Jump to content

I can't run Anti-Malaware Premium. Won't open


Recommended Posts

I have been infected with a virus in my emails.  I was surprised since I purchased Malware Premium for a year.

 

When I tried opening it, it just won't open.  I have done a scan with Fatbar recovery yool scan.  Please get back to me on how to solve this issue since I have a great faith in your product since I bought it.

 

I m sending you in attach files the scan documents 

 

Here 's the FRST.TXT:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2014
Ran by Marc (administrator) on TOSHIBA on 19-07-2014 17:13:46
Running from C:\Users\Marc\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: Français (France)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Druide informatique inc.) C:\Program Files (x86)\Druide\Antidote\Gestionnaire Antidote.exe
(Dropbox, Inc.) C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxdncoms.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
(Xobni Corporation) C:\Program Files (x86)\Xobni\XobniService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Windows\System32\spool\drivers\x64\3\spe__pi.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\MemfilesService.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\x64\Win64ShellLink.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [MSC] => "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey  <===== ATTENTION (File name is altered)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2014-02-07] (LogMeIn, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2567192 2014-06-02] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect" 
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-4244560022-1177906643-3955724433-1000\...\Run: [Google Update . d'<*>] => "C:\Users\Marc\AppData\Local\Google\Desktop\Install\{6edb75e1-cd93-8371-45f8-85eacfbd3844}\d'x"Ù"\", (the data entry has 71 more characters). <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-4244560022-1177906643-3955724433-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
HKU\S-1-5-21-4244560022-1177906643-3955724433-1000\...\Run: [Gestionnaire Antidote.exe] => C:\Program Files (x86)\Druide\Antidote\Gestionnaire Antidote.exe [536576 2008-06-03] (Druide informatique inc.)
HKU\S-1-5-21-4244560022-1177906643-3955724433-1000\...\Run: [Google Update] => "C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe" /c 
HKU\S-1-5-21-4244560022-1177906643-3955724433-1000\...409d6c4515e9\InprocServer32: [Default-shell32]  <==== ATTENTION!
HKU\S-1-5-21-4244560022-1177906643-3955724433-1004\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk /p \??\C:autocheck autochk *  BootDefrag.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282495&CUI=UN26273609812913222
SearchScopes: HKLM-x32 - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {14213155-220C-46C3-8A06-48B242BEF698} URL = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6PQJryTjH7&i=26
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://searchab.com/?aff=7&uid=a18a1707-3d89-11e2-b34f-00266caff642&q={searchTerms}
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKCU - No Name - {167D9323-F7CC-48F5-948A-6F012831A69F} -  No File
Toolbar: HKCU - No Name - {EF79F67A-6AD7-4715-A0F8-932FCA442023} -  No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\system32\urlmon.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 02 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\2tumnpdg.default
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Marc\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marc\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marc\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF user.js: detected! => C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\2tumnpdg.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\2tumnpdg.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\2tumnpdg.default\searchplugins\Searchab.xml
FF Extension: No Name - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\2tumnpdg.default\Extensions\staged [2014-06-05]
FF Extension: WhiteSmoke Bar Community Toolbar - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\2tumnpdg.default\Extensions\{167d9323-f7cc-48f5-948a-6f012831a69f} [2011-10-24]
FF Extension: Protected  - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\2tumnpdg.default\Extensions\{718a8f94-1727-4e71-8ab9-071073d92d89} [2013-07-13]
FF Extension: NCH_EN  - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\2tumnpdg.default\Extensions\{a87cb3e3-4db9-439d-b96b-576f5ae8459d} [2013-02-06]
FF Extension: BittorrentBar_FR Community Toolbar - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\2tumnpdg.default\Extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023} [2012-01-24]
FF Extension: Anti-bannière - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-09-10]
FF Extension: Analyse des liens (URL Advisor) - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-09-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-04-19]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-27]
 
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Antidote RX v7 (HKLM-x32\...\{A474EA56-5DBD-4181-8230-806A4762EA7F}) (Version: 6.7.7000 - Druide informatique inc.)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.7.598 - AVG Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{B025BA0B-64A6-46DE-9D64-32965C83CCA9}) (Version: 1.0.179 - Citrix)
Common Desktop Agent (Version: 1.53.0 - OEM) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.61 - Conexant)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.24 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Express Accounts (HKLM-x32\...\ExpressAccounts) (Version:  - NCH Software)
Express Invoice (HKLM-x32\...\ExpressInvoice) (Version:  - NCH Software)
Glary Utilities 4.10 (HKLM-x32\...\Glary Utilities 4) (Version: 4.10.0.100 - Glarysoft Ltd)
Google Apps Migration For Microsoft Outlook® 2.3.14.36 (HKLM-x32\...\{C46F4ED2-0337-4267-97A1-89735C781E0D}) (Version: 2.3.14.36 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.5.370.990 (HKLM-x32\...\{2E92FFC5-4082-40BF-9CA7-0E5D16C811CE}) (Version: 3.5.370.990 - Google, Inc.)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GoToMeeting 6.3.0.1468 (HKCU\...\GoToMeeting) (Version: 6.3.0.1468 - CitrixOnline)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.216 - SurfRight B.V.)
Inno Setup version 5.5.4 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.4 - jrsoftware.org)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
Invoice Expert 4.15.06 (HKLM-x32\...\Invoice Expert) (Version: 4.15.06 - Invoice Expert)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden
Java 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle)
K-Lite Codec Pack 10.2.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
LogMeIn (HKLM-x32\...\{7FEA5E41-0106-451E-BC88-71B9CD3B0F41}) (Version: 4.1.4380 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile FRA Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended FRA Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040C-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40825 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA (Version: 10.0.40820 - Microsoft Corporation) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
Module linguistique Microsoft .NET Framework 4 Client Profile FRA (HKLM\...\Microsoft .NET Framework 4 Client Profile FRA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Module linguistique Microsoft .NET Framework 4 Extended FRA (HKLM\...\Microsoft .NET Framework 4 Extended FRA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.40820 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.01.12140 - Sony Corporation)
qBittorrent 3.1.9.2 (HKLM-x32\...\qbittorrent) (Version: 3.1.9.2 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung CLX-9250 9350 Series (HKLM-x32\...\Samsung CLX-9250 9350 Series) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\{80078570-6C67-486C-8CF0-B0D778FC69B5}) (Version: 1.4.33.0 - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.14.00 - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.03.00 - Samsung Electronics Co., Ltd.)
Scan and Fax Manager 2 (HKLM-x32\...\{625C30DB-6E1D-4BFE-BB58-29AEC93CC7F7}) (Version: 0.00.0013 - Samsung)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 5.8 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.8.158 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
TOSHIBA ConfigFree (HKLM-x32\...\{607BE7BF-7C28-4ADB-A4A0-385962B901C3}) (Version: 8.0.28 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.10.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.2.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA eco Utility (x32 Version: 1.2.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.06 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.5.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.10 - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.6.06.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.03 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
Update for 2007 Microsoft Office System (KB2284654) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office Outlook 2007 (KB2412171) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{752A0B7C-BD24-4362-AC86-AB63FEE6F46F}) (Version:  - Microsoft)
Update for Outlook 2007 Junk Email Filter (KB2508979) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D2137BBA-250B-4548-BC1C-19E5009893D7}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.51 - NCH Software)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
Xobni (HKLM-x32\...\XobniMain) (Version: 2.0.2.13510 - Xobni Corp.)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
 
==================== Restore Points  =========================
 
19-07-2014 16:37:56 Point de contrôle planifié
 
 
 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {06F4037C-1F6D-40D8-BF85-59CDBF642690} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-02-22] (TOSHIBA CORPORATION)
Task: {0A3D3514-6508-4627-A959-DF48781CA4DC} - System32\Tasks\AVG-Secure-Search-Update_0414c_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe [2014-04-20] ()
Task: {3F6565D4-A5E8-4806-9B58-11DBE3F1365C} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {43535D78-8541-47AC-A857-53D990A9B2BB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4244560022-1177906643-3955724433-1000Core => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {49DB41DE-31E7-4142-A0E2-1E2615B39CBC} - System32\Tasks\AVG-Secure-Search-Update_0414c_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe [2014-04-20] ()
Task: {540A3614-7321-4387-ACEC-05BFB2DDA1E9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4244560022-1177906643-3955724433-1000Core => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {561ADFF6-04E7-4417-A63A-23E1D289A97C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4244560022-1177906643-3955724433-1000UA => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {5DA2EF43-A706-4AC7-8946-CC0E6FB2C741} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {5DAA5928-F0D2-4FF1-9272-04282E1A9BD2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4244560022-1177906643-3955724433-1000UA => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {75EAEB48-AB95-4782-BF87-4F84F600EC64} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {8E8703CD-FBA5-47B1-8121-673E172375DD} - System32\Tasks\G2MUpdateTask-S-1-5-21-4244560022-1177906643-3955724433-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\1468\g2mupdate.exe [2014-07-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {9DDE0994-6B15-4324-970A-F50ACAE420A7} - System32\Tasks\{9E38CCD6-2E93-40C7-B13B-2CA1BC429DA7} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2014-05-12] (Malwarebytes Corporation)
Task: {A0DD35F2-56F1-409C-9B3F-D20336B1C282} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {DEC6D66F-87D5-47EB-91D5-7A77B668CC0E} - System32\Tasks\GlaryInitialize 4 => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe [2014-04-14] (Glarysoft Ltd)
Task: {EAB4B8F2-77BA-49A7-8DDA-3D0D27FC9A8F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FB1C14F4-FE4C-4E7E-82EA-849D19D91E05} - System32\Tasks\{08264498-78CE-46D3-B192-1D25826AD16F} => Iexplore.exe http://ui.skype.com/ui/0/5.3.0.120.373/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:offered-installed;madedefault
Task: {FBBB2793-FABA-44BA-80A6-4F243223BBA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: C:\windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4244560022-1177906643-3955724433-1000Core.job => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4244560022-1177906643-3955724433-1000UA.job => C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-4244560022-1177906643-3955724433-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\1468\g2mupdate.exe
Task: C:\windows\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4244560022-1177906643-3955724433-1000Core.job => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4244560022-1177906643-3955724433-1000UA.job => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-27 12:12 - 2011-04-11 01:26 - 00034304 _____ () C:\windows\System32\spe__l.dll
2012-05-15 14:34 - 2011-04-11 01:26 - 00034304 _____ () C:\windows\System32\ssc1clm.dll
2012-04-14 17:40 - 2009-08-13 12:06 - 00177152 _____ () C:\windows\system32\spool\PRTPROCS\x64\lxdndrpp.dll
2012-05-15 14:34 - 2011-05-13 05:45 - 01033728 _____ () C:\windows\system32\spool\DRIVERS\x64\3\ssc1cdu.dll
2011-04-01 03:33 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-04-20 12:05 - 2014-04-20 12:05 - 02725912 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0414c.exe
2014-01-02 21:18 - 2014-06-02 23:14 - 02567192 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2014-06-02 23:14 - 2014-06-02 23:14 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
2013-08-27 12:12 - 2013-02-14 00:00 - 00295984 _____ () C:\Windows\System32\spool\drivers\x64\3\spe__pi.exe
2014-07-18 16:10 - 2014-07-18 16:10 - 00043008 _____ () c:\users\marc\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6dh5rs.dll
2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\Marc\AppData\Roaming\Dropbox\bin\libcef.dll
2014-06-02 23:14 - 2014-06-02 23:14 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll
2014-04-14 04:05 - 2014-04-14 04:05 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 4\zlib1.dll
2014-05-23 16:09 - 2014-05-13 19:40 - 00716616 _____ () C:\Users\Marc\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 16:09 - 2014-05-13 19:40 - 00126280 _____ () C:\Users\Marc\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 16:09 - 2014-05-13 19:40 - 04217672 _____ () C:\Users\Marc\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 16:09 - 2014-05-13 19:40 - 00414536 _____ () C:\Users\Marc\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 16:09 - 2014-05-13 19:40 - 01732424 _____ () C:\Users\Marc\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2011-06-16 16:54 - 2011-06-16 16:54 - 00010016 _____ () C:\Program Files (x86)\Apple Software Update\SoftwareUpdateFiles.Resources\fr.lproj\SoftwareUpdateFilesLocalized.dll
2011-06-16 16:54 - 2011-06-16 16:54 - 00031520 _____ () C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.Resources\fr.lproj\SoftwareUpdateLocalized.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\startupfolder: C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^qhaj69n.lnk => C:\windows\pss\qhaj69n.lnk.Startup
MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APISupport => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Marc\AppData\Local\Conduit\APISupport\APISupport.dll",DLLRunAPISupport
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: BackgroundContainer => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Marc\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: CommonToolkitTray => C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Gestionnaire Antidote.exe => C:\Program Files (x86)\Druide\Antidote\Gestionnaire Antidote.exe
MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: sfagent => C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosVolRegulator => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/19/2014 05:09:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante mbam.exe, version : 1.0.0.532, horodatage : 0x53518532
Nom du module défaillant : MSVCR100.dll, version : 10.0.40219.325, horodatage : 0x4df2be1e
Code d’exception : 0x40000015
Décalage d’erreur : 0x0008d6fd
ID du processus défaillant : 0x17a4
Heure de début de l’application défaillante : 0xmbam.exe0
Chemin d’accès de l’application défaillante : mbam.exe1
Chemin d’accès du module défaillant: mbam.exe2
ID de rapport : mbam.exe3
 
Error: (07/19/2014 00:59:40 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (07/19/2014 11:48:14 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (07/18/2014 09:02:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante mbam.exe, version : 1.0.0.532, horodatage : 0x53518532
Nom du module défaillant : MSVCR100.dll, version : 10.0.40219.325, horodatage : 0x4df2be1e
Code d’exception : 0x40000015
Décalage d’erreur : 0x0008d6fd
ID du processus défaillant : 0x13ec
Heure de début de l’application défaillante : 0xmbam.exe0
Chemin d’accès de l’application défaillante : mbam.exe1
Chemin d’accès du module défaillant: mbam.exe2
ID de rapport : mbam.exe3
 
Error: (07/18/2014 09:02:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante mbam.exe, version : 1.0.0.532, horodatage : 0x53518532
Nom du module défaillant : MSVCR100.dll, version : 10.0.40219.325, horodatage : 0x4df2be1e
Code d’exception : 0x40000015
Décalage d’erreur : 0x0008d6fd
ID du processus défaillant : 0xac
Heure de début de l’application défaillante : 0xmbam.exe0
Chemin d’accès de l’application défaillante : mbam.exe1
Chemin d’accès du module défaillant: mbam.exe2
ID de rapport : mbam.exe3
 
Error: (07/18/2014 09:00:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante mbam.exe, version : 1.0.0.532, horodatage : 0x53518532
Nom du module défaillant : MSVCR100.dll, version : 10.0.40219.325, horodatage : 0x4df2be1e
Code d’exception : 0x40000015
Décalage d’erreur : 0x0008d6fd
ID du processus défaillant : 0x11cc
Heure de début de l’application défaillante : 0xmbam.exe0
Chemin d’accès de l’application défaillante : mbam.exe1
Chemin d’accès du module défaillant: mbam.exe2
ID de rapport : mbam.exe3
 
Error: (07/18/2014 08:59:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante mbam.exe, version : 1.0.0.532, horodatage : 0x53518532
Nom du module défaillant : MSVCR100.dll, version : 10.0.40219.325, horodatage : 0x4df2be1e
Code d’exception : 0x40000015
Décalage d’erreur : 0x0008d6fd
ID du processus défaillant : 0xd50
Heure de début de l’application défaillante : 0xmbam.exe0
Chemin d’accès de l’application défaillante : mbam.exe1
Chemin d’accès du module défaillant: mbam.exe2
ID de rapport : mbam.exe3
 
Error: (07/18/2014 08:58:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante mbam.exe, version : 1.0.0.532, horodatage : 0x53518532
Nom du module défaillant : MSVCR100.dll, version : 10.0.40219.325, horodatage : 0x4df2be1e
Code d’exception : 0x40000015
Décalage d’erreur : 0x0008d6fd
ID du processus défaillant : 0x12f4
Heure de début de l’application défaillante : 0xmbam.exe0
Chemin d’accès de l’application défaillante : mbam.exe1
Chemin d’accès du module défaillant: mbam.exe2
ID de rapport : mbam.exe3
 
Error: (07/18/2014 08:28:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante mbam.exe, version : 1.0.0.532, horodatage : 0x53518532
Nom du module défaillant : MSVCR100.dll, version : 10.0.40219.325, horodatage : 0x4df2be1e
Code d’exception : 0x40000015
Décalage d’erreur : 0x0008d6fd
ID du processus défaillant : 0xef8
Heure de début de l’application défaillante : 0xmbam.exe0
Chemin d’accès de l’application défaillante : mbam.exe1
Chemin d’accès du module défaillant: mbam.exe2
ID de rapport : mbam.exe3
 
Error: (07/18/2014 08:27:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante mbam.exe, version : 1.0.0.532, horodatage : 0x53518532
Nom du module défaillant : MSVCR100.dll, version : 10.0.40219.325, horodatage : 0x4df2be1e
Code d’exception : 0x40000015
Décalage d’erreur : 0x0008d6fd
ID du processus défaillant : 0xccc
Heure de début de l’application défaillante : 0xmbam.exe0
Chemin d’accès de l’application défaillante : mbam.exe1
Chemin d’accès du module défaillant: mbam.exe2
ID de rapport : mbam.exe3
 
 
System errors:
=============
Error: (07/19/2014 10:48:08 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Les clichés instantanés du volume C: ont été annulés car le stockage du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur.
 
Error: (07/18/2014 07:40:22 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORITE NT60 a rencontré une erreur lors de la tentative de mise à jour des signatures.
 
Nouvelle version des signatures : 
 
Version précédente des signatures : 0.0.0.0
 
Source de la mise à jour : %AUTORITE NT51
 
Étape de la mise à jour : 4.5.0216.00
 
Chemin d'accès source : 4.5.0216.01
 
Type de signature : %AUTORITE NT602
 
Type de la mise à jour : %AUTORITE NT604
 
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
 
Version actuelle du moteur : %AUTORITE NT605
 
Version précédente du moteur : %AUTORITE NT606
 
Code d'erreur : %AUTORITE NT607
 
Description de l'erreur : %AUTORITE NT608
 
Error: (07/18/2014 07:40:19 PM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )
Description: %AUTORITE NT60 a rencontré une erreur lors de la tentative de mise à jour du moteur.
 
Nouvelle version du moteur : 
 
Version précédente du moteur : 
 
Type de moteur : %AUTORITE NT604
 
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
 
Code d'erreur : %AUTORITE NT601
 
Description de l'erreur : %AUTORITE NT602
 
Error: (07/18/2014 07:40:19 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORITE NT60 a rencontré une erreur lors de la tentative de mise à jour des signatures.
 
Nouvelle version des signatures : 
 
Version précédente des signatures : 
 
Source de la mise à jour : %AUTORITE NT15
 
Étape de la mise à jour : 4.5.0216.00
 
Chemin d'accès source : 4.5.0216.01
 
Type de signature : %AUTORITE NT602
 
Type de la mise à jour : %AUTORITE NT604
 
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
 
Version actuelle du moteur : %AUTORITE NT605
 
Version précédente du moteur : %AUTORITE NT606
 
Code d'erreur : %AUTORITE NT607
 
Description de l'erreur : %AUTORITE NT608
 
Error: (07/18/2014 07:39:55 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %AUTORITE NT60 a rencontré une erreur lors de la tentative de mise à jour des signatures.
 
Nouvelle version des signatures : 
 
Version précédente des signatures : 1.179.336.0
 
Source de la mise à jour : %AUTORITE NT59
 
Étape de la mise à jour : 4.5.0216.00
 
Chemin d'accès source : 4.5.0216.01
 
Type de signature : %AUTORITE NT602
 
Type de la mise à jour : %AUTORITE NT604
 
Utilisateur : AUTORITE NT\Système
 
Version actuelle du moteur : %AUTORITE NT605
 
Version précédente du moteur : %AUTORITE NT606
 
Code d'erreur : %AUTORITE NT607
 
Description de l'erreur : %AUTORITE NT608
 
Error: (07/18/2014 04:12:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Google Update (gupdate) n’a pas pu démarrer en raison de l’erreur : 
%%2
 
Error: (07/18/2014 04:10:29 PM) (Source: WMPNetworkSvc) (EventID: 14346) (User: )
Description: 0x80070005
 
Error: (07/18/2014 04:10:29 PM) (Source: WMPNetworkSvc) (EventID: 14346) (User: )
Description: 0x80070005
 
Error: (07/18/2014 04:10:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service MBAMService s’est terminé de façon inattendue pour la 1ème fois.
 
Error: (07/18/2014 04:10:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: spécifiques à l’applicationLocalExécution{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORITE NTSystèmeS-1-5-18LocalHost (utilisation de LRPC)
 
 
Microsoft Office Sessions:
=========================
Error: (05/28/2014 11:47:34 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (05/26/2014 00:00:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 30 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (03/06/2014 04:28:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (02/13/2014 03:07:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 30 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (12/15/2013 08:51:46 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 78 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (12/07/2013 07:10:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 59 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (12/05/2013 07:52:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 52 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (12/03/2013 00:48:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (11/24/2013 08:40:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 15 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (08/28/2013 01:51:34 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-05-09 17:38:40.378
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
  Date: 2013-05-09 17:38:40.378
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
  Date: 2013-05-09 17:38:40.362
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
  Date: 2013-05-09 17:38:40.268
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
  Date: 2013-05-09 17:38:40.253
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
  Date: 2013-05-09 17:38:40.253
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
  Date: 2013-05-01 18:31:58.500
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
  Date: 2013-05-01 18:31:58.500
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
  Date: 2013-05-01 18:31:58.485
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
  Date: 2013-05-01 18:31:58.453
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 66%
Total physical RAM: 3893.86 MB
Available physical RAM: 1296.43 MB
Total Pagefile: 7785.87 MB
Available Pagefile: 5059.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: (S3A8583D005) (Fixed) (Total:432.81 GB) (Free:92.97 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: FD726444)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=433 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=17)
Partition 4: (Not Active) - (Size=11 GB) - (Type=17)
 
==================== End Of Log ============================
 

 

Link to post
Share on other sites

Hello and Welcome to Malwarebytes

The computer shows signs of being infected with the Zero Access rootkit.

 

One or more of the identified infections is related to a nasty rootkit component which is difficult to remove. Rootkits and backdoor Trojans are very dangerous because they use advanced techniques (backdoors) as a means of accessing a computer system that bypasses security mechanisms and steal sensitive information which they send back to the hacker. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Remote attackers use backdoor Trojans and rootkits as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge.

If your computer was used for online banking, has credit card information or other sensitive data on it, you should immediately disconnect from the Internet until your system is cleaned. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums from a CLEAN COMPUTER. You should consider them to be compromised. You should change each password by using a different computer and not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Although the rootkit has been identified and may be removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume that because this malware has been removed the computer is now secure. In some instances an infection may have caused so much damage to your system that it cannot be completely cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, delete the partition, reformat and reinstall the OS.

Please read:

Should you decide not to follow this advice, we will do our best to help clean the computer of any infections but we cannot guarantee it to be trustworthy or that the removal will be successful. If you wish to proceed, disinfection will require more time and more advanced tools.

If you would like to proceed to try and clean the computer please follow the advice from the link below.

 

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

Message borrowed from quietman7 with minor wording and link changes

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.