дддддддддд | AdsFix | g3n-h@ckm@n | 25.08.2014.2

ддддд Vista | 7 | 8 | 8.1 - 32/64 bits ддддд - Start 10:04:52 - 29/08/2014

update on : 25/08/2014 | 02.45 by g3n-h@ckm@nЩ
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Boot: Normal boot
[FRBRLOP (Administrator)] - [FR-L-7000405] -  (france [0409])
SID = S-1-5-21-1832937852-2116575123-337272265-788022 || [465242524c4f50]
PC : LENOVO - 2351AJ7 - LENOVO_MT_2351
Bios : LENOVO - 02/14/2013
System : Windows 7 Enterprise (32 bits) Enterprise Service Pack 1
RAM memory = Total (MB) : 3368 | Free (MB) : 654
Pagefile = Total (MB) : 6734 | Free (MB) : 3485
Virtual = Total (MB) : 2097 | Free (MB) : 1932

Registry saved, to restore : Click on Options & Restore the register
Restore files or folders deleted by mistake : Click on Options & Restore Files | Folders, Select an item >> "restore"

дддддддддд | Windows Updates

No windows updates detected !!! 

дддддддддд | Browsers

IE : 9.0.8112.16563     (й Microsoft Corporation. All rights reserved.)
FF : 31.0.0.5310     (йFirefox and Mozilla Developers; available under the MPL 2 license.)
GC : 35.0.1916.114     (Copyright 2012 Google Inc. All rights reserved.)

дддддддддд | Security (atcav : 5)

AV : McAfee VirusScan Enterprise Enabled
AS : Windows Defender Disabled
AM : Malwarebytes' Anti-Malware   (1.0.0.532)     []
FW : McAfee Host Intrusion Prevention Firewall Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Order
AS: Windows Defender [Manual(3)] = Order
FW: Windows FireWall Service [Auto(2)] = Order

дддддддддд | FlashPlayer

ActiveX : 14.0.0.145
Plugin : 14.0.0.145

дддддддддд | Killed processes

1012 | [Owner : SYSTEM |Parent : 788] - (.Lenovo. - ThinkPad Power Management Service.) - (1.65.5.20) = C:\Windows\System32\ibmpmsvc.exe
1548 | [Owner : SYSTEM |Parent : 788] - (.Cisco Systems, Inc. - VPN Agent Service.) - (3.1.4066.0) = C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
1772 | [Owner : SYSTEM |Parent : 1228] - (.Microsoft Corporation - Windows Wireless LAN 802.11 Extensibility Framework.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe
1780 | [Owner : SYSTEM |Parent : 672] - (.Microsoft Corporation - Console Window Host.) - (6.1.7601.18229) = C:\Windows\System32\conhost.exe
1900 | [Owner : SYSTEM |Parent : 788] - (.Microsoft Corporation - Spooler SubSystem App.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe
852 | [Owner : SYSTEM |Parent : 788] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.701.3.3014) = C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
1264 | [Owner : SYSTEM |Parent : 788] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.24) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2008 | [Owner : SYSTEM |Parent : 788] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe
2068 | [Owner : SYSTEM |Parent : 788] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.5.1.2700) = C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
2112 | [Owner : SYSTEM |Parent : 788] - (.Microsoft Corporation - Microsoft Office Click-to-Run.) - (15.0.4623.1001) = C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
2148 | [Owner : SYSTEM |Parent : 788] - (.CrypKey (Canada) Ltd. - CrypKey NT Service.) - (1.0.1.2) = C:\Windows\System32\Crypserv.exe
2220 | [Owner : SYSTEM |Parent : 788] - (. - .) - (0.0.0.0) = C:\Users\frbrlop\AppData\Local\DriverKernelQuick\DriverKernelQuick.exe
2300 | [Owner : SYSTEM |Parent : 788] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (15.1.0.0) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe
2360 | [Owner : SYSTEM |Parent : 788] - (.Hewlett-Packard Company -  .) - (1.0.0.5133) = C:\Program Files\HP\HPBDSService\HPBDSService.exe
2660 | [Owner : SYSTEM |Parent : 788] - (. - DCSHOST.) - (2.0.0.47) = C:\ProgramData\DatacardService\HWDeviceService.exe
2712 | [Owner : SYSTEM |Parent : 788] - (.Intel Corporation - Intelо PROSet Monitoring Service.) - (16.8.22.0) = C:\Windows\System32\IPROSetMonitor.exe
2784 | [Owner : SYSTEM |Parent : 788] - (.iPass, Inc. - iPass Periodic Update Service.) - (8.4.0.2) = C:\Program Files\T-Online Business\Corporate Access\iPassPeriodicUpdateService.exe
2832 | [Owner : SYSTEM |Parent : 788] - (.Lenovo Group Limited - Auto Scroll Start Service.) - (1.1.0.0) = C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
2880 | [Owner : SYSTEM |Parent : 788] - (.IBM Corp - IBM Lotus Notes/Domino.) - (8.5.33.12320) = C:\Program Files\IBM\Lotus\Notes\SUService.exe
2936 | [Owner : SYSTEM |Parent : 788] - (.IBM - wnsd.) - (8.5.33.12320) = C:\Program Files\IBM\Lotus\Notes\nsd.exe
2992 | [Owner : SYSTEM |Parent : 788] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (3.0.2.0) = C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
3468 | [Owner : SYSTEM |Parent : 672] - (.Microsoft Corporation - Console Window Host.) - (6.1.7601.18229) = C:\Windows\System32\conhost.exe
3528 | [Owner : SYSTEM |Parent : 788] - (.IBM Corp - IBM Lotus Notes/Domino.) - (8.5.30.11258) = C:\Program Files\IBM\Lotus\Notes\ntmulti.exe
3684 | [Owner : SYSTEM |Parent : 788] - (.1E - Nomad Branch Service.) - (4.0.100.436) = C:\Program Files\1E\NomadBranch\NomadBranch.exe
3816 | [Owner : SYSTEM |Parent : 788] - (.1E - PXE Lite Server.) - (2.1.0.33) = C:\Program Files\1E\PXE Lite\Server\PXELiteServer.exe
3840 | [Owner : SYSTEM |Parent : 788] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - (15.1.0.0) = C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
3912 | [Owner : SYSTEM |Parent : 788] - (. - .) - (0.0.0.0) = C:\Tivoli\lcf\SecPol\SePol.exe
4020 | [Owner : SYSTEM |Parent : 788] - (.Lenovo Group Limited - On screen display Fn+Fx handler.) - (2.2.1.0) = C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
4044 | [Owner : SYSTEM |Parent : 788] - (. - .) - (5.1.2.1202) = C:\Program Files\IBM\Tivoli\Remote Control\Target\trc_base.exe
2748 | [Owner : SYSTEM |Parent : 788] - (.Ulead Systems, Inc. - ULCDRSvr.) - (1.0.0.5) = C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
2908 | [Owner : SYSTEM |Parent : 788] - (.Intelо Corporation - Intelо PROSet/Wireless Zero Configure Service.) - (15.1.0.2) = C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
1680 | [Owner : SYSTEM |Parent : 788] - (.Microsoft Corporation - CCM Executive.) - (4.0.6487.2000) = C:\Windows\System32\CCM\CcmExec.exe
3260 | [Owner : SYSTEM |Parent : 788] - (.Lenovo Group Limited - Microphone Mute Controll Service for ThinkPad.) - (1.2.0.0) = C:\Program Files\Lenovo\HOTKEY\micmute.exe
4112 | [Owner : SYSTEM |Parent : 788] - (.Lenovo Group Limited - ThinkPad Message Client Loader.) - (1.2.0.0) = C:\Program Files\Lenovo\HOTKEY\tphkload.exe
4156 | [Owner : SYSTEM |Parent : 788] - (.Lenovo - ThinkPadWiFiRadioControl.) - (1.0.10.0) = C:\Program Files\Lenovo\ThinkPad WiFi Radio Control\WiFiRadioControl.exe
5576 | [Owner : SYSTEM |Parent : 920] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe
3672 | [Owner : SYSTEM |Parent : 788] - (.iPass, Inc. - Periodic Update Console.) - (8.4.0.2) = C:\Program Files\T-Online Business\Corporate Access\iPassPeriodicUpdateApp.exe
5232 | [Owner : SYSTEM |Parent : 788] - (.Microsoft Corporation - Microsoft Windows Search Indexer.) - (7.0.7600.16385) = C:\Windows\System32\SearchIndexer.exe
4580 | [Owner : SYSTEM |Parent : 788] - (. - .) - (0.0.0.0) = C:\Windows\System32\ClassDriverKeyboard\ClassDriverKeyboard.exe
1616 | [Owner : FRBRLOP |Parent : 788] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
4000 | [Owner : SYSTEM |Parent : 2832] - (.Lenovo Group Limited - Lenovo Auto Scroll Utility.) - (1.1.1.0) = C:\PROGRA~1\Lenovo\VIRTSCRL\virtscrl.exe
4896 | [Owner : SYSTEM |Parent : 4112] - (.Microsoft Corporation - Windows host process (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe
1632 | [Owner : FRBRLOP |Parent : 4112] - (.Lenovo Group Limited - On screen display drawer.) - (6.7.0.0) = C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
5284 | [Owner : SYSTEM |Parent : 4020] - (.Lenovo Group Limited - NumLock on screen display for ThinkPad.) - (1.3.2.0) = C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
4076 | [Owner : FRBRLOP |Parent : 4932] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17514) = C:\Windows\explorer.exe
5712 | [Owner : FRBRLOP |Parent : 920] - (.Intel Corporation - igfxext Module.) - (8.15.10.2696) = C:\Windows\System32\igfxext.exe
1908 | [Owner : FRBRLOP |Parent : 920] - (.Intel Corporation - igfxsrvc Module.) - (8.15.10.2696) = C:\Windows\System32\igfxsrvc.exe
6380 | [Owner : FRBRLOP |Parent : 4076] - (.Intel Corporation - hkcmd Module.) - (8.15.10.2696) = C:\Windows\System32\hkcmd.exe
6412 | [Owner : FRBRLOP |Parent : 4076] - (.Intel Corporation - persistence Module.) - (8.15.10.2696) = C:\Windows\System32\igfxpers.exe
6428 | [Owner : FRBRLOP |Parent : 4076] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) - (1.0.0.120) = C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
6476 | [Owner : FRBRLOP |Parent : 4076] - (.Realtek Semiconductor - Realtek HD Audio Manager.) - (1.0.0.777) = C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
6548 | [Owner : FRBRLOP |Parent : 4076] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.84) = C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
6664 | [Owner : FRBRLOP |Parent : 4076] - (.Dolby Laboratories Inc. - Dolby Profile Selector.) - (7.2.7000.11) = C:\Program Files\Dolby Advanced Audio v2\pcee4.exe
6732 | [Owner : FRBRLOP |Parent : 4076] - (.Ricoh co.,Ltd. - RCIMGDIR.) - (1.1.0.0) = C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe
6752 | [Owner : FRBRLOP |Parent : 4076] - (.Microsoft Corporation - Windows host process (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe
6776 | [Owner : FRBRLOP |Parent : 4076] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (16.1.1.0) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
6856 | [Owner : FRBRLOP |Parent : 4076] - (.Quest Software, Inc. - .) - (5.0.2.5385) = C:\Windows\System32\SPEnroll.exe
7048 | [Owner : FRBRLOP |Parent : 2220] - (. - .) - (0.0.0.0) = C:\Users\frbrlop\AppData\Local\DriverKernelQuick\DaemonDefaultSnapshot.exe
7152 | [Owner : FRBRLOP |Parent : 4076] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files\HP\HP Software Update\hpwuschd2.exe
7268 | [Owner : FRBRLOP |Parent : 4076] - (.Cisco Systems, Inc. - Cisco AnyConnect User Interface.) - (3.1.4066.0) = C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
7288 | [Owner : FRBRLOP |Parent : 4076] - (.Wondershare - Wondershare Studio.) - (2.1.0.6) = C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
7344 | [Owner : FRBRLOP |Parent : 4076] - (.ALPI - Update Manager for ALPI Softwares.) - (4.2.2.12) = C:\Program Files\ALPI\ALPIUPDATE\AlpiUpdateV4.exe
7360 | [Owner : FRBRLOP |Parent : 4076] - (.Microsoft Corporation - Microsoft Lync.) - (15.0.4623.1000) = C:\Program Files\Microsoft Office 15\root\office15\lync.exe
7468 | [Owner : FRBRLOP |Parent : 6776] - (.Synaptics Incorporated - TouchPad Driver Helper Application.) - (16.1.1.0) = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
7640 | [Owner : FRBRLOP |Parent : 4076] - (.Microsoft Corporation - Sticky Notes.) - (6.1.7600.16385) = C:\Windows\System32\StikyNot.exe
7660 | [Owner : FRBRLOP |Parent : 6900] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (16.1.1.0) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
7720 | [Owner : FRBRLOP |Parent : 4076] - (.Broadcom Corporation. - Bluetooth Tray Application.) - (6.5.1.2700) = C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
7780 | [Owner : FRBRLOP |Parent : 4076] - (.Microsoft Corporation - Notepad.) - (6.1.7600.16385) = C:\Windows\System32\notepad.exe
1368 | [Owner : FRBRLOP |Parent : 6752] - (.Lenovo Group Limited - Power Manager Power Agenda.) - (1.0.0.1) = C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.EXE
2288 | [Owner : LOCAL SERVICE |Parent : 788] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.4902) = C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
3148 | [Owner : SYSTEM |Parent : 788] - (.SAP AG - SAPSetup Automatic Workstation Update Tool.) - (9.0.17.0) = C:\Program Files\SAP\SapSetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
7428 | [Owner : SYSTEM |Parent : 788] - (.Protexis Inc. - PsiService PsiService.) - (3.0.2.15) = C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
10008 | [Owner : FRBRLOP |Parent : 920] - (.Microsoft Corporation - Microsoft Lync.) - (15.0.4619.1000) = C:\Program Files\Microsoft Office 15\root\office15\UcMapi.exe
1596 | [Owner : SYSTEM |Parent : 788] - (.Lenovo. - Doze Mode Service Program.) - (1.1.4.0) = C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
8132 | [Owner : SYSTEM |Parent : 3912] - (.Microsoft Corporation - Microsoft о Windows Based Script Host.) - (5.8.7601.18283) = C:\Windows\System32\wscript.exe
9016 | [Owner : FRBRLOP |Parent : 7404] - (.IBM - SW Metering.) - (1.0.6.15) = C:\Windows\sysWOW64\SWMAgent.exe
8972 | [Owner : SYSTEM |Parent : 8132] - (. - .) - (0.0.0.0) = C:\Tivoli\lcf\SecPol\FileInv.exe
5264 | [Owner : SYSTEM |Parent : 672] - (.Microsoft Corporation - Console Window Host.) - (6.1.7601.18229) = C:\Windows\System32\conhost.exe
9496 | [Owner : FRBRLOP |Parent : 2992] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.0.0.532) = C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
9432 | [Owner : SYSTEM |Parent : 788] - (.Microsoft Corporation - Microsoft Office Click-to-Run.) - (15.0.4623.1001) = C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
9272 | [Owner : SYSTEM |Parent : 788] - (.Cisco Systems, Inc. - VPN Agent Service.) - (3.1.4066.0) = C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
2552 | [Owner : LOCAL SERVICE |Parent : 788] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.4902) = C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

дддддддддд | Services


Stopped service : WinHttpAutoProxysvc
Stopped service : SSDPSRV
Stopped service : DNScache

дддддддддд | Hosts

Hosts : Ok

дддддддддд | SafeBoot


дддддддддд | Register

Deleted successfully : HKLM\SOFTWARE\Classes\BEXHWindObjectBrowser
Deleted successfully : HKLM\SOFTWARE\Classes\com.sap.bi.et.BExOpenSaveServices.OSSaveAsNewResult
Deleted successfully : HKLM\SOFTWARE\Classes\SAP.ToolBar.1
Deleted successfully : HKLM\SOFTWARE\Classes\Record\{11857F0C-CA06-3578-99AA-9ED85836C3D3} : BEXHWindObjectBrowser+JumpTo
Deleted successfully : HKLM\SOFTWARE\Classes\Record\{2E55ABA3-2A50-314A-9E41-E29FED82DBDB} : com.sap.bi.et.BExOpenSaveServices.OSPostProcSaveAsNewResult
Deleted successfully : HKLM\SOFTWARE\Classes\Record\{5FCB4B65-9735-337D-817D-F3B919652CE8} : com.sap.bi.et.analyzer.addin.SelSelectorDeSer_HierSearchResults
Deleted successfully : HKLM\SOFTWARE\Classes\Record\{97A0F8EB-C252-3C4C-A749-5A1C2085E90E} : com.sap.bi.et.BExOpenSaveServices.OSPostProcSaveAsNewResult
Deleted successfully : HKLM\SOFTWARE\Classes\Record\{C14C7A22-7F46-340C-81AD-127A66B4A677} : com.sap.bi.et.analyzer.addin.SelSelectorDeSer_HierSearchResults
Deleted successfully : HKLM\SOFTWARE\Classes\Record\{C82B222E-ECA8-311A-9964-C1A64A6EEB7B} : BEXHWindObjectBrowser+JumpTo
Deleted successfully : HKLM\SOFTWARE\Classes\CLSID\{50E3AAB2-F6C9-3758-B991-896F75EA3DFE} : com.sap.bi.et.BExOpenSaveServices.OSSaveAsNewResult  (CLSID)
Deleted successfully : HKLM\SOFTWARE\Classes\CLSID\{7CAA479B-EFC5-351E-8D66-FC35B5951FEC} : BEXHWindRequestBrowser  (String)
Deleted successfully : HKLM\SOFTWARE\Classes\CLSID\{7EDE4368-1EAA-3D0F-93E7-E93D7C28A9CC} : BEXHWindRequestBrowser  (String)
Deleted successfully : HKLM\SOFTWARE\Classes\CLSID\{A2DCC98B-634D-32E1-97BB-CBB0C23328A3} : BEXHWindObjectBrowser  (CLSID)
Deleted successfully : HKLM\SOFTWARE\Classes\CLSID\{D1B3A12C-0037-3330-BBD9-799E17A6B050} : BEXHWindObjectBrowser  (String)
Deleted successfully : HKLM\SOFTWARE\Classes\CLSID\{F7DB850F-7B14-3BF6-BD07-1A32E03635FF} : com.sap.bi.et.BExOpenSaveServices.OSSaveAsNewResult  (String)
Deleted successfully : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe
Deleted successfully : HKLM\SOFTWARE\Classes\TypeLib\{7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4} : SoftwareUpdate  (1.0)
Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{02D97710-3229-33CF-8029-6D2DC2CB9724} : _DoPhysicalViewSaving
Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{041E1FE5-6AF3-31EC-8E4E-3A7DE111F63C} : _BEXHWindRequestBrowser
Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{3F1621E9-6828-30A9-B865-AB18DA115BC4} : _DoPhysicalWorkbookSaving
Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{422CA428-AACB-496A-8FDD-86758BCFB756} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{5A99A0D4-F27F-426E-844B-0173757FAF4D} : ISoftwareUpdatesEvent
Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{8B217757-717D-11CE-AB5B-D41203C10000} : SearchResults
Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{94CB7357-159F-34D3-A92B-6453A0041C76} : _BEXHWindObjectBrowser
Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{995E123A-2A19-4E52-872F-774C5589459C} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{A52621AD-E10F-477B-9ACB-B6181610788B} : {7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}
Deleted successfully : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\a2zlyrics-1-bg_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\flowsurf_4435_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\IE9-01net[1]_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\Install_BubbleDock_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\OptProUninstaller_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\PCPerformer_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\simplicheck_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdate_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdaterV3_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\WebAdSystemHttpProxy_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\WebAdSystem_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\WebPlayer_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\wprotectmanager_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\a2zlyrics-1-bg_RASMANCS
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\flowsurf_4435_RASMANCS
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\IE9-01net[1]_RASMANCS
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\Install_BubbleDock_RASMANCS
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\OptProUninstaller_RASMANCS
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\PCPerformer_RASMANCS
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\simplicheck_RASMANCS
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdate_RASMANCS
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdaterV3_RASMANCS
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\WebAdSystem_RASMANCS
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\WebPlayer_RASMANCS
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\wprotectmanager_RASMANCS
Deleted successfully : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy]|[AppPath] : C:\Program Files\Speedial\1.8.29.15\
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} : BabylonToolbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} : BabylonToolbar.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} : C:\Program Files\Speedial\1.8.29.15\FavIcon.ico
Deleted successfully : HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted successfully : HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted successfully : HKLM\SOFTWARE\Classes\Installer\Features\AFC9600B9BB530C41B6C98EC92E0A5EF :   (Data)

дддддддддд | Offsets 


дддддддддд | reparsepoint



дддддддддд | Folders | Files

Deleted successfully : C:\WINDOWS\System32\Tasks\{56A4AF73-B130-4674-869F-35687A94C69D} = Bundled software uninstaller
Deleted successfully : C:\Users\All Users\InstallMate
Deleted successfully : C:\Users\frbrlop\Start Menu\Programs\FLVM Player
Deleted successfully : C:\Users\frbrlop\AppData\Roaming\337Games
Deleted successfully : C:\Users\frbrlop\AppData\Roaming\PerformerSoft
Deleted successfully : C:\Users\frbrlop\AppData\Roaming\simplitec
Deleted successfully : C:\Users\frbrlop\AppData\LocalLow\Conduit
Deleted successfully : C:\Users\frbrlop\AppData\Local\CRE\aefeodoinldjngocpgikhfackifoibil.crx     (.- .)     
Deleted successfully : C:\Users\frbrlop\AppData\Local\globalUpdate
Deleted successfully : C:\Users\frbrlop\AppData\Local\Temp\tmp0000051a
Deleted successfully : C:\Users\frbrlop\AppData\Local\Microsoft\Windows\Temporary Internet Files\WebTempDir
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00001558
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00001681
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp000017e2
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00001a61
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00001b42
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00001dbe
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00002914
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp0000377d
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00003d76
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp000043b9
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00004560
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp000059e5
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00006281
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00006427
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00006479
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp00006fa2
[R3]Deleted successfully : C:\WINDOWS\Temp\tmp000070b7
[R3]Deleted successfully : C:\WINDOWS\System32\AI_RecycleBin
[R6]Deleted successfully : C:\Users\All Users\1E
[R6]Deleted successfully : C:\Program Files\1E
[R6]Deleted successfully : C:\ProgramData\KGyGaAvL.sys
[R6]Deleted successfully : C:\Users\frbrlop\AppData\Local\CRE

дддддддддд | .LNK


дддддддддд | opening unknown extension


дддддддддд | Proxy

Deleted successfully : S-1-5-21-1832937852-2116575123-337272265-788022 : Proxyserver -> http=127.0.0.1:30627

дддддддддд | Internet Explorer

Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]|[Start Page] : about:blank -> http://www.google.com/
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Main\Window Title]|[] :  -> Internet Explorer
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Main]|[Search Bar] : Preserve -> http://www.google.com/
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Main]|[Start Page] : about:blank -> http://www.google.com/
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Main]|[Start Default_Page_URL] :  -> http://www.google.com/
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Main]|[Default_Search_URL] :  -> http://go.microsoft.com/fwlink/?LinkId=54896
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Main]|[Default_Page_URL] :  -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\SearchURL]|[Default] :  -> http://www.google.com/
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Main]|[CustomizeSearch] :  -> http://www.google.com/
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Search]|[Search Bar] :  -> http://www.google.com/
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Search]|[Start Page] :  -> http://www.google.com/
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Search]|[Start Default_Page_URL] :  -> http://www.google.com/
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Search]|[Local Page] :  -> C:\WINDOWS\system32\blank.htm
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Search]|[Search Page] :  -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Search]|[Default_Page_URL] :  -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\Search]|[CustomizeSearch] :  -> http://www.google.com/
Repaired : [HKU\S-1-5-21-1832937852-2116575123-337272265-788022\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]|[Tabs] :  -> http://www.google.com/

дддддддддд | Google Chrome

Deleted successfully : HKLM\SOFTWARE\Policies\Google
[frbrlop] Reseted successfully : SearchURL

[frbrlop | Default] : cfhdojbkjhnklbpkdaibdccddilifddb =  :     __MSG_description_chrome__ -     __MSG_name__ - https://clients2.google.com/service/update2/crx
[frbrlop | Default] : daoghdmcjpjomfalbgjonallnfkhdccg =  :     Let your Mouse Cursor do Automatic Clicking on Windows Macintosh and Linux Computers. - http://www.khaduus.com/detect-and-go/ -     Auto Clicker - [http://www.khaduus.com/detect-and-go/] - https://clients2.google.com/service/update2/crx
[frbrlop | Default] : fljockdiglkojioiphfiombienapajhc =  : Google & co - Google & co - permissions:[\u003Call_urls>tabsactiveTab] - https://clients2.google.com/service/update2/crx
[frbrlop | Default] : jafdhbipfdlldljdanpnlipdinjcjjid =  :     Portail Orange : Acc\u00E9dez facilement \u00E0 l'actu au sport \u00E0 l'assistance Internet et au Web mail Orange - http://r.orange.fr/r/Ohome_portail?ref=O_Chromium_NewTab -     Portail Orange - [http://r.orange.fr/r/Ohome_portail?ref=O_Chromium_NewTab]
[frbrlop | Default] : nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

дддддддддд | Chromium



дддддддддд | Comodo Dragon



дддддддддд | Firefox

[frbrlop | pxby6rv8.default] Deleted successfully : C:\Users\frbrlop\AppData\Roaming\Mozilla\Firefox\Profiles\pxby6rv8.default\sessionstore.js
Deleted successfully : [frbrlop | pxby6rv8.default] : shortcutff@gmail.com = shortcutff@gmail.com


дддддддддд | SeaMonkey



дддддддддд | Pale moon



дддддддддд | Opera



дддддддддд | Spark



дддддддддд | StartMenuInternet


дддддддддд | AppCertDlls | AppInit_DLLs


дддддддддд | Javascript


дддддддддд | Firewall


дддддддддд | ADS

C:\ProgramData\TEMP:
   Deleted successfully :373E1720

дддддддддд | Temporary files

[Administrator] Temporary files deleted : 4606 Ko
[All Users] Temporary files deleted : 0 Ko
[CBKBuilder] Temporary files deleted : 159908 Ko
[Default] Temporary files deleted : 0 Ko
[Default User] Temporary files deleted : 0 Ko
[fr-admin-gs] Temporary files deleted : 1587 Ko
[frbrlop] Temporary files deleted : 455430 Ko
[Public] Temporary files deleted : 0 Ko
[C:\WINDOWS\Temp] Temporary files deleted : 7017 Ko
[C:\Temp] Temporary files deleted : 23 Ko


Other(s) report(s)


дддддддддд | Listing 


дддддддддд | C:\Program Files

[11/09/2012 23:17:52] - |D| - C:\Program Files\ABB Local Applications
[07/10/2013 14:28:39] - |D| - C:\Program Files\Adobe
[14/03/2014 17:44:53] - |D| - C:\Program Files\Adobe Download Assistant
[24/04/2014 14:57:02] - |D| - C:\Program Files\ALPI
[24/12/2013 02:46:48] - |D| - C:\Program Files\Apple Software Update
[29/11/2013 13:00:20] - |D| - C:\Program Files\Artisteer 4
[24/12/2013 02:46:27] - |D| - C:\Program Files\Bonjour
[14/08/2014 00:18:44] - |D| - C:\Program Files\Bullfrog
[15/05/2013 14:29:29] - |D| - C:\Program Files\Cisco
[15/05/2013 14:55:40] - |D| - C:\Program Files\Cisco Systems
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files
[15/05/2013 14:39:38] - |D| - C:\Program Files\Corel
[14/07/2009 06:41:57] - |ASH| - C:\Program Files\desktop.ini
[04/12/2013 00:07:03] - |D| - C:\Program Files\DLLSuite
[15/05/2013 14:34:45] - |D| - C:\Program Files\Dolby Advanced Audio v2
[29/11/2013 16:28:59] - |D| - C:\Program Files\DSPRobotics
[14/07/2009 06:52:30] - |D| - C:\Program Files\DVD Maker
[17/06/2014 11:08:37] - |D| - C:\Program Files\EBSoft
[02/01/2014 22:19:48] - |D| - C:\Program Files\Football Manager 2014
[29/10/2013 10:32:57] - |D| - C:\Program Files\Google
[30/12/2013 23:25:59] - |D| - C:\Program Files\GraphCalc
[13/01/2014 20:17:58] - |D| - C:\Program Files\GSC Game World
[07/02/2014 15:34:19] - |D| - C:\Program Files\Hewlett-Packard
[26/12/2013 17:27:05] - |D| - C:\Program Files\HP
[11/09/2012 21:55:42] - |D| - C:\Program Files\IBM
[29/03/2014 20:57:56] - |D| - C:\Program Files\iFunbox 2014
[29/11/2013 16:27:30] - |D| - C:\Program Files\Image-Line
[15/05/2013 14:28:38] - |HD| - C:\Program Files\InstallShield Installation Information
[15/05/2013 14:35:22] - |D| - C:\Program Files\Integrated Camera Driver
[15/05/2013 14:29:03] - |D| - C:\Program Files\Intel
[26/12/2013 00:06:52] - |D| - C:\Program Files\InterActual
[05/10/2013 21:41:34] - |D| - C:\Program Files\Internet Explorer
[24/03/2014 20:33:05] - |D| - C:\Program Files\iPod
[24/03/2014 20:33:04] - |D| - C:\Program Files\iTunes
[18/07/2014 10:48:01] - |D| - C:\Program Files\iTwin
[11/09/2012 22:30:20] - |D| - C:\Program Files\Java
[15/05/2013 14:35:08] - |D| - C:\Program Files\Lenovo
[30/07/2014 11:49:15] - |D| - C:\Program Files\Malwarebytes Anti-Malware
[11/09/2012 22:50:36] - |D| - C:\Program Files\McAfee
[11/09/2012 20:46:23] - |D| - C:\Program Files\Microsoft Analysis Services
[27/11/2013 15:33:24] - |AD| - C:\Program Files\Microsoft Games
[11/09/2012 20:45:10] - |D| - C:\Program Files\Microsoft Office
[22/04/2014 08:57:18] - |D| - C:\Program Files\Microsoft Office 15
[24/06/2014 18:56:34] - |D| - C:\Program Files\Microsoft Silverlight
[11/09/2012 20:47:02] - |D| - C:\Program Files\Microsoft Visual Studio 8
[11/10/2013 00:24:18] - |D| - C:\Program Files\Microsoft WSE
[11/09/2012 20:19:48] - |D| - C:\Program Files\Microsoft.NET
[30/07/2014 21:54:56] - |D| - C:\Program Files\Mozilla Firefox
[08/11/2013 11:47:55] - |D| - C:\Program Files\Mozilla Maintenance Service
[14/07/2009 06:52:30] - |D| - C:\Program Files\MSBuild
[28/11/2013 15:12:02] - |D| - C:\Program Files\MSXML 4.0
[11/09/2012 22:09:52] - |D| - C:\Program Files\My Company Name
[05/12/2013 12:43:23] - |D| - C:\Program Files\Orange
[05/04/2014 17:21:07] - |D| - C:\Program Files\Prompt Downloader
[15/05/2013 15:13:57] - |D| - C:\Program Files\Quest Software
[13/03/2014 15:56:15] - |D| - C:\Program Files\QuickTime
[15/05/2013 14:34:23] - |D| - C:\Program Files\Realtek
[14/07/2009 06:52:30] - |D| - C:\Program Files\Reference Assemblies
[15/05/2013 14:35:03] - |D| - C:\Program Files\Ricoh
[15/05/2013 15:09:56] - |D| - C:\Program Files\SAP
[30/07/2014 09:19:33] - |D| - C:\Program Files\Spybot - Search & Destroy 2
[15/05/2013 14:34:56] - |D| - C:\Program Files\Synaptics
[26/12/2013 13:05:42] - |D| - C:\Program Files\SystemRequirementsLab
[15/05/2013 14:53:58] - |D| - C:\Program Files\T-Online Business
[06/02/2014 11:57:00] - |D| - C:\Program Files\TeamViewer
[15/05/2013 14:34:23] - |HD| - C:\Program Files\Temp
[15/05/2013 14:36:32] - |D| - C:\Program Files\ThinkPad
[14/07/2009 06:53:23] - |HD| - C:\Program Files\Uninstall Information
[05/11/2013 03:54:20] - |D| - C:\Program Files\VideoLAN
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Defender
[21/11/2010 02:31:50] - |D| - C:\Program Files\Windows Journal
[14/07/2009 04:37:05] - |D| - C:\Program Files\Windows Mail
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Media Player
[14/07/2009 04:37:05] - |D| - C:\Program Files\Windows NT
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Photo Viewer
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Portable Devices
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Sidebar
[11/09/2012 22:35:30] - |D| - C:\Program Files\Windows Virtual PC
[11/09/2012 22:47:37] - |D| - C:\Program Files\Windows XP Mode
[11/09/2012 22:23:18] - |D| - C:\Program Files\WinZip
[28/11/2013 15:12:06] - |D| - C:\Program Files\Xara
[27/08/2014 15:10:38] - |D| - C:\Program Files\ZHPDiag

дддддддддд | C:\Program Files\Common Files

[07/10/2013 14:28:39] - |D| - C:\Program Files\Common Files\Adobe
[28/11/2013 15:28:02] - |D| - C:\Program Files\Common Files\Adobe AIR
[24/04/2014 14:57:02] - |D| - C:\Program Files\Common Files\Alpi Shared
[24/12/2013 02:46:17] - |D| - C:\Program Files\Common Files\Apple
[11/09/2012 22:50:40] - |D| - C:\Program Files\Common Files\Cisco Systems
[30/04/2014 14:46:27] - |D| - C:\Program Files\Common Files\DESIGNER
[15/05/2013 14:28:36] - |D| - C:\Program Files\Common Files\InstallShield
[15/05/2013 14:29:03] - |D| - C:\Program Files\Common Files\Intel
[23/03/2014 00:52:10] - |D| - C:\Program Files\Common Files\Java
[15/05/2013 14:36:08] - |D| - C:\Program Files\Common Files\Lenovo
[18/09/2013 12:30:22] - |D| - C:\Program Files\Common Files\McAfee
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\microsoft shared
[15/05/2013 14:47:14] - |D| - C:\Program Files\Common Files\Protexis
[17/09/2013 14:15:56] - |D| - C:\Program Files\Common Files\SAP Shared
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\Services
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\SpeechEngines
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\System
[15/05/2013 14:39:38] - |D| - C:\Program Files\Common Files\Ulead Systems
[18/07/2014 11:21:22] - |D| - C:\Program Files\Common Files\Wondershare
[28/11/2013 15:12:06] - |D| - C:\Program Files\Common Files\Xara Services

дддддддддд | C:\Users\frbrlop\AppData\Roaming

[02/10/2013 11:54:43] - |D| - C:\Users\frbrlop\AppData\Roaming\Adobe
[29/11/2013 13:03:13] - |D| - C:\Users\frbrlop\AppData\Roaming\Apple Computer
[29/11/2013 13:02:59] - |D| - C:\Users\frbrlop\AppData\Roaming\Artisteer
[14/03/2014 17:44:58] - |D| - C:\Users\frbrlop\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[17/09/2013 14:05:08] - |D| - C:\Users\frbrlop\AppData\Roaming\Corel
[10/10/2013 23:57:22] - |D| - C:\Users\frbrlop\AppData\Roaming\DAEMON Tools Lite
[25/04/2014 11:47:44] - |D| - C:\Users\frbrlop\AppData\Roaming\EurekaLog
[29/11/2013 16:29:00] - |D| - C:\Users\frbrlop\AppData\Roaming\FlowStone
[26/12/2013 17:40:19] - |D| - C:\Users\frbrlop\AppData\Roaming\HpUpdate
[28/03/2014 16:08:50] - |D| - C:\Users\frbrlop\AppData\Roaming\Identities
[29/03/2014 20:58:01] - |D| - C:\Users\frbrlop\AppData\Roaming\iFunBox.NXGen
[01/05/2014 22:23:23] - |D| - C:\Users\frbrlop\AppData\Roaming\iFunbox_UserCache
[29/11/2013 16:29:12] - |D| - C:\Users\frbrlop\AppData\Roaming\Image-Line
[17/09/2013 14:05:11] - |D| - C:\Users\frbrlop\AppData\Roaming\Intel
[02/10/2013 16:59:13] - |D| - C:\Users\frbrlop\AppData\Roaming\Macromedia
[28/11/2013 15:12:43] - |D| - C:\Users\frbrlop\AppData\Roaming\MAGIX
[17/09/2013 14:10:47] - |D| - C:\Users\frbrlop\AppData\Roaming\McAfee
[17/09/2013 14:05:08] - |D| - C:\Users\frbrlop\AppData\Roaming\Media Center Programs
[17/09/2013 14:05:08] - |SD| - C:\Users\frbrlop\AppData\Roaming\Microsoft
[02/10/2013 16:59:14] - |D| - C:\Users\frbrlop\AppData\Roaming\Mozilla
[17/01/2014 00:18:27] - |D| - C:\Users\frbrlop\AppData\Roaming\MysteryStudio
[05/12/2013 12:44:25] - |D| - C:\Users\frbrlop\AppData\Roaming\Orange
[24/12/2013 02:49:15] - |D| - C:\Users\frbrlop\AppData\Roaming\Origin
[09/02/2014 09:21:58] - |A| - C:\Users\frbrlop\AppData\Roaming\PDFConverterApp
[07/04/2014 17:53:48] - |D| - C:\Users\frbrlop\AppData\Roaming\PhotoFiltre
[17/09/2013 14:19:55] - |D| - C:\Users\frbrlop\AppData\Roaming\PwrMgr
[28/03/2014 01:28:07] - |D| - C:\Users\frbrlop\AppData\Roaming\redsn0w
[02/11/2013 18:32:36] - |A| - C:\Users\frbrlop\AppData\Roaming\regsvr32.exe_log.txt
[17/09/2013 14:58:23] - |D| - C:\Users\frbrlop\AppData\Roaming\SAP
[21/02/2014 17:09:04] - |D| - C:\Users\frbrlop\AppData\Roaming\Scribus
[10/02/2014 10:10:17] - |D| - C:\Users\frbrlop\AppData\Roaming\SmileysWeLove
[06/02/2014 11:57:05] - |D| - C:\Users\frbrlop\AppData\Roaming\TeamViewer
[17/01/2014 00:20:48] - |D| - C:\Users\frbrlop\AppData\Roaming\Ubisoft
[14/08/2014 00:09:27] - |D| - C:\Users\frbrlop\AppData\Roaming\Ulead Systems
[20/02/2014 12:43:38] - |D| - C:\Users\frbrlop\AppData\Roaming\Unity
[06/11/2013 06:11:33] - |D| - C:\Users\frbrlop\AppData\Roaming\uTorrent
[05/11/2013 03:54:53] - |D| - C:\Users\frbrlop\AppData\Roaming\vlc
[11/03/2014 11:26:52] - |D| - C:\Users\frbrlop\AppData\Roaming\wam
[11/03/2014 11:26:50] - |D| - C:\Users\frbrlop\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
[28/05/2014 11:00:50] - |D| - C:\Users\frbrlop\AppData\Roaming\webex
[18/07/2014 10:15:54] - |D| - C:\Users\frbrlop\AppData\Roaming\WindSolutions
[27/08/2014 15:10:38] - |D| - C:\Users\frbrlop\AppData\Roaming\ZHP

дддддддддд | C:\Users\frbrlop\AppData\Local

[02/10/2013 11:54:43] - |D| - C:\Users\frbrlop\AppData\Local\Adobe
[24/04/2014 15:06:57] - |D| - C:\Users\frbrlop\AppData\Local\ALPI
[24/12/2013 02:46:51] - |D| - C:\Users\frbrlop\AppData\Local\Apple
[29/11/2013 13:03:13] - |D| - C:\Users\frbrlop\AppData\Local\Apple Computer
[17/09/2013 14:05:08] - |SHD| - C:\Users\frbrlop\AppData\Local\Application Data
[29/10/2013 10:32:43] - |D| - C:\Users\frbrlop\AppData\Local\Apps
[01/12/2013 21:22:15] - |D| - C:\Users\frbrlop\AppData\Local\Broadcom
[25/07/2014 12:23:42] - |D| - C:\Users\frbrlop\AppData\Local\CheckCode
[02/01/2014 22:44:18] - |D| - C:\Users\frbrlop\AppData\Local\Chromium
[10/02/2014 11:10:04] - |D| - C:\Users\frbrlop\AppData\Local\Cisco
[21/06/2014 14:27:48] - |D| - C:\Users\frbrlop\AppData\Local\CrashDumps
[29/10/2013 10:32:43] - |D| - C:\Users\frbrlop\AppData\Local\Deployment
[07/02/2014 00:48:01] - |D| - C:\Users\frbrlop\AppData\Local\Downloaded Installations
[20/07/2014 02:36:28] - |D| - C:\Users\frbrlop\AppData\Local\DriverKernelQuick
[07/10/2013 14:18:03] - |D| - C:\Users\frbrlop\AppData\Local\ElevatedDiagnostics
[05/04/2014 17:08:16] - |D| - C:\Users\frbrlop\AppData\Local\EuroTrade_A.L._Ltd
[03/08/2014 18:21:11] - |D| - C:\Users\frbrlop\AppData\Local\Facebook
[14/03/2014 18:01:19] - |D| - C:\Users\frbrlop\AppData\Local\fontconfig
[17/09/2013 14:10:53] - |A| - C:\Users\frbrlop\AppData\Local\GDIPFONTCACHEV1.DAT
[14/03/2014 18:01:16] - |D| - C:\Users\frbrlop\AppData\Local\gegl-0.2
[29/10/2013 10:32:57] - |D| - C:\Users\frbrlop\AppData\Local\Google
[14/03/2014 18:08:32] - |D| - C:\Users\frbrlop\AppData\Local\gtk-2.0
[17/09/2013 14:05:08] - |SHD| - C:\Users\frbrlop\AppData\Local\History
[17/09/2013 14:12:42] - |D| - C:\Users\frbrlop\AppData\Local\IBM
[17/09/2013 14:19:55] - |AH| - C:\Users\frbrlop\AppData\Local\IconCache.db
[12/03/2014 11:33:59] - |D| - C:\Users\frbrlop\AppData\Local\IsolatedStorage
[17/09/2013 14:10:48] - |D| - C:\Users\frbrlop\AppData\Local\Lenovo
[17/09/2013 14:12:22] - |D| - C:\Users\frbrlop\AppData\Local\Lotus
[07/10/2013 14:25:07] - |D| - C:\Users\frbrlop\AppData\Local\Macromedia
[17/09/2013 14:05:08] - |D| - C:\Users\frbrlop\AppData\Local\Microsoft
[17/09/2013 14:05:08] - |D| - C:\Users\frbrlop\AppData\Local\Microsoft Help
[02/10/2013 16:59:14] - |D| - C:\Users\frbrlop\AppData\Local\Mozilla
[02/11/2013 18:30:57] - |D| - C:\Users\frbrlop\AppData\Local\NativeMessaging
[21/12/2013 15:58:50] - |D| - C:\Users\frbrlop\AppData\Local\Orange
[09/02/2014 22:26:42] - |D| - C:\Users\frbrlop\AppData\Local\Popajar
[10/10/2013 23:59:01] - |D| - C:\Users\frbrlop\AppData\Local\Programs
[05/04/2014 17:21:08] - |D| - C:\Users\frbrlop\AppData\Local\Prompt Downloader
[14/03/2014 18:08:33] - |A| - C:\Users\frbrlop\AppData\Local\recently-used.xbel
[17/09/2013 14:58:22] - |D| - C:\Users\frbrlop\AppData\Local\SAP
[02/01/2014 22:42:11] - |D| - C:\Users\frbrlop\AppData\Local\Sports Interactive
[17/09/2013 14:05:08] - |D| - C:\Users\frbrlop\AppData\Local\Temp
[17/09/2013 14:05:08] - |SHD| - C:\Users\frbrlop\AppData\Local\Temporary Internet Files
[20/02/2014 12:38:49] - |D| - C:\Users\frbrlop\AppData\Local\Unity
[17/06/2014 11:08:42] - |D| - C:\Users\frbrlop\AppData\Local\WDSetup
[02/10/2013 16:24:29] - |D| - C:\Users\frbrlop\AppData\Local\WinZip
[18/07/2014 11:21:24] - |D| - C:\Users\frbrlop\AppData\Local\Wondershare
[28/11/2013 15:12:22] - |D| - C:\Users\frbrlop\AppData\Local\Xara

дддддддддд | C:\ProgramData

[24/03/2014 20:33:04] - |D| - C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[11/09/2012 22:25:34] - |D| - C:\ProgramData\Adobe
[24/04/2014 14:57:02] - |D| - C:\ProgramData\ALPI
[24/12/2013 02:46:17] - |D| - C:\ProgramData\Apple
[24/12/2013 02:47:03] - |D| - C:\ProgramData\Apple Computer
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Application Data
[05/10/2013 20:38:50] - |D| - C:\ProgramData\Cisco
[15/05/2013 14:46:33] - |D| - C:\ProgramData\Corel
[10/10/2013 23:52:34] - |D| - C:\ProgramData\DAEMON Tools Lite
[07/06/2014 01:12:23] - |D| - C:\ProgramData\DatacardService
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Desktop
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Documents
[29/12/2013 22:36:15] - |D| - C:\ProgramData\EA Core
[17/06/2014 11:09:04] - |D| - C:\ProgramData\EBSoft
[12/10/2013 18:48:58] - |D| - C:\ProgramData\Electronic Arts
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Favorites
[15/05/2013 15:18:50] - |D| - C:\ProgramData\GroupPolicy
[26/12/2013 17:29:41] - |D| - C:\ProgramData\Hewlett-Packard
[26/12/2013 17:29:39] - |D| - C:\ProgramData\HP
[15/05/2013 14:56:36] - |D| - C:\ProgramData\IBM
[15/05/2013 14:29:29] - |D| - C:\ProgramData\Intel
[15/05/2013 14:45:59] - |D| - C:\ProgramData\InterVideo
[15/05/2013 14:54:00] - |D| - C:\ProgramData\iPass
[15/05/2013 14:36:53] - |D| - C:\ProgramData\Lenovo
[11/09/2012 21:55:42] - |D| - C:\ProgramData\Lotus
[28/11/2013 15:12:59] - |D| - C:\ProgramData\MAGIX
[30/07/2014 11:49:15] - |D| - C:\ProgramData\Malwarebytes
[11/09/2012 22:50:36] - |D| - C:\ProgramData\McAfee
[14/07/2009 04:37:05] - |SD| - C:\ProgramData\Microsoft
[11/09/2012 20:45:07] - |D| - C:\ProgramData\Microsoft Help
[02/10/2013 16:59:07] - |D| - C:\ProgramData\Mozilla
[11/09/2012 23:21:22] - |RASH| - C:\ProgramData\ntuser.pol
[07/10/2013 15:09:21] - |D| - C:\ProgramData\Oracle
[24/12/2013 02:49:08] - |D| - C:\ProgramData\Origin
[20/06/2014 15:15:07] - |D| - C:\ProgramData\Protexis
[28/11/2013 15:31:17] - |D| - C:\ProgramData\regid.1986-12.com.adobe
[22/04/2014 08:59:58] - |D| - C:\ProgramData\regid.1991-06.com.microsoft
[15/05/2013 14:30:20] - |D| - C:\ProgramData\Roaming
[07/10/2013 14:16:41] - |D| - C:\ProgramData\Skype
[30/07/2014 09:19:55] - |D| - C:\ProgramData\Spybot - Search & Destroy
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Start Menu
[11/09/2012 22:30:48] - |D| - C:\ProgramData\Sun
[11/10/2013 00:04:21] - |AD| - C:\ProgramData\TEMP
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Templates
[15/05/2013 14:39:38] - |D| - C:\ProgramData\Ulead Systems
[28/05/2014 10:59:44] - |D| - C:\ProgramData\WebEx
[04/12/2013 00:09:29] - |D| - C:\ProgramData\Weskysoft
[18/07/2014 10:15:54] - |D| - C:\ProgramData\WindSolutions
[11/09/2012 22:23:24] - |D| - C:\ProgramData\WinZip
[28/11/2013 15:12:06] - |D| - C:\ProgramData\Xara

[X] : [69075 Ko]

Analyzed elements : 164982 | Modified : 17 | Infected : 99

дддддддддд |EOF| дддддддддд | 12:05:37 | [45 Ko]