/27 16:00:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/27 16:00:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/27 16:00:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/27 16:00:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/27 16:00:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/13 14:17:38 | 000,000,096 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Local\fusioncache.dat
[2012/02/14 13:23:52 | 000,003,584 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/29 16:23:44 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011/08/21 12:12:03 | 001,700,826 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/19 17:05:11 | 000,000,000 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Local\{F04AEBE6-2594-4D33-BD9D-1EA7D69347B3}
[2011/08/01 15:27:48 | 000,000,008 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusAppId0_7
[2011/07/31 11:43:21 | 000,000,008 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusAppId0_6
[2011/07/30 19:08:34 | 000,000,008 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusAppId0_5
[2011/07/29 17:15:39 | 000,000,008 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusAppId0_4
[2011/07/20 10:45:20 | 000,000,008 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusAppId0_3
[2011/07/20 09:32:47 | 000,000,008 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusAppId0_1
[2011/07/20 09:22:20 | 000,000,129 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Roaming\D2Info0
[2011/07/20 09:22:20 | 000,000,008 | ---- | C] () -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusAppId0_2

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/04/01 11:36:16 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\.age-of-craft
[2013/08/02 21:48:17 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\.minecraft
[2013/07/30 09:07:59 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\.mono
[2013/01/25 17:36:10 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\AnkamaCertificates
[2012/09/22 13:40:06 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\app
[2012/08/29 09:05:24 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Asus WebStorage
[2013/02/28 16:03:54 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Babylon
[2012/02/06 20:22:21 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/06/28 21:16:39 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Common
[2013/06/28 21:16:40 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\DataMgr
[2013/07/15 16:04:06 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Desk 365
[2011/12/25 12:09:25 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Dofus 2
[2011/07/20 09:22:20 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/07/20 10:45:20 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/07/29 17:15:39 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/07/30 19:08:34 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/07/31 11:43:21 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Dofus-6.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/08/01 15:27:48 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Dofus-7.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/07/20 09:32:47 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2013/01/29 21:30:38 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Dofus2
[2013/01/25 20:44:07 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusTesting
[2013/01/25 17:35:35 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusTesting-2
[2013/01/25 20:48:18 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusTesting-3
[2013/01/25 22:21:28 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusTesting-4
[2013/01/29 08:24:56 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\DofusTesting-5
[2013/08/16 09:30:11 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\eIntaller
[2012/02/14 15:19:14 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\GetRightToGo
[2013/06/28 21:16:40 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Intermediate
[2013/02/28 15:09:59 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\LolClient
[2011/08/06 19:23:47 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\MotioninJoy
[2013/07/21 10:30:55 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Mumble
[2012/01/27 23:08:23 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\MusicNet
[2013/05/01 10:04:31 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\OfferBox
[2012/02/14 18:27:21 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Origin
[2013/06/29 15:33:37 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\PerformerSoft
[2013/06/28 21:16:39 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\PiccShare
[2011/07/20 09:22:22 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2013/06/28 21:16:40 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\SCheck
[2013/04/27 16:16:11 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Screaming Bee
[2013/06/28 21:16:40 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\SSync
[2013/06/01 12:51:49 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\TERA
[2013/06/07 07:05:25 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Ubisoft
[2012/04/20 18:13:40 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\wargaming.net
[2013/08/16 09:26:06 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Yontoo
[2011/07/20 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Koxx-Xtp\AppData\Roaming\Youdagames

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:52DBE86F
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:3E7393FC

< End of report >
Revenir en haut Aller en bas
Neiroxiapix
bibounet
bibounet


Masculin
Nombre de messages : 11
Age : 20
Localisation : Nul part
Date d'inscription : 15/08/2013

MessageSujet: Re: Mes fenêtres se réduisent toutes seuls.   Ven 16 Aoû 2013 - 10:11

Et voilà je connais que les bases de l'informatique donc je comprend rien à ce qui y est écrit. J'espère que quelqu'un trouvera un solution Crying or Very sad
Revenir en haut Aller en bas
oskare68
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages : 2496
Age : 53
Localisation : France (Alsace)
Humeur : C'est selon...
Date d'inscription : 30/04/2010

MessageSujet: Re: Mes fenêtres se réduisent toutes seuls.   Sam 17 Aoû 2013 - 8:57

Re bjr Neiroxiapix

Tout d'abord il aurait fallut héberger tes rapports ici >>> http://www.cjoint.com
Ensuite,comme je le supputais,tu es TRES "infecté" par toutes sortes de malwares affraid  De ce fait,je préfère qu'un collègue te prenne en charge.Pour l'avancer >>>

Relance Adw-Cleaner >>> suppression puis post le log de suppression
Refais aussi un nouveau ZhpDiag
Cette fois utilise http://www.cjoint.com pour héberger les logs d'accord.

Cordialement

PS: Akamai et Hamachi ralentissent bcp ton pc,je te conseille (mais ce n'est pas une obligation,a toi de voir) de les désinstaller avant de relancer Adw-cleaner et Zhp

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
Neiroxiapix
bibounet
bibounet


Masculin
Nombre de messages : 11
Age : 20
Localisation : Nul part
Date d'inscription : 15/08/2013

MessageSujet: Re: Mes fenêtres se réduisent toutes seuls.   Sam 17 Aoû 2013 - 17:01

Merci pour ta réponse je pensais pas que c'étais aussi extrême. J'ai désinstaller Hamachi (je ne m'en servais plus) et Akaimi (je ne sais pas à quoi sa sert).

Cordialement.

Revenir en haut Aller en bas
oskare68
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages : 2496
Age : 53
Localisation : France (Alsace)
Humeur : C'est selon...
Date d'inscription : 30/04/2010

MessageSujet: Re: Mes fenêtres se réduisent toutes seuls.   Dim 17 Nov 2013 - 9:36

Je clos le sujet.Si tu as besoin de le ré-ouvrir,fais en la demande via MP auprès d'un modérateur.
Bon surf.

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
Contenu sponsorisé




MessageSujet: Re: Mes fenêtres se réduisent toutes seuls.   Aujourd'hui à 3:02

Revenir en haut Aller en bas
 
Mes fenêtres se réduisent toutes seuls.
Voir le sujet précédent Voir le sujet suivant Revenir en haut 
Page 1 sur 1
 Sujets similaires
-
» Mes fenêtres se réduisent toutes seuls.
» Fenêtres qui s'ouvrent toutes seules sur internet sous IE et Mozzilla
» [Résolu] Fenêtres publicitaires intempestives
» fenêtres publicitaires
» Centrer les fenêtres

Permission de ce forum:Vous ne pouvez pas répondre aux sujets dans ce forum
Bibou le forum :: 
Informatique divers
 :: 
Internet, réseau, FAI
-
Sauter vers: