Jump to content

toutoune

Members
 View Profile  See their activity

  • Posts

    5

  • Joined

  • Last visited

 Content Type 

Everything posted by toutoune

  1. toutoune
    i attached the 3 files. scanlog.txt Addition.txt FRST.txt
  2. toutoune
    After approximatively one hour of use, the computer shut down with the same error message.
  3. toutoune
    I attached the two files. thank you very much for your help! AdwCleanerS0.txt Fixlog.txt
  4. toutoune
    I attached the 2 files to this post. Addition.txt FRST.txt
  5. toutoune
    Hello, i have a virus in my computer: When i surf on the internet, there is an error message of my antivirus avast. Moreover very often the computer stops, and there is a blue screen with the message KERNEL_DATA_INPUT error. What should i do? I ran a malware bytes scan and a farbar scan. I send you the two text files with the farbar scan. Kind regards Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015Ran by Antoine (administrator) on PC-ANTOINE on 27-05-2015 22:17:36Running from C:\Users\Antoine\DownloadsLoaded Profiles: Antoine (Available Profiles: Antoine)Platform: Windows 8.1 (X64) OS Language: Français (France)Internet Explorer Version 11 (Default browser not detected!)Boot Mode: Safe Mode (minimal)Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\dllhost.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-24] (Avast Software s.r.o.)HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exeWinlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.)AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File not foundAppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File not foundStartup: C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-01-10]ShortcutTarget: Dropbox.lnk -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-24] (Avast Software s.r.o.)ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTIONCHR HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKU\S-1-5-21-2040339073-2083693996-3833942027-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.comHKU\S-1-5-21-2040339073-2083693996-3833942027-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}SearchScopes: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}SearchScopes: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-24] (Avast Software s.r.o.)BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-24] (Avast Software s.r.o.)Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No FileTcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\cvy9pq34.defaultFF SearchEngineOrder.1: MysearchdialFF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)FF user.js: detected! => C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\cvy9pq34.default\user.js [2015-05-27]FF Extension: Adblock Plus - C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\cvy9pq34.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-01]FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-11]FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found] Chrome: =======CHR dev: Chrome dev build detected! <======= ATTENTIONCHR Profile: C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-11]CHR Extension: (Google Drive) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-11]CHR Extension: (YouTube) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-11]CHR Extension: (Google Search) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-11]CHR Extension: (Bookmark Manager) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-26]CHR Extension: (Avast Online Security) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-11]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]CHR Extension: (Google Wallet) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-11]CHR Extension: (Gmail) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-11]CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-24] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-24] (Avast Software s.r.o.)S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)S2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)S2 vmware-view-usbd; C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe [2370560 2012-05-02] (VMware, Inc.) [File not signed]S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-24] ()S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-24] (Avast Software s.r.o.)S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-24] (Avast Software s.r.o.)S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-24] ()S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-24] (Avast Software s.r.o.)S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-24] (Avast Software s.r.o.)S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-24] (Avast Software s.r.o.)S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-24] ()R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-06-28] (ASUS Corporation)R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-27] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-27 22:17 - 2015-05-27 22:19 - 00015973 _____ () C:\Users\Antoine\Downloads\FRST.txt2015-05-27 22:17 - 2015-05-27 22:17 - 00000000 ____D () C:\FRST2015-05-27 21:17 - 2015-05-27 21:17 - 00001830 _____ () C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk2015-05-27 21:10 - 2015-05-27 21:10 - 00284424 _____ () C:\WINDOWS\Minidump\052715-56828-01.dmp2015-05-27 20:58 - 2015-05-27 20:58 - 02108928 _____ (Farbar) C:\Users\Antoine\Downloads\FRST64.exe2015-05-27 20:44 - 2015-05-27 21:25 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2015-05-27 20:44 - 2015-05-27 20:44 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-05-27 20:44 - 2015-05-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-05-27 20:43 - 2015-05-27 20:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-05-27 20:43 - 2015-05-27 20:43 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-05-27 20:43 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2015-05-27 20:43 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2015-05-27 20:43 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2015-05-27 20:39 - 2015-05-27 20:40 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Antoine\Downloads\mbam-setup-2.1.6.1022.exe2015-05-26 23:22 - 2015-05-27 21:09 - 00000708 _____ () C:\WINDOWS\PFRO.log2015-05-26 23:22 - 2015-05-26 23:23 - 00284480 _____ () C:\WINDOWS\Minidump\052615-32234-01.dmp2015-05-26 22:43 - 2015-05-26 22:43 - 00000000 ____D () C:\Users\Antoine\Documents\cours2015-05-26 21:59 - 2015-05-27 21:10 - 00000231 _____ () C:\WINDOWS\setupact.log2015-05-26 21:59 - 2015-05-26 21:59 - 00284480 _____ () C:\WINDOWS\Minidump\052615-42890-01.dmp2015-05-26 21:59 - 2015-05-26 21:59 - 00000000 _____ () C:\WINDOWS\setuperr.log2015-05-26 21:58 - 2015-05-27 21:10 - 588692508 _____ () C:\WINDOWS\MEMORY.DMP2015-05-26 21:47 - 2015-05-26 21:47 - 00000103 ____H () C:\Users\Antoine\Desktop\.~lock.IMS Health.odt#2015-05-25 23:12 - 2015-05-25 23:12 - 00000000 ____D () C:\ProgramData\18986400593187905452015-05-25 23:12 - 2015-05-25 23:12 - 00000000 ____D () C:\Program Files (x86)\PriiceeMinus2015-05-25 23:10 - 2015-05-27 20:50 - 00000000 ____D () C:\ProgramData\{7a07efb7-d318-d744-7a07-7efb7d31bedf}2015-05-24 20:13 - 2015-05-24 20:13 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe2015-05-24 20:13 - 2015-05-24 20:13 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr2015-05-21 00:22 - 2015-05-21 00:23 - 00000197 _____ () C:\WINDOWS\system32\2015-05-20-22-22-59.039-AvastVBoxSVC.exe-2632.log2015-05-21 00:17 - 2015-05-21 00:17 - 00000197 _____ () C:\WINDOWS\system32\2015-05-20-22-17-14.077-AvastVBoxSVC.exe-2832.log2015-05-16 21:22 - 2015-05-16 21:23 - 00000197 _____ () C:\WINDOWS\system32\2015-05-16-19-22-48.060-AvastVBoxSVC.exe-2640.log2015-05-14 18:16 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll2015-05-14 18:16 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll2015-05-14 18:16 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll2015-05-14 18:16 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll2015-05-14 18:16 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll2015-05-14 18:16 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll2015-05-14 18:16 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll2015-05-14 18:16 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll2015-05-14 18:16 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll2015-05-14 18:16 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys2015-05-14 18:16 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS2015-05-14 18:16 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys2015-05-14 18:16 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll2015-05-14 18:16 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll2015-05-14 18:16 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe2015-05-14 18:16 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe2015-05-14 18:16 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys2015-05-14 18:16 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll2015-05-14 18:16 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll2015-05-14 18:16 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll2015-05-14 18:16 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll2015-05-14 18:16 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll2015-05-14 18:16 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll2015-05-14 18:16 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll2015-05-14 18:15 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys2015-05-14 18:15 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys2015-05-14 18:15 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml2015-05-14 18:15 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll2015-05-14 18:15 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll2015-05-13 00:35 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll2015-05-13 00:35 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2015-05-12 21:03 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys2015-05-12 21:03 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll2015-05-12 21:03 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll2015-05-12 21:03 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll2015-05-12 21:02 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll2015-05-12 21:02 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll2015-05-12 21:02 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2015-05-12 21:02 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2015-05-12 21:02 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2015-05-12 21:02 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2015-05-12 21:02 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2015-05-12 21:02 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2015-05-12 21:02 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2015-05-12 21:02 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll2015-05-12 21:02 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll2015-05-12 21:02 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll2015-05-12 21:02 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe2015-05-12 21:01 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll2015-05-12 21:01 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec2015-05-12 21:01 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2015-05-12 21:01 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll2015-05-12 21:01 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll2015-05-12 21:01 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll2015-05-12 21:01 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll2015-05-12 21:01 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec2015-05-12 21:01 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll2015-05-12 21:01 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll2015-05-12 21:01 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll2015-05-12 21:01 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2015-05-12 21:01 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll2015-05-12 21:01 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll2015-05-12 21:01 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll2015-05-12 21:01 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll2015-05-12 21:01 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2015-05-12 21:01 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll2015-05-12 21:01 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl2015-05-12 21:01 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll2015-05-12 21:01 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll2015-05-12 21:01 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll2015-05-12 21:01 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll2015-05-12 21:01 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll2015-05-12 21:01 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2015-05-12 21:01 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll2015-05-12 21:01 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll2015-05-12 21:01 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl2015-05-12 21:01 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2015-05-12 21:01 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll2015-05-12 21:01 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2015-05-12 21:01 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2015-05-12 21:01 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll2015-05-11 00:17 - 2015-05-11 00:18 - 00000197 _____ () C:\WINDOWS\system32\2015-05-10-22-17-08.081-AvastVBoxSVC.exe-2580.log2015-05-09 23:11 - 2015-05-09 23:11 - 00000197 _____ () C:\WINDOWS\system32\2015-05-09-21-11-07.026-AvastVBoxSVC.exe-2544.log2015-05-01 14:27 - 2015-05-13 00:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight2015-05-01 14:26 - 2015-05-16 21:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight2015-05-01 14:26 - 2015-05-16 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-27 21:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI2015-05-27 21:18 - 2015-03-02 23:24 - 01778968 _____ () C:\WINDOWS\WindowsUpdate.log2015-05-27 21:18 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2015-05-27 21:14 - 2014-01-10 20:31 - 00000000 ___RD () C:\Users\Antoine\Dropbox2015-05-27 21:14 - 2014-01-10 20:27 - 00000000 ____D () C:\Users\Antoine\AppData\Roaming\Dropbox2015-05-27 21:12 - 2014-02-03 15:29 - 00000000 __RDO () C:\Users\Antoine\SkyDrive2015-05-27 21:12 - 2014-01-11 01:37 - 00000074 _____ () C:\Users\Antoine\AppData\Roaming\sp_data.sys2015-05-27 21:11 - 2014-01-22 20:04 - 00000000 ____D () C:\Users\Antoine2015-05-27 21:11 - 2014-01-11 02:32 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2015-05-27 21:10 - 2014-12-19 15:53 - 00000000 ____D () C:\WINDOWS\Minidump2015-05-27 21:10 - 2013-08-22 16:44 - 00544824 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2015-05-27 21:07 - 2014-01-10 20:12 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2040339073-2083693996-3833942027-10012015-05-27 21:06 - 2015-03-05 19:34 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-05-27 21:04 - 2013-11-14 09:16 - 00000000 ____D () C:\WINDOWS\ShellNew2015-05-27 21:04 - 2013-04-26 01:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office2015-05-27 21:02 - 2014-01-22 19:51 - 00000000 ____D () C:\Program Files (x86)\MSBuild2015-05-27 21:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru2015-05-27 20:58 - 2012-07-26 07:26 - 00000108 _____ () C:\WINDOWS\win.ini2015-05-27 20:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared2015-05-27 20:44 - 2014-03-10 12:28 - 00000000 ____D () C:\Users\Antoine\AppData\Roaming\uTorrent2015-05-27 20:41 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM2015-05-26 22:29 - 2014-01-11 02:43 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2015-05-26 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2015-05-26 21:05 - 2014-01-23 19:52 - 00003952 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{82B58CEB-4CC1-447C-B107-D26083ADCF94}2015-05-24 20:14 - 2014-01-11 02:34 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update2015-05-24 20:13 - 2014-05-30 01:15 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys2015-05-24 20:13 - 2014-01-11 02:32 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys2015-05-24 20:13 - 2014-01-11 02:32 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys2015-05-24 20:13 - 2014-01-11 02:32 - 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys2015-05-24 20:13 - 2014-01-11 02:32 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys2015-05-24 20:13 - 2014-01-11 02:32 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys2015-05-24 20:13 - 2014-01-11 02:32 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys2015-05-24 20:13 - 2014-01-11 02:32 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys2015-05-24 14:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache2015-05-23 16:26 - 2014-01-10 19:28 - 00000000 ____D () C:\Users\Antoine\AppData\Roaming\vlc2015-05-23 02:19 - 2015-04-04 21:08 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX2015-05-23 02:19 - 2015-04-04 21:08 - 00000000 ___SD () C:\WINDOWS\system32\GWX2015-05-23 02:19 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp2015-05-22 00:53 - 2014-01-11 02:34 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-05-17 14:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel2015-05-17 03:59 - 2014-01-10 20:31 - 00001079 _____ () C:\Users\Antoine\Desktop\Dropbox.lnk2015-05-17 03:59 - 2014-01-10 20:29 - 00000000 ____D () C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-05-17 03:57 - 2013-11-14 09:32 - 01824010 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2015-05-17 03:57 - 2013-11-14 09:13 - 00812350 _____ () C:\WINDOWS\system32\perfh00C.dat2015-05-17 03:57 - 2013-11-14 09:13 - 00159412 _____ () C:\WINDOWS\system32\perfc00C.dat2015-05-16 21:16 - 2014-01-11 14:29 - 00000000 ____D () C:\WINDOWS\system32\MRT2015-05-16 21:16 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers2015-05-16 21:06 - 2014-01-11 14:29 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2015-05-15 19:24 - 2014-01-11 02:32 - 00004070 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2015-05-15 19:24 - 2014-01-11 02:32 - 00003834 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2015-05-15 19:24 - 2014-01-11 02:32 - 00001098 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2015-05-13 00:15 - 2013-11-14 09:16 - 00000000 ____D () C:\Program Files\Windows Journal2015-05-05 19:59 - 2014-12-14 15:41 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2015-05-05 19:59 - 2014-12-14 15:41 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl2015-04-30 19:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat ==================== Files in the root of some directories ======= 2014-01-11 01:37 - 2015-05-27 21:12 - 0000074 _____ () C:\Users\Antoine\AppData\Roaming\sp_data.sys2014-01-17 02:28 - 2014-01-18 12:28 - 0000071 _____ () C:\Users\Antoine\AppData\Roaming\WB.CFG2013-04-26 01:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd2013-04-26 01:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS2014-01-10 20:02 - 2014-01-10 20:04 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log2014-01-10 20:02 - 2014-01-10 20:02 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Files to move or delete:====================C:\ProgramData\SetStretch.exeC:\ProgramData\SetStretch.VBS Some files in TEMP:====================C:\Users\Antoine\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_tref0.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-25 12:45 ==================== End of log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015Ran by Antoine at 2015-05-27 22:19:34Running from C:\Users\Antoine\DownloadsBoot Mode: Safe Mode (minimal)========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-2040339073-2083693996-3833942027-500 - Administrator - Disabled)Antoine (S-1-5-21-2040339073-2083693996-3833942027-1001 - Administrator - Enabled) => C:\Users\AntoineHomeGroupUser$ (S-1-5-21-2040339073-2083693996-3833942027-1005 - Limited - Enabled)Invité (S-1-5-21-2040339073-2083693996-3833942027-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)Add-in ODF pour Microsoft Office (HKLM-x32\...\{2BC21CD2-8053-406A-80F6-9AB61717B49D}) (Version: 4.0.5309.0 - OpenXML/ODF Translator Team)Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)Adobe Reader XI (11.0.10) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.0 - ASUS)ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS)ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) HiddenAsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)Azteca (x32 Version: 2.2.0.97 - WildTangent) HiddenBejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) HiddenCCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) HiddenCyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDropbox (HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenGalerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.27.5 - Google Inc.) HiddenIntel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)LibreOffice 4.4.1.2 (HKLM-x32\...\{4A754DA6-6E12-40AF-BAF0-B7D60C6BE005}) (Version: 4.4.1.2 - The Document Foundation)Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)Microsoft SkyDrive (HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenMyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports)Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)OpenOffice Packages (HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\...\OpenOffice Packages) (Version: - ) <==== ATTENTIONPeggle (x32 Version: 2.2.0.95 - WildTangent) HiddenPenguins! (x32 Version: 2.2.0.98 - WildTangent) HiddenPriiceeMinus (HKLM-x32\...\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}) (Version: - )Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)R for Windows 3.0.2 (HKLM\...\R for Windows 3.0.2_is1) (Version: 3.0.2 - R Core Team)R for Windows 3.0.3 (HKLM\...\R for Windows 3.0.3_is1) (Version: 3.0.3 - R Core Team)Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenRealtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)RStudio (HKLM-x32\...\RStudio) (Version: 0.98.507 - RStudio)Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) HiddenTeXworks 0.4.5 (HKLM-x32\...\{41DA4817-4D2A-4D83-AD02-6A2D95DC8DCB}_is1) (Version: - TeX Users Group)Update Installer for WildTangent Games App (x32 Version: - WildTangent) HiddenVLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)VMware View Client (HKLM\...\{78742412-BA9E-4E8B-A19D-2846EC794A37}) (Version: 5.1.0.704644 - VMware, Inc.)WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) HiddenWindows Driver Package - ASUS (ATP) Mouse (05/09/2013 1.0.0.173) (HKLM\...\1016059FBF327ED9E3BAE758BD08CF10D3C6252D) (Version: 05/09/2013 1.0.0.173 - ASUS)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Antoine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Antoine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Antoine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Antoine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 09-05-2015 16:52:53 Point de contrôle planifié13-05-2015 00:12:52 Windows Update16-05-2015 20:55:42 Windows Update23-05-2015 02:13:16 Windows Update24-05-2015 20:10:50 avast! antivirus system restore point27-05-2015 20:52:57 Removed Microsoft Office Professional Plus 2007 ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0AC7E37E-28F6-4286-AE62-7370B94C30F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-16] (Microsoft Corporation)Task: {27B9BEB3-55E3-445B-B864-4EF40EA81E98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)Task: {2FA0B2B2-56F7-4BC0-9AC8-231354A4EA68} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-06-28] (AsusTek)Task: {35CC6A02-6ADC-4068-8158-551393E32232} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)Task: {471B7B97-D830-40FD-84DD-D35833F90050} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()Task: {4E310778-80F3-468D-AA55-CB9D5830B664} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)Task: {7D42E932-9C60-4950-B34A-F8FDB95DE546} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)Task: {80676B68-C185-428D-92F8-50F0144FA11D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-11] (Google Inc.)Task: {84B91644-EA60-42B2-88A9-3EDEA4B28A79} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-24] (Avast Software s.r.o.)Task: {A7268C82-72A4-47DD-AF78-F05F2037014B} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)Task: {BCBE0646-483B-429D-BC50-C691EC1F14FD} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)Task: {C6FB77EA-0E4B-4B8F-8F12-DB0E4DC29062} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-11] (Google Inc.)Task: {DC1C244C-07C6-4460-B89B-618B729E8F51} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)Task: {DD98058B-8106-4E4D-AFF6-2AF910248F2F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)Task: {EE690212-6172-46A8-9ABF-7F5E0CF5D4EA} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)Task: {F52370AD-06EA-4B2D-A3FD-CC4387543694} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Antoine\SkyDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpgDNS Servers: Media is not connected to internet. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "RemoteControl10"HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\...\StartupApproved\Run: => "Power2GoExpress" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139FirewallRules: [uDP Query User{46500EF1-BEAC-4C98-B850-39280B321D0B}C:\users\antoine\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\antoine\appdata\roaming\dropbox\bin\dropbox.exeFirewallRules: [TCP Query User{8A09B75B-1A66-4E7E-B8F3-529FAA23A56D}C:\users\antoine\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\antoine\appdata\roaming\dropbox\bin\dropbox.exeFirewallRules: [{73C5CA26-A8B4-411C-B914-6834559CE2F4}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exeFirewallRules: [{FD39BC62-FA0B-4066-BD55-8BDD26EB0250}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exeFirewallRules: [{ABD77203-60FD-4525-A410-9C4D6CE9BD0D}] => (Allow) C:\Users\Antoine\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [{B160C1D8-EC60-438E-9362-848C82945D2B}] => (Allow) C:\Users\Antoine\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [{4257B3C8-3494-4002-9471-225A67E9CEFA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXEFirewallRules: [{3F67EC9D-93FF-4BFE-9570-B69E8C43C386}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exeFirewallRules: [{9CBDB688-1560-4EC3-B3C4-13B86FD1A88A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exeFirewallRules: [{99AB5382-1059-45AC-AAEB-E32736E99DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exeFirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exeFirewallRules: [{CFC146B7-C99F-4DCF-BC78-56FDFFDF2BFA}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exeFirewallRules: [{411968B2-CD8D-466C-A199-937E0B4AF663}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exeFirewallRules: [{B2952A6D-8CEC-4CE2-8950-0963BAFC13E5}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exeFirewallRules: [{AF1A004B-8D9B-4F06-88DC-CE61011C6FED}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exeFirewallRules: [{A3F3F6AF-BB32-43CA-AB6F-5065C5E414E9}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exeFirewallRules: [{0FB4D8E3-00BA-447E-BB61-4D86B7A04B02}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exeFirewallRules: [{55917FD7-D2E6-4935-814A-D9A09C18EC3B}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exeFirewallRules: [{BD21AFA3-E0E9-4D65-BE29-7DCACF2DB5DF}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exeFirewallRules: [TCP Query User{5DFA4162-A911-4679-A47A-85E31EEF3BCA}C:\program files\vmware\vmware view\client\bin\wswc.exe] => (Block) C:\program files\vmware\vmware view\client\bin\wswc.exeFirewallRules: [uDP Query User{9201E7F1-C1A6-4BF3-A0A3-F800A46FE012}C:\program files\vmware\vmware view\client\bin\wswc.exe] => (Block) C:\program files\vmware\vmware view\client\bin\wswc.exeFirewallRules: [TCP Query User{27DB5F47-2736-4AD7-9506-649A653B09A6}C:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe] => (Block) C:\program files\vmware\vmware view\client\bin\vmware-remotemks.exeFirewallRules: [uDP Query User{BFDF55CF-1AAB-45F0-ADC1-325CEE6F64DD}C:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe] => (Block) C:\program files\vmware\vmware view\client\bin\vmware-remotemks.exeFirewallRules: [TCP Query User{50A51688-747F-4B36-9034-358CFB73136E}C:\users\antoine\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\antoine\appdata\roaming\utorrent\utorrent.exeFirewallRules: [uDP Query User{6747DD59-171E-4154-9DC6-877837A73C93}C:\users\antoine\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\antoine\appdata\roaming\utorrent\utorrent.exeFirewallRules: [{932DCF1D-40E5-464D-945F-11A17B5A7CE1}] => (Allow) C:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exeFirewallRules: [{7B3085AA-B1E7-4FFC-B76D-0DA902F09481}] => (Allow) C:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exeFirewallRules: [TCP Query User{30EAAC8A-63E9-4B92-BB29-47C7AB595BEC}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exeFirewallRules: [uDP Query User{B11E2A71-5DBB-4390-B634-91F269F1C151}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exeFirewallRules: [TCP Query User{96DDAE4C-27D4-4A98-9260-E1596D205722}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exeFirewallRules: [uDP Query User{BE4670A3-A6AB-4E5A-873A-0B7D85676737}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exeFirewallRules: [TCP Query User{5D933F5B-F93D-4DFB-A1B9-F72EDA991EC3}C:\users\antoine\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\antoine\appdata\roaming\utorrent\utorrent.exeFirewallRules: [uDP Query User{C82DDEB9-D506-4625-9DBF-CE689F0CBEB5}C:\users\antoine\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\antoine\appdata\roaming\utorrent\utorrent.exeFirewallRules: [{FE90B6A5-3212-4E8A-9B5D-70C1031B7756}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{161AD62F-B3EA-428C-8FDD-CA6290607097}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exeFirewallRules: [{93450042-B1D7-4BAD-86FB-48B64A15280F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exeFirewallRules: [{F644E517-CA96-421C-BFA9-32C9D4119DEC}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (05/27/2015 09:16:20 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: Le programme SystemSettings.exe version 6.3.9600.17489 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1a40 Heure de début : 01d098b1889373bb Heure de fin : 4294967295 Chemin d’accès de l’application : C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe ID de rapport : d7edf103-04a4-11e5-bec0-d850e6017b9d Nom complet du package défaillant : windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : microsoft.windows.immersivecontrolpanel Error: (05/27/2015 09:16:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PC-ANTOINE)Description: Le package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel a été interrompu, car sa suspension a été trop longue. Error: (05/27/2015 08:34:44 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nom de l’application défaillante MsMpEng.exe, version : 4.7.205.0, horodatage : 0x54cb5aebNom du module défaillant : mpengine.dll, version : 1.1.10501.0, horodatage : 0x533a1237Code d’exception : 0xc0000005Décalage d’erreur : 0x00000000006100daID du processus défaillant : 0x11f8Heure de début de l’application défaillante : 0xMsMpEng.exe0Chemin d’accès de l’application défaillante : MsMpEng.exe1Chemin d’accès du module défaillant: MsMpEng.exe2ID de rapport : MsMpEng.exe3Nom complet du package défaillant : MsMpEng.exe4ID de l’application relative au package défaillant : MsMpEng.exe5 Error: (05/26/2015 11:24:44 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nom de l’application défaillante MsMpEng.exe, version : 4.7.205.0, horodatage : 0x54cb5aebNom du module défaillant : mpengine.dll, version : 1.1.10501.0, horodatage : 0x533a1237Code d’exception : 0xc0000005Décalage d’erreur : 0x00000000006100daID du processus défaillant : 0x770Heure de début de l’application défaillante : 0xMsMpEng.exe0Chemin d’accès de l’application défaillante : MsMpEng.exe1Chemin d’accès du module défaillant: MsMpEng.exe2ID de rapport : MsMpEng.exe3Nom complet du package défaillant : MsMpEng.exe4ID de l’application relative au package défaillant : MsMpEng.exe5 Error: (05/26/2015 10:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nom de l’application défaillante MsMpEng.exe, version : 4.7.205.0, horodatage : 0x54cb5aebNom du module défaillant : mpengine.dll, version : 1.1.10501.0, horodatage : 0x533a1237Code d’exception : 0xc0000005Décalage d’erreur : 0x00000000006100daID du processus défaillant : 0x57cHeure de début de l’application défaillante : 0xMsMpEng.exe0Chemin d’accès de l’application défaillante : MsMpEng.exe1Chemin d’accès du module défaillant: MsMpEng.exe2ID de rapport : MsMpEng.exe3Nom complet du package défaillant : MsMpEng.exe4ID de l’application relative au package défaillant : MsMpEng.exe5 Error: (05/26/2015 10:13:18 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nom de l’application défaillante MsMpEng.exe, version : 4.7.205.0, horodatage : 0x54cb5aebNom du module défaillant : mpengine.dll, version : 1.1.10501.0, horodatage : 0x533a1237Code d’exception : 0xc0000005Décalage d’erreur : 0x00000000006100daID du processus défaillant : 0xbd8Heure de début de l’application défaillante : 0xMsMpEng.exe0Chemin d’accès de l’application défaillante : MsMpEng.exe1Chemin d’accès du module défaillant: MsMpEng.exe2ID de rapport : MsMpEng.exe3Nom complet du package défaillant : MsMpEng.exe4ID de l’application relative au package défaillant : MsMpEng.exe5 Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )Description: Impossible d’initialiser l’index. Détails :L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant. (HRESULT : 0x80040d06) (0x80040d06) Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )Description: Impossible d’initialiser l’application. Contexte : Application Windows Détails :L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant. (HRESULT : 0x80040d06) (0x80040d06) Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )Description: Impossible d’initialiser l’objet rassembleur. Contexte : Application Windows, Catalogue SystemIndex Détails :L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant. (HRESULT : 0x80040d06) (0x80040d06) Error: (05/26/2015 10:01:26 PM) (Source: Windows Search Service) (EventID: 3029) (User: )Description: Impossible d’initialiser le plug-in dans <Search.TripoliIndexer>. Contexte : Application Windows, Catalogue SystemIndex Détails :L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant. (HRESULT : 0x80040d06) (0x80040d06) System errors:=============Error: (05/27/2015 10:19:47 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC} Error: (05/27/2015 10:19:41 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC} Error: (05/27/2015 10:19:35 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (05/27/2015 10:19:35 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (05/27/2015 10:19:31 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)Description: 1084WSearchNon disponible{9E175B68-F52A-11D8-B9A5-505054503030} Error: (05/27/2015 10:19:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows dépend du service Client DHCP qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error: (05/27/2015 10:19:28 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC} Error: (05/27/2015 10:19:27 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)Description: 1068netprofmNon disponible{A47979D2-C419-11D9-A5B4-001185AD2B89} Error: (05/27/2015 10:19:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error: (05/27/2015 10:19:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )Description: Le service Connaissance des emplacements réseau dépend du service Client DHCP qui n’a pas pu démarrer en raison de l’erreur : %%1068 Microsoft Office:=========================Error: (05/27/2015 09:16:20 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: SystemSettings.exe6.3.9600.174891a4001d098b1889373bb4294967295C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exed7edf103-04a4-11e5-bec0-d850e6017b9dwindows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel Error: (05/27/2015 09:16:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PC-ANTOINE)Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel Error: (05/27/2015 08:34:44 PM) (Source: Application Error) (EventID: 1000) (User: )Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10501.0533a1237c000000500000000006100da11f801d097fa88ef6789C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D1AE4CF-9870-4B0C-A5E2-DDF3FFD1EAF0}\mpengine.dll0b0e2251-049f-11e5-bebf-d850e6017b9d Error: (05/26/2015 11:24:44 PM) (Source: Application Error) (EventID: 1000) (User: )Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10501.0533a1237c000000500000000006100da77001d097fa3d91a6aeC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D1AE4CF-9870-4B0C-A5E2-DDF3FFD1EAF0}\mpengine.dlla067a799-03ed-11e5-bebf-d850e6017b9d Error: (05/26/2015 10:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10501.0533a1237c000000500000000006100da57c01d097f08fc4a2e2C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D1AE4CF-9870-4B0C-A5E2-DDF3FFD1EAF0}\mpengine.dll4021ced2-03e5-11e5-bebe-d850e6017b9d Error: (05/26/2015 10:13:18 PM) (Source: Application Error) (EventID: 1000) (User: )Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10501.0533a1237c000000500000000006100dabd801d097eed2dfa5f1C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D1AE4CF-9870-4B0C-A5E2-DDF3FFD1EAF0}\mpengine.dlla5842474-03e3-11e5-bebe-d850e6017b9d Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )Description: Détails :L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant. (HRESULT : 0x80040d06) (0x80040d06) Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )Description: Contexte : Application Windows Détails :L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant. (HRESULT : 0x80040d06) (0x80040d06) Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )Description: Contexte : Application Windows, Catalogue SystemIndex Détails :L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant. (HRESULT : 0x80040d06) (0x80040d06) Error: (05/26/2015 10:01:26 PM) (Source: Windows Search Service) (EventID: 3029) (User: )Description: Contexte : Application Windows, Catalogue SystemIndex Détails :L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant. (HRESULT : 0x80040d06) (0x80040d06)Search.TripoliIndexer ==================== Memory info =========================== Processor: Intel® Core i5-3337U CPU @ 1.80GHzPercentage of memory in use: 23%Total physical RAM: 3981.74 MBAvailable physical RAM: 3042.74 MBTotal Pagefile: 8077.74 MBAvailable Pagefile: 7217 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.8 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:125.73 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive d: (DATA) (Fixed) (Total:258.34 GB) (Free:257.9 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 465.8 GB) (Disk ID: 568814A2) Partition: GPT Partition Type. ==================== End of log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.