adwares : les mots qui se soulignent en vert et les pub

[maryvonne44]

je m'appelle maryvonne, je suis retraitée, agée de bientot 67 ans, je suis mariée, mère de trois enfants et j'élève par passion des chiens de race eurasiers, je fais avec mon mari un petit élevage, j'ai une portée de chiot par an, nous aimons les voyages , nous avons un camping car depuis 4 ans
j'habite en loire altantique entre nantes et angers
je ne suis pas une pro de l'informatique , je recherchais sur google une solution pour enlever les mots qui se soulignent en vert et les pub intempestives je suis tombée sur votre forum qui a retenue mon attention,
je viens de télécharger adxcleaner et fait un scan dont voici le résultat

Capture.JPG

je ne sais pas si je vais faire les choses correctement
maintenant je ne sais plus quoi faire
merci pour votre aide

[angelique]

adwcleaner a supprimé des trucs , tu as toujours le meme souçis ?

[maryvonne44]

bonjour et merci de m'avoir répondu
non je n'ai pas résolu mon problème malgré adwcleaner et malwarebytes anti malware
j'ai toujours plein de pu qui s'affichent et certains mots en vert soulignés deux fois
je ne sais plus quoi faire

[angelique]

1. Télécharge sur ton Bureau pas ailleurs FRST.EXE:
   
   
   
   La page de téléchargement : http://www.bleepingcomputer.com/downloa ... scan-tool/
   Le téléchargement se fait à partir des boutons bleus Download – choisissez la version 32 ou 64 bits selon l’architecture de votre système.
   (Au pire si vous êtes en 64 bits et que vous prenez la version 32 bits, vous aurez un message disant que cette version ne peux fonctionner – cela n’endommage pas le système).
   
   !! Placez le programme sur le bureau et pas ailleurs!!
2. Execute FRST.EXE, accepte le disclaimer , Cochez tous les options et cliquez sur le bouton Scan.
   Le scan se lance, les éléments scannés apparaissent en haut.
3. Une fois le scan terminé, une popup vous le signale et deux rapports sont générés : FRST.txt et Addition.txt ( Ces deux rapports se trouvent sur le bureau avec le programme FRST. )
   
   
   Utilise le site http://pjjoint.malekal.com/ pour envoyer ton rapport, et poste le lien dans ta prochaine réponse pour analyse.
   
   

[maryvonne44]

voici le rapport
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2014
Ran by duret maryvonne at 2014-08-09 12:14:33
Running from C:\Users\duret maryvonne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Activeris AntiMalware (HKLM-x32\...\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1) (Version: 1.0.0.1 - Activeris) <==== ATTENTION
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Allmyapps (HKCU\...\Allmyapps) (Version: 2.0.0.24 - Allmyapps)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.4.595.10 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Nom de votre société) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bing Bureau (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Conseiller de mise à niveau vers Windows 7 (HKLM-x32\...\{9D10CB57-B085-44c3-B435-2D193BA153F0}) (Version: 2.0.5000.0 - Microsoft Corporation)
EZ Software Updater version 1.2.0.3 (HKLM-x32\...\EZ Software Updater_is1) (Version: 1.2.0.3 - )
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{4E484899-4F93-4086-88BA-56BDDF47A776}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (FRA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 15.0.4605.1003 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Module de compatibilité pour Microsoft Office System 2007 (HKLM-x32\...\{90120000-0020-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
PhotoFiltre Studio X (HKCU\...\PhotoFiltre Studio X) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Rapport (x32 Version: 3.5.1307.76 - Trusteer) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
Right Backup (HKLM-x32\...\980124D4-3D52-4c2d-AD41-9E90BDF4C031_Systweak_Ri~01F2B2E8_is1) (Version: 2.1.1000.3797 - Systweak Software)
Security & Shopping Advisor (HKLM-x32\...\SecurityAndShoppingAdvisor) (Version: 1.0 - )
Trusteer Sécurité des points d'accès (HKLM-x32\...\Rapport_msi) (Version: 3.5.1307.76 - Trusteer)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}) (Version: 17.0.10381 - WinZip Computing, S.L. )
Yet Another Cleaner! (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2902207236-2111667116-648188888-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-2902207236-2111667116-648188888-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\duret maryvonne\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2902207236-2111667116-648188888-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\duret maryvonne\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2902207236-2111667116-648188888-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\duret maryvonne\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2902207236-2111667116-648188888-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\duret maryvonne\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2902207236-2111667116-648188888-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\duret maryvonne\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2902207236-2111667116-648188888-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\duret maryvonne\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2902207236-2111667116-648188888-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\duret maryvonne\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2902207236-2111667116-648188888-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\duret maryvonne\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2902207236-2111667116-648188888-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\duret maryvonne\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

04-08-2014 22:45:20 Opération de restauration

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-04-21 12:18 - 00008953 ____A C:\Windows\system32\Drivers\etc\hosts
216.239.32.20 google.com www.google.com
216.239.32.20 google.com www.google.ad
216.239.32.20 google.com www.google.ae
216.239.32.20 google.com www.google.com.af
216.239.32.20 google.com www.google.com.ag
216.239.32.20 google.com www.google.com.ai
216.239.32.20 google.com www.google.al
216.239.32.20 google.com www.google.am
216.239.32.20 google.com www.google.co.ao
216.239.32.20 google.com www.google.com.ar
216.239.32.20 google.com www.google.as
216.239.32.20 google.com www.google.at
216.239.32.20 google.com www.google.com.au
216.239.32.20 google.com www.google.az
216.239.32.20 google.com www.google.ba
216.239.32.20 google.com www.google.com.bd
216.239.32.20 google.com www.google.be
216.239.32.20 google.com www.google.bf
216.239.32.20 google.com www.google.bg
216.239.32.20 google.com www.google.com.bh
216.239.32.20 google.com www.google.bi
216.239.32.20 google.com www.google.bj
216.239.32.20 google.com www.google.com.bn
216.239.32.20 google.com www.google.com.bo
216.239.32.20 google.com www.google.com.br
216.239.32.20 google.com www.google.bs
216.239.32.20 google.com www.google.bt
216.239.32.20 google.com www.google.co.bw
216.239.32.20 google.com www.google.by

There are 162 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {056936F9-5C7E-4B24-93DD-E7211B27463C} - System32\Tasks\{9107E6F0-1335-46DC-9B5F-4FAF12F6FF0F} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Task: {0AABB922-F359-4A75-B987-39AFCCA1D3B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {19191C0C-2B01-41B9-9173-F1F473FD0830} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe
Task: {1DABD9AB-3678-4EA8-B316-747E58E6C650} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-15] ()
Task: {2544C0A3-89B3-435E-B6C9-23C9803FF425} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2A998B88-6004-4014-AB7B-5BA8603D04F9} - System32\Tasks\Google Updater and Installer => C:\Users\duret maryvonne\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {30E0216A-6E0F-465A-B5F6-CBE67C1B1BBF} - System32\Tasks\WindApp Update => C:\Users\duret maryvonne\AppData\Roaming\Store\WindApp\WindApp Update.exe [2014-07-24] (Nosibay)
Task: {49C6ACEC-56F1-4478-8A1B-D15F4E57D124} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {58B83DE2-F468-4DF1-B7A6-38D04ECD62E4} - System32\Tasks\Programme de mise à jour en ligne de Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {5C0E1242-FF88-48D4-8B4B-9E4E8210D61E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)
Task: {601AF331-593F-4395-8720-BA276DFE6801} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-17] (AVAST Software)
Task: {660EB2F9-9B95-400E-B2E8-126E5E5BA205} - System32\Tasks\{A0A64087-A93E-4AE1-A642-C7E5C3D68F6E} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Task: {71B84746-B463-4344-8EFF-15FDA3A17211} - System32\Tasks\{AE852D65-8348-4D0C-B434-5D4A5AEEE1BF} => C:\Program Files (x86)\LMSOFT\Web Creator Pro 6\WebCreatorPro6.exe [2012-04-18] (LMSOFT)
Task: {7240AF36-F43D-4D7B-98B4-DFF675096BBF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {7E45AFA1-633F-4C12-A73E-2F2746F285ED} - System32\Tasks\{D6814285-C806-482F-BEA2-1A02A6EE3074} => Firefox.exe
Task: {868610D3-77A7-4954-8138-C400195F6865} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation)
Task: {87D90C3E-148D-41C1-B264-86C593F2C098} - \Programme de mise à jour en ligne de HP. No Task File <==== ATTENTION
Task: {8AF0737E-ED4C-45AE-A8FA-D05189851E50} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {8C7A38E3-A6CD-45FC-9252-D8569C6DF85B} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: {8E88399B-8D63-49D7-A286-246FC0E4334E} - System32\Tasks\SetupManager => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe [2011-06-21] (Microsoft)
Task: {9C4EA1CB-CE4E-4421-8E6C-EED38C8C9F8A} - System32\Tasks\{6AB68641-5121-4326-9B6B-80CB5A94A6E5} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Task: {A4E8399D-FB7B-4787-AAC7-C7FD453874C6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-04-20] (Microsoft Corporation)
Task: {AC881E25-A4CA-4A36-A745-EE3C8EF9F2EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {AE4B52B3-C8DE-48F8-B403-A61293711CF7} - System32\Tasks\{92451E8C-19EA-4037-973B-01D81EAE342C} => C:\Program Files (x86)\Mindscape\LMSOFT Web Creator 5\WebCreator5.exe [2009-06-06] (LMSOFT)
Task: {B4CEA112-D357-4767-8C48-642FA2286FD1} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WBrowserDirect.exe
Task: {B8A101F5-1B4C-43A7-8FB0-A7BA7552C084} - System32\Tasks\{DD153CF4-CCE6-46D8-AE56-703849BAB6DE} => C:\Program Files (x86)\Mindscape\LMSOFT Web Creator 5\WebCreator5.exe [2009-06-06] (LMSOFT)
Task: {C44DE549-B402-4790-8664-5C984DC0C983} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {D202BBD0-725E-4275-87D4-E0D0312C0EC2} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {F03A8D27-F197-40BB-831A-A3F84BC9508E} - System32\Tasks\{43816A4A-3C39-4731-A980-EE9CBDA82366} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Task: {F76DB88A-2956-4902-92E9-44E5019A09B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {FA3FFF3E-99C5-43D2-9A15-53BB363A6CC0} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2011-12-14] (TuneUp Software)
Task: {FD477777-9B57-462C-8581-09B05F6819A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-04-20 16:12 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-04-20 16:12 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-08-05 17:44 - 2014-07-17 11:52 - 00220672 _____ () C:\Program Files (x86)\EZ Software Updater\EZ Software Updater.exe
2014-07-30 13:17 - 2014-07-30 13:17 - 02845792 _____ () C:\Program Files (x86)\SecurityAndShoppingAdvisor\SASAService.exe
2014-07-30 13:17 - 2014-07-30 13:17 - 00204384 _____ () C:\Program Files (x86)\SecurityAndShoppingAdvisor\HttpsProxy.exe
2014-08-05 00:22 - 2014-08-05 00:22 - 00108128 ____R () C:\Program Files (x86)\SecurityAndShoppingAdvisor\SASAServiceHelper.exe
2014-07-18 20:03 - 2014-07-16 11:34 - 02228896 ____N () C:\Program Files (x86)\iSafe\ipcdl.exe
2013-09-05 12:10 - 2014-05-31 18:17 - 01404120 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
2014-04-27 09:18 - 2014-07-16 11:34 - 00065696 ____N () C:\Program Files (x86)\iSafe\zlib1.dll
2014-04-27 09:18 - 2014-07-16 11:34 - 00092320 ____N () C:\Program Files (x86)\iSafe\curlpp.dll
2014-07-18 20:03 - 2014-07-16 11:34 - 00427168 ____N () C:\Program Files (x86)\iSafe\ipcproxy.dll
2014-04-27 09:18 - 2014-07-09 14:48 - 00176976 ____N () C:\Program Files (x86)\iSafe\tws\unrar.dll
2014-04-27 09:18 - 2014-07-09 14:48 - 00068432 ____N () C:\Program Files (x86)\iSafe\tws\zlib1.dll
2014-04-27 09:18 - 2014-07-09 14:48 - 00087744 ____N () C:\Program Files (x86)\iSafe\tws\unacev2.dll
2014-07-17 11:59 - 2014-07-17 11:59 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-08 21:08 - 2014-08-08 21:08 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080801\algo.dll
2014-08-09 10:24 - 2014-08-09 10:24 - 02795520 _____ () C:\Program Files\AVAST Software\Avast\defs\14080900\algo.dll
2014-04-27 09:18 - 2014-07-16 11:34 - 00185640 ____N () C:\Program Files (x86)\iSafe\libpng.dll
2011-06-01 06:38 - 2011-06-01 06:38 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraFra.dll
2014-07-17 11:59 - 2014-07-17 11:59 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-30 13:23 - 2014-03-15 02:50 - 00051016 _____ () C:\Users\duret maryvonne\AppData\Local\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2012-01-08 15:41 - 2012-01-08 15:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-03-30 13:23 - 2014-03-15 02:50 - 00716616 _____ () C:\Users\duret maryvonne\AppData\Local\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-30 13:23 - 2014-03-15 02:50 - 00100168 _____ () C:\Users\duret maryvonne\AppData\Local\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-30 13:23 - 2014-03-15 02:50 - 04061000 _____ () C:\Users\duret maryvonne\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-30 13:23 - 2014-03-15 02:50 - 00394568 _____ () C:\Users\duret maryvonne\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-30 13:23 - 2014-03-15 02:50 - 01647432 _____ () C:\Users\duret maryvonne\AppData\Local\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-30 13:23 - 2014-03-15 02:50 - 13637448 _____ () C:\Users\duret maryvonne\AppData\Local\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:AD022376

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: WSearch => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Allmyapps => "C:\Users\duret maryvonne\AppData\Roaming\Allmyapps\Allmyapps.exe" startup
MSCONFIG\startupreg: Allmyapps Update => "C:\Users\duret maryvonne\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe" check startup
MSCONFIG\startupreg: Boxore Client => C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: PC Speed Maximizer => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: ROC_ROC_NT => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

==================== Faulty Device Manager Devices =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2014 00:25:55 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2143485936

Error: (08/08/2014 00:25:55 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {5CBF0B62-CCE9-4B49-85AD-6A413D6BAED6}

Error: (08/08/2014 00:25:54 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {5CBF0B62-CCE9-4B49-85AD-6A413D6BAED6}

Error: (08/08/2014 00:16:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante rundll32.exe, version : 6.1.7600.16385, horodatage : 0x4a5bc637
Nom du module défaillant : EZ Software Updater.dll, version : 1.2.0.3, horodatage : 0x53c78ec5
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0001fb0a
ID du processus défaillant : 0x964
Heure de début de l’application défaillante : 0xrundll32.exe0
Chemin d’accès de l’application défaillante : rundll32.exe1
Chemin d’accès du module défaillant: rundll32.exe2
ID de rapport : rundll32.exe3

Error: (08/08/2014 11:58:34 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Une erreur non spécifiée s’est produite au cours de la restauration du système : (Opération de restauration). Informations supplémentaires : 0x80070005.

Error: (08/08/2014 11:49:06 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Une erreur non spécifiée s’est produite au cours de la restauration du système : (Opération de restauration). Informations supplémentaires : 0x80070005.

Error: (08/08/2014 11:41:34 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Une erreur non spécifiée s’est produite au cours de la restauration du système : (Opération de restauration). Informations supplémentaires : 0x80070005.

Error: (08/08/2014 10:15:09 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: La création du contexte d’activation a échoué pour « 1 ». Erreur dans le fichier de manifeste ou de stratégie « 2 » à la ligne 3.
L’élément racine du fichier manifeste doit être assembly.

Error: (08/08/2014 08:45:59 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2143485936

Error: (08/08/2014 08:45:59 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {B45763F2-B73B-42A6-A3F5-A8596ACBCF39}


System errors:
=============
Error: (08/08/2014 05:16:01 PM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: L’alerte fatale suivante a été générée : 10. L’état d’erreur interne est 10.

Error: (08/08/2014 00:38:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Update ToggleMark n’a pas pu démarrer en raison de l’erreur :
%%2

Error: (08/08/2014 00:38:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service NewPlayer Updater Service n’a pas pu démarrer en raison de l’erreur :
%%2

Error: (08/08/2014 00:37:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Computer Backup (MyPC Backup) n’a pas pu démarrer en raison de l’erreur :
%%1053

Error: (08/08/2014 00:37:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Computer Backup (MyPC Backup).

Error: (08/08/2014 11:58:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Update ToggleMark n’a pas pu démarrer en raison de l’erreur :
%%2

Error: (08/08/2014 11:58:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service NewPlayer Updater Service n’a pas pu démarrer en raison de l’erreur :
%%2

Error: (08/08/2014 11:58:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Computer Backup (MyPC Backup) n’a pas pu démarrer en raison de l’erreur :
%%1053

Error: (08/08/2014 11:58:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Computer Backup (MyPC Backup).

Error: (08/08/2014 11:48:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Update ToggleMark n’a pas pu démarrer en raison de l’erreur :
%%2


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 4076.84 MB
Available physical RAM: 2050.46 MB
Total Pagefile: 8151.87 MB
Available Pagefile: 5751.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.74 GB) (Free:858.16 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.67 GB) (Free:1.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1DF5DC3A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[maryvonne44]

voici le lien pour la suite
http://pjjoint.malekal.com/files.php?id ... 2t13t10q14

[angelique]

y'a 2 fois extra.txt , manque otl.txt

telecharge déja rsthosts là > https://toolslib.net/downloads/viewdown ... -rsthosts/ sur ton bureau , execute le clic droit en tant qu'administrateur et clic restaurer.

[maryvonne44]

-|x| RstHosts v2.0 - Rapport créé le 10/08/2014 à 09:19:10
-|x| Système d'exploitation : Windows 7 Ultimate (64 bits)
-|x| Nom d'utilisateur : duret maryvonne - DURETMARYVONNE (Administrateur)

-|x|- Informations -|x|-

Emplacement : C:\Windows\System32\drivers\etc\hosts
Attribut(s) : RASH
voici le rapport
Propriétaire : Administrateurs - BUILTIN
Taille : 89 bytes
Date de création : 14/07/2009 - 04:34:48
Date de modification : 10/08/2014 - 09:19:03
Date de dernier accès : 10/08/2014 - 09:19:03

-|x|- Contenu du fichier -|x|-

# Fichier Hosts créé par RstHosts

127.0.0.1 localhost
::1 localhost

-|x|- E.O.F - C:\RstHosts.txt - 623 bytes -|x|-

[maryvonne44]

je viens de le refaire et voici le rapport

Users shortcut scan result (x64) Version: 09-08-2014 01
Ran by duret maryvonne at 2014-08-10 09:22:19
Running from C:\Users\duret maryvonne\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Centre de solutions HP.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conseiller de mise à niveau vers Windows 7.lnk -> C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint.lnk -> C:\Program Files (x86)\Cyberlink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go.lnk -> C:\Program Files (x86)\Cyberlink\Power2Go\Power2Go.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garantie.lnk -> C:\SWSETUP\HP Documentation\Warranty\Warranty.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk -> C:\Program Files (x86)\MusicStation\MusicStation.exe (Omnifone Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\Integrator.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Mesh.lnk -> C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Aide de TuneUp Utilities.lnk -> C:\ProgramData\TuneUp Software\TuneUp Utilities 2012\fr-FR\main_vista_7.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\TuneUp Utilities 2012.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\Integrator.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\Mode économie TuneUp.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\EnergyOptimizer.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Disk Doctor.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\DiskDoctor.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Disk Space Explorer.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\DiskExplorer.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Drive Defrag.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\DriveDefrag.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Maintenance en 1 clic.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Process Manager.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\ProcessManager.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Program Deactivator.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\ProgramDeactivator.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Rapport d'optimisation.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\Report.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Registry Cleaner.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\RegistryCleaner.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Registry Defrag.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\RegistryDefrag.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Registry Editor.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\RegistryEditor.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Repair Wizard.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\RepairWizard.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Rescue Center.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\RescueCenter.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Setting Center.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\SettingCenter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Shortcut Cleaner.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\ShortcutCleaner.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Shredder.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\Shredder.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp StartUp Manager.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\StartUpManager.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp StartUp Optimizer.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\StartupOptimizer.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Styler.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\Styler.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp System Control.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\SystemControl.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp System Information.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\SystemInformation.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Undelete.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\Undelete.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Uninstall Manager.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\UninstallManager.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012\Toutes les fonctions\TuneUp Update Wizard.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\UpdateWizard.exe (TuneUp Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\TomTom HOME 2.lnk -> C:\Windows\Installer\{EC5F4C1B-F838-4CB7-8561-8F809296428B}\NewShortcut1_BB5D96B1D05B428EBAD4A437B7244768.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager\Recovery Disc Creation.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\CDCreator.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager\Recovery Manager.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\HP LinkUp\Help.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HelpManual.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\HP LinkUp\HP LinkUp Viewer.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X\Désinstaller PhotoFiltre Studio X.lnk -> C:\Program Files (x86)\PhotoFiltre Studio X\Uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X\Informations sur PhotoFiltre Studio.lnk -> C:\Program Files (x86)\PhotoFiltre Studio X\PhotoFiltre Studio.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X\Informations sur PhotoMasque.lnk -> C:\Program Files (x86)\PhotoFiltre Studio X\PhotoMasque.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X\PhotoFiltre Studio X.lnk -> C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe (Antonio Da Cruz)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\HP support information.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Information\HPSysInfo.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\HP Vision Diagnostics Disc Creation.lnk -> C:\Program Files\Hewlett-Packard\HP Vision Hardware Diagnostics\DiscCreation\disccreation.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Envoyer à OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outils Office 2013\Centre de téléchargement Office 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outils Office 2013\Préférences linguistiques d’Office 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics\Microsoft Mathematics.lnk -> C:\Program Files (x86)\Microsoft Mathematics\MathApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Désinstaller Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Manuels de l'utilisateur\Fiche technique.lnk -> C:\SWSETUP\HP Documentation\Common\OPS\624353-SJ2.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Manuels de l'utilisateur\Informations sur la sécurité et lesréglementations.lnk -> C:\SWSETUP\HP Documentation\FR\SRI\418213-455.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Manuels de l'utilisateur\Mise en route.lnk -> C:\SWSETUP\HP Documentation\FR\GSG\517215-055.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Manuels de l'utilisateur\Sécurité et ergonomie du poste de travail.lnk -> C:\SWSETUP\HP Documentation\FR\SCG\417893-053.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\hpDST.lnk -> C:\Program Files (x86)\Hewlett-Packard\Setup Manager\hpDST.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Centre de solutions HP.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\Hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk -> C:\Program Files (x86)\Hp\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Prem C310 series\Lisez-moi.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\help\PS_AIO_07_C310_readme\readme.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Prem C310 series\Site Web d'assistance produit.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\HP Photosmart Prem C310 series\help\HP Product Support Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Smart Web Printing\Aide sur l'HP Smart Web Printing.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\Help\hpsmartprint.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers\PressReader.lnk -> C:\Program Files (x86)\NewspaperDirect\PressReader\PressReader.exe (NewspaperDirect)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast! Internet Security.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Hewlett-Packard\Recovery\Links\RM.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink)
Shortcut: C:\Users\Default\Links\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\duret maryvonne\Desktop\Mes documents -.lnk -> C:\Users\duret maryvonne\Documents ()
Shortcut: C:\Users\duret maryvonne\Desktop\Mes images -.lnk -> C:\Users\duret maryvonne\Pictures ()
Shortcut: C:\Users\duret maryvonne\Desktop\PhotoFiltre Studio X.lnk -> C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe (Antonio Da Cruz)
Shortcut: C:\Users\duret maryvonne\AppData\Roaming\TuneUp Software\TU2012\StartUp Manager\Objets désactivés\MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (No File)
Shortcut: C:\Users\duret maryvonne\AppData\Roaming\newfolder3\newfolder4\newfolder5\NewShortcut3.lnk -> C:\Program Files (x86)\MusicStation\MusicStation.exe (Omnifone Ltd)
Shortcut: C:\Users\duret maryvonne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\duret maryvonne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Farbar Recovery Scan Tool.lnk -> C:\Users\duret maryvonne\Downloads\FRST64.exe (Farbar)
Shortcut: C:\Users\duret maryvonne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MusicStation.lnk -> C:\Program Files (x86)\MusicStation\MusicStation.exe (Omnifone Ltd)
Shortcut: C:\Users\duret maryvonne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\duret maryvonne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\avast! Internet Security.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk -> C:\Program Files (x86)\TuneUp Utilities 2012\Integrator.exe (TuneUp Software)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\Snapfish.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.snapfish.com/hp_desktop_desktopicon_2011_fr

[angelique]

c'est OTL.TXT qu'il faut poster !

[maryvonne44]

OTL logfile created on: 8/10/2014 2:31:41 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\duret maryvonne\Documents
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3.98 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 48.22% Memory free
7.96 Gb Paging File | 5.00 Gb Available in Paging File | 62.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.74 Gb Total Space | 857.29 Gb Free Space | 93.31% Space Free | Partition Type: NTFS
Drive D: | 12.67 Gb Total Space | 1.55 Gb Free Space | 12.22% Space Free | Partition Type: NTFS

Computer Name: DURETMARYVONNE | User Name: duret maryvonne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\duret maryvonne\Documents\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files (x86)\SecurityAndShoppingAdvisor\SASAServiceHelper.exe ()
PRC - C:\Program Files (x86)\SecurityAndShoppingAdvisor\HttpsProxy.exe ()
PRC - C:\Program Files (x86)\SecurityAndShoppingAdvisor\SASAService.exe ()
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Program Files (x86)\EZ Software Updater\EZ Software Updater.exe ()
PRC - C:\Program Files (x86)\iSafe\iSafeTray.exe (Elex do Brasil Participações Ltda)
PRC - C:\Program Files (x86)\iSafe\iSafeSvc2.exe (Elex do Brasil Participações Ltda)
PRC - C:\Program Files (x86)\iSafe\ipcdl.exe ()
PRC - C:\Program Files (x86)\iSafe\iSafeSvc.exe (Elex do Brasil Participações Ltda)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\AVAST Software\Avast\aswProperty.dll ()
MOD - C:\Program Files (x86)\iSafe\curlpp.dll ()
MOD - C:\Program Files (x86)\iSafe\libpng.dll ()
MOD - C:\Program Files (x86)\iSafe\zlib1.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (ReimageRealTimeProtector) -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe File not found
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (ftpsvc) -- C:\Windows\SysNative\inetsrv\ftpsvc.dll (Microsoft Corporation)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (LPDSVC) -- C:\Windows\SysNative\lpdsvc.dll (Microsoft Corporation)
SRV - (SASAService) -- C:\Program Files (x86)\SecurityAndShoppingAdvisor\SASAService.exe ()
SRV - (EZ Software Updater) -- C:\Program Files (x86)\EZ Software Updater\EZ Software Updater.exe ()
SRV - (iSafeService) -- C:\Program Files (x86)\iSafe\iSafeSvc.exe (Elex do Brasil Participações Ltda)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (RapportMgmtService) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswsp.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswstm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswNdisFlt) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys (AVAST Software)
DRV:64bit: - (iSafeKrnlBoot) -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys (Elex do Brasil Participações Ltda)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (RapportKE64) -- C:\Windows\SysNative\drivers\RapportKE64.sys (Trusteer Ltd.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (iSafeKrnlKit) -- C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnl) -- C:\Program Files (x86)\iSafe\iSafeKrnl.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnlR3) -- C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeNetFilter) -- C:\Program Files (x86)\iSafe\iSafeNetFilter.sys (Elex do Brasil Participações Ltda)
DRV - (RapportCerberus_68261) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_68261.sys ()
DRV - (RapportPG64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys (Trusteer Ltd.)
DRV - (RapportEI64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys (Trusteer Ltd.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE:64bit: - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://fr.search.yahoo.com/search?p={se ... ype=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://fr.wikipedia.org/wiki/Special:Se ... earchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/709-11107 ... earchTerms}
IE:64bit: - HKLM\..\SearchScopes\{E791D476-BEF7-499F-B482-425B3EDC4045}: "URL" = http://www.amazon.fr/s/ref=azs_osd_ieaf ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKCU\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE - HKCU\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:9880;https=127.0.0.1:9880

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..extensions.enabledAddons: [email protected]:1.20.00
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.6.0.3
FF - prefs.js..extensions.enabledAddons: {3bbd3c14-4c16-4989-8366-95bc9179779d}:10.10.27.6
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.order.3: "Bing "
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\duret maryvonne\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\duret maryvonne\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/19 18:56:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/07/17 11:59:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/19 18:56:27 | 000,000,000 | ---D | M]

[2013/04/30 16:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\duret maryvonne\AppData\Roaming\mozilla\Extensions
[2013/04/30 16:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\duret maryvonne\AppData\Roaming\mozilla\Extensions\[email protected]
[2014/08/08 23:49:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\duret maryvonne\AppData\Roaming\mozilla\Firefox\Profiles\d8eupd8m.default\extensions
[2014/07/15 23:43:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\duret maryvonne\AppData\Roaming\mozilla\Firefox\Profiles\d8eupd8m.default\extensions\staged
[2012/08/28 00:04:31 | 000,341,143 | ---- | M] () (No name found) -- C:\Users\duret maryvonne\AppData\Roaming\mozilla\firefox\profiles\d8eupd8m.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2012/07/26 07:52:42 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\duret maryvonne\AppData\Roaming\mozilla\firefox\profiles\d8eupd8m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\duret maryvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\duret maryvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\duret maryvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Recherche Google = C:\Users\duret maryvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\duret maryvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
CHR - Extension: Google Wallet = C:\Users\duret maryvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_3\
CHR - Extension: Gmail = C:\Users\duret maryvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/08/10 09:19:03 | 000,000,089 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (HP Smart Print BHO) - {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll (Hewlett-Packard)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D6DEE8D-D55C-478F-A393-850685BE1F8A}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\freesofttoday_widget.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\languageselect.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\reimagerepair.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\reimagesafemode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\rightbackup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\freesofttoday_widget.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\languageselect.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\reimagerepair.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\reimagesafemode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\rightbackup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6e57b210-5d42-11e2-be8b-2c413895d151}\Shell - "" = AutoRun
O33 - MountPoints2\{6e57b210-5d42-11e2-be8b-2c413895d151}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/08/10 09:32:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\duret maryvonne\Documents\OTL.exe
[2014/08/10 00:27:55 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\Documents\TomTom
[2014/08/09 19:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/08/09 12:13:41 | 000,000,000 | ---D | C] -- C:\FRST
[2014/08/08 23:34:29 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/08 23:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/08 23:34:04 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/08/08 23:34:04 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/08/08 23:34:04 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/08/08 23:34:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/08/08 23:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/08 22:02:27 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\AppData\Roaming\isafe
[2014/08/08 21:58:29 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/08/08 21:56:56 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/08 12:15:39 | 000,000,000 | ---D | C] -- C:\32811b36-031c-4dee-ab10-896e77ae7312
[2014/08/05 23:13:02 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\Documents\Modèles Office personnalisés
[2014/08/05 17:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EZ Software Updater
[2014/08/05 17:43:57 | 000,000,000 | ---D | C] -- C:\b333dd53-f410-4c0c-81ca-e2c192b1d4d3
[2014/08/05 16:36:55 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\AppData\Roaming\Shortcut
[2014/08/05 00:22:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecurityAndShoppingAdvisor
[2014/08/04 19:37:46 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/08/04 19:37:46 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/08/04 19:37:46 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/08/04 19:37:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/08/04 19:29:43 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\AppData\Roaming\Store
[2014/08/03 23:36:25 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/03 23:36:25 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/03 23:36:25 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/08/03 23:36:17 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/03 23:36:17 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/08/03 23:36:16 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/03 23:36:16 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/03 23:36:16 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/03 23:36:16 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/08/03 23:36:08 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/03 23:36:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/03 23:36:07 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/03 23:36:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/07/29 01:06:36 | 000,000,000 | ---D | C] -- C:\Symbols
[2014/07/26 09:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Reimage Protector
[2014/07/26 09:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
[2014/07/26 09:28:41 | 000,000,000 | ---D | C] -- C:\rei
[2014/07/17 12:22:24 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\AppData\Roaming\DropboxMaster
[2014/07/17 12:18:58 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\AppData\Roaming\Dropbox
[2014/07/17 11:59:53 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/07/17 11:59:39 | 000,448,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2014/07/15 23:45:02 | 000,050,464 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/07/15 23:43:25 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\AppData\Local\Packages
[2014/07/15 23:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\28436a46ee8b54ca
[2014/07/15 23:43:07 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\AppData\Local\Comodo
[2014/07/12 18:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
[2014/07/12 09:42:02 | 000,000,000 | -HSD | C] -- C:\Users\duret maryvonne\AppData\Local\EmieUserList
[2014/07/12 09:42:01 | 000,000,000 | -HSD | C] -- C:\Users\duret maryvonne\AppData\Local\EmieSiteList
[2014/07/12 09:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/07/12 09:40:42 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\AppData\Roaming\library_dir
[2014/07/12 09:37:30 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\AppData\Roaming\Raptr
[2014/07/12 09:37:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr
[2014/07/12 09:36:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014/07/12 09:36:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014/07/12 09:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014/07/12 09:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014/07/12 09:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014/07/12 09:32:40 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\ATI.ACE
[2014/07/12 09:32:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/07/12 09:29:42 | 000,000,000 | ---D | C] -- C:\AMD
[2014/07/12 09:24:07 | 000,000,000 | ---D | C] -- C:\MFT 10771
[2014/07/12 09:23:47 | 000,000,000 | ---D | C] -- C:\MFT 628
[2014/07/12 09:23:47 | 000,000,000 | ---D | C] -- C:\MFT 3544
[2014/07/12 09:23:47 | 000,000,000 | ---D | C] -- C:\MFT 3525
[2014/07/12 09:23:47 | 000,000,000 | ---D | C] -- C:\MFT 2557
[2014/07/12 09:23:47 | 000,000,000 | ---D | C] -- C:\MFT 1889
[2014/07/12 09:23:47 | 000,000,000 | ---D | C] -- C:\MFT 1180
[2014/07/12 09:23:38 | 000,000,000 | ---D | C] -- C:\MFT 1971
[2014/07/12 09:23:37 | 000,000,000 | ---D | C] -- C:\MFT 1502
[2014/07/12 09:22:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SMI
[2014/07/12 08:11:54 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[9 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Users\duret maryvonne\AppData\Local\*.tmp files -> C:\Users\duret maryvonne\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/08/10 14:29:09 | 000,353,632 | ---- | M] () -- C:\Users\duret maryvonne\Documents\rsthosts_2.0 (1).exe
[2014/08/10 14:25:14 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/08/10 14:25:11 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/10 12:53:20 | 000,078,264 | ---- | M] () -- C:\Users\duret maryvonne\Documents\10418910_10204193084125457_13329417673984427_n.jpg
[2014/08/10 10:15:29 | 000,067,765 | ---- | M] () -- C:\Users\duret maryvonne\Documents\10525922_10204192525791499_8523868861450131728_n.jpg
[2014/08/10 09:37:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/08/10 09:32:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\duret maryvonne\Documents\OTL.exe
[2014/08/10 09:26:47 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/10 09:19:03 | 000,000,089 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/08/10 09:18:48 | 000,353,632 | ---- | M] () -- C:\Users\duret maryvonne\Documents\rsthosts_2.0.exe
[2014/08/10 08:50:17 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/10 08:50:17 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/10 08:48:50 | 001,844,938 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/10 08:48:50 | 000,815,808 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014/08/10 08:48:50 | 000,712,618 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/10 08:48:50 | 000,175,724 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014/08/10 08:48:50 | 000,142,054 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/10 08:42:13 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/10 08:42:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/10 08:41:55 | 3206,160,384 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/09 20:11:12 | 000,002,279 | ---- | M] () -- C:\Users\duret maryvonne\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/08/09 20:03:47 | 000,196,608 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2014/08/09 20:01:57 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/08 23:34:08 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/08 12:39:51 | 000,427,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/08/06 20:16:04 | 000,100,989 | ---- | M] () -- C:\Users\duret maryvonne\Documents\jeena.jpg
[2014/08/05 00:34:16 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Number of results
[2014/07/28 17:05:00 | 000,231,655 | ---- | M] () -- C:\Windows\hpoins49.dat
[2014/07/27 07:52:46 | 000,003,408 | ---- | M] () -- C:\bootsqm.dat
[2014/07/26 09:31:19 | 000,000,163 | ---- | M] () -- C:\Windows\Reimage.ini
[2014/07/17 12:01:05 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014/07/17 11:59:54 | 001,041,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/07/17 11:59:54 | 000,307,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/07/17 11:59:54 | 000,224,896 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/07/17 11:59:54 | 000,092,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/07/17 11:59:54 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/07/17 11:59:54 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/07/17 11:59:54 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/07/17 11:59:53 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/07/17 11:59:53 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/07/17 11:59:43 | 000,028,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2014/07/17 11:59:39 | 000,448,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2014/07/16 11:39:23 | 000,045,248 | ---- | M] (Elex do Brasil Participações Ltda) -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[2014/07/16 00:01:12 | 000,001,054 | ---- | M] () -- C:\Users\duret maryvonne\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/07/15 23:44:16 | 000,050,464 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/07/15 23:43:08 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/07/14 12:34:34 | 000,000,172 | ---- | M] () -- C:\Windows\msdlibmodule18app.dat
[2014/07/12 22:16:00 | 000,445,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[9 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Users\duret maryvonne\AppData\Local\*.tmp files -> C:\Users\duret maryvonne\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/08/10 14:29:05 | 000,353,632 | ---- | C] () -- C:\Users\duret maryvonne\Documents\rsthosts_2.0 (1).exe
[2014/08/10 12:53:20 | 000,078,264 | ---- | C] () -- C:\Users\duret maryvonne\Documents\10418910_10204193084125457_13329417673984427_n.jpg
[2014/08/10 10:15:28 | 000,067,765 | ---- | C] () -- C:\Users\duret maryvonne\Documents\10525922_10204192525791499_8523868861450131728_n.jpg
[2014/08/10 09:37:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/08/10 09:18:46 | 000,353,632 | ---- | C] () -- C:\Users\duret maryvonne\Documents\rsthosts_2.0.exe
[2014/08/09 19:24:29 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/09 19:19:46 | 000,001,086 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/09 19:19:46 | 000,001,082 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/08 23:34:08 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/06 20:16:01 | 000,100,989 | ---- | C] () -- C:\Users\duret maryvonne\Documents\jeena.jpg
[2014/08/05 00:34:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Number of results
[2014/08/05 00:12:13 | 000,034,376 | ---- | C] () -- C:\Windows\Launcher.exe
[2014/07/27 07:52:46 | 000,003,408 | ---- | C] () -- C:\bootsqm.dat
[2014/07/26 09:27:05 | 000,000,163 | ---- | C] () -- C:\Windows\Reimage.ini
[2014/07/16 00:01:12 | 000,001,054 | ---- | C] () -- C:\Users\duret maryvonne\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/07/15 23:43:08 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/07/14 12:34:34 | 000,000,172 | ---- | C] () -- C:\Windows\msdlibmodule18app.dat
[2014/07/12 18:23:47 | 000,002,129 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conseiller de mise à niveau vers Windows 7.lnk
[2014/04/21 15:34:02 | 000,000,046 | ---- | C] () -- C:\Users\duret maryvonne\AppData\Roaming\WB.CFG
[2014/04/18 04:22:56 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014/04/18 04:22:56 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014/04/18 03:25:52 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/04/18 03:25:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/04/17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014/01/10 12:25:14 | 000,231,840 | ---- | C] () -- C:\Windows\hpoins49.dat.temp
[2012/06/19 19:27:56 | 000,000,000 | -HS- | C] () -- C:\Users\duret maryvonne\.pr_stat_data
[2012/01/19 12:39:17 | 000,000,243 | ---- | C] () -- C:\ProgramData\MusicStation.xml

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:AD022376

< End of report >

[angelique]

• Télécharge à coté de FRST.EXE , PAS AILLEURS !!!!! le fichier fixlist.txt en pièce jointe en bas du message.
  
  Relance FRST et clic sur le bouton fix
  Un redémarrage peut être nécessaire (pas obligatoire).
  Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

[angelique]

me suis gourrée de tool , recommence comme ça :


relançe OTL , Copies et colles le contenue de cette citation ci dessous (en commençant bien à :OTL , les : inclus devant OTL jusqu'à [emptytemp] inclus) dans la partie inférieure d'OTL sous "Personalisation"
et cette fois ci clic CORRECTION

:OTL
SRV:64bit: - (ReimageRealTimeProtector) -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe File not found
SRV - (SASAService) -- C:\Program Files (x86)\SecurityAndShoppingAdvisor\SASAService.exe ()
SRV - (EZ Software Updater) -- C:\Program Files (x86)\EZ Software Updater\EZ Software Updater.exe ()
SRV - (iSafeService) -- C:\Program Files (x86)\iSafe\iSafeSvc.exe (Elex do Brasil Participações Ltda)
DRV:64bit: - (iSafeKrnlBoot) -- C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnlKit) -- C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnl) -- C:\Program Files (x86)\iSafe\iSafeKrnl.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnlR3) -- C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeNetFilter) -- C:\Program Files (x86)\iSafe\iSafeNetFilter.sys (Elex do Brasil Participações Ltda)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:9880;https=127.0.0.1:9880
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
[2014/08/08 22:02:27 | 000,000,000 | ---D | C] -- C:\Users\duret maryvonne\AppData\Roaming\isafe
:files
C:\Program Files (x86)\SecurityAndShoppingAdvisor
C:\Program Files (x86)\EZ Software Updater
C:\Program Files (x86)\iSafe
:commands
[emptytemp]

» Un rapport texte apparrait au redemarrage du pc, poste le