Jump to content

Virus: kernel data input error


Recommended Posts

Hello,

 

i have a virus in my computer: When i surf on the internet, there is an error message of my antivirus avast. Moreover very often the computer stops, and there is a blue screen with the message KERNEL_DATA_INPUT error. What should i do? I ran a malware bytes scan and a farbar scan. I send you the two text files with the farbar scan.

Kind regards

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015
Ran by Antoine (administrator) on PC-ANTOINE on 27-05-2015 22:17:36
Running from C:\Users\Antoine\Downloads
Loaded Profiles: Antoine (Available Profiles: Antoine)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Safe Mode (minimal)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-24] (Avast Software s.r.o.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File not found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File not found
Startup: C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-01-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-24] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-24] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-24] (Avast Software s.r.o.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\cvy9pq34.default
FF SearchEngineOrder.1: Mysearchdial
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\cvy9pq34.default\user.js [2015-05-27]
FF Extension: Adblock Plus - C:\Users\Antoine\AppData\Roaming\Mozilla\Firefox\Profiles\cvy9pq34.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-11]
CHR Extension: (Google Drive) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-11]
CHR Extension: (YouTube) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-11]
CHR Extension: (Google Search) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-11]
CHR Extension: (Bookmark Manager) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-26]
CHR Extension: (Avast Online Security) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-11]
CHR Extension: (Gmail) - C:\Users\Antoine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-24]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-24] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 vmware-view-usbd; C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe [2370560 2012-05-02] (VMware, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-24] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-24] (Avast Software s.r.o.)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-24] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-24] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-24] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-24] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-24] (Avast Software s.r.o.)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-24] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-06-28] (ASUS Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-27 22:17 - 2015-05-27 22:19 - 00015973 _____ () C:\Users\Antoine\Downloads\FRST.txt
2015-05-27 22:17 - 2015-05-27 22:17 - 00000000 ____D () C:\FRST
2015-05-27 21:17 - 2015-05-27 21:17 - 00001830 _____ () C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2015-05-27 21:10 - 2015-05-27 21:10 - 00284424 _____ () C:\WINDOWS\Minidump\052715-56828-01.dmp
2015-05-27 20:58 - 2015-05-27 20:58 - 02108928 _____ (Farbar) C:\Users\Antoine\Downloads\FRST64.exe
2015-05-27 20:44 - 2015-05-27 21:25 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-27 20:44 - 2015-05-27 20:44 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-27 20:44 - 2015-05-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-27 20:43 - 2015-05-27 20:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-27 20:43 - 2015-05-27 20:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-27 20:43 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-05-27 20:43 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-27 20:43 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-27 20:39 - 2015-05-27 20:40 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Antoine\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-26 23:22 - 2015-05-27 21:09 - 00000708 _____ () C:\WINDOWS\PFRO.log
2015-05-26 23:22 - 2015-05-26 23:23 - 00284480 _____ () C:\WINDOWS\Minidump\052615-32234-01.dmp
2015-05-26 22:43 - 2015-05-26 22:43 - 00000000 ____D () C:\Users\Antoine\Documents\cours
2015-05-26 21:59 - 2015-05-27 21:10 - 00000231 _____ () C:\WINDOWS\setupact.log
2015-05-26 21:59 - 2015-05-26 21:59 - 00284480 _____ () C:\WINDOWS\Minidump\052615-42890-01.dmp
2015-05-26 21:59 - 2015-05-26 21:59 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-05-26 21:58 - 2015-05-27 21:10 - 588692508 _____ () C:\WINDOWS\MEMORY.DMP
2015-05-26 21:47 - 2015-05-26 21:47 - 00000103 ____H () C:\Users\Antoine\Desktop\.~lock.IMS Health.odt#
2015-05-25 23:12 - 2015-05-25 23:12 - 00000000 ____D () C:\ProgramData\1898640059318790545
2015-05-25 23:12 - 2015-05-25 23:12 - 00000000 ____D () C:\Program Files (x86)\PriiceeMinus
2015-05-25 23:10 - 2015-05-27 20:50 - 00000000 ____D () C:\ProgramData\{7a07efb7-d318-d744-7a07-7efb7d31bedf}
2015-05-24 20:13 - 2015-05-24 20:13 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-05-24 20:13 - 2015-05-24 20:13 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-05-21 00:22 - 2015-05-21 00:23 - 00000197 _____ () C:\WINDOWS\system32\2015-05-20-22-22-59.039-AvastVBoxSVC.exe-2632.log
2015-05-21 00:17 - 2015-05-21 00:17 - 00000197 _____ () C:\WINDOWS\system32\2015-05-20-22-17-14.077-AvastVBoxSVC.exe-2832.log
2015-05-16 21:22 - 2015-05-16 21:23 - 00000197 _____ () C:\WINDOWS\system32\2015-05-16-19-22-48.060-AvastVBoxSVC.exe-2640.log
2015-05-14 18:16 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-14 18:16 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-14 18:16 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-14 18:16 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-14 18:16 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-14 18:16 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-14 18:16 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-14 18:16 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-14 18:16 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-14 18:16 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-14 18:16 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-14 18:16 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-14 18:16 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-14 18:16 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-14 18:16 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-14 18:16 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-14 18:16 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-14 18:16 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-14 18:16 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-14 18:16 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-14 18:16 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-14 18:16 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-14 18:16 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-14 18:16 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-14 18:15 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-14 18:15 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-14 18:15 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-14 18:15 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-14 18:15 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 00:35 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 00:35 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 21:03 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-12 21:03 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-12 21:03 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-12 21:03 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 21:02 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-12 21:02 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-12 21:02 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-12 21:02 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-12 21:02 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-12 21:02 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-12 21:02 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-12 21:02 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-12 21:02 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-12 21:02 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-12 21:02 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-12 21:02 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-12 21:02 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-12 21:01 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-12 21:01 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-12 21:01 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-12 21:01 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-12 21:01 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-12 21:01 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-12 21:01 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-12 21:01 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-12 21:01 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-12 21:01 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-12 21:01 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-12 21:01 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-12 21:01 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-12 21:01 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-12 21:01 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-12 21:01 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-12 21:01 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 21:01 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-12 21:01 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-12 21:01 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-12 21:01 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-12 21:01 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-12 21:01 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-12 21:01 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-12 21:01 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-12 21:01 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-12 21:01 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-12 21:01 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-12 21:01 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-12 21:01 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-12 21:01 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-12 21:01 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-12 21:01 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-11 00:17 - 2015-05-11 00:18 - 00000197 _____ () C:\WINDOWS\system32\2015-05-10-22-17-08.081-AvastVBoxSVC.exe-2580.log
2015-05-09 23:11 - 2015-05-09 23:11 - 00000197 _____ () C:\WINDOWS\system32\2015-05-09-21-11-07.026-AvastVBoxSVC.exe-2544.log
2015-05-01 14:27 - 2015-05-13 00:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-01 14:26 - 2015-05-16 21:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-01 14:26 - 2015-05-16 21:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-27 21:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-27 21:18 - 2015-03-02 23:24 - 01778968 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-27 21:18 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-27 21:14 - 2014-01-10 20:31 - 00000000 ___RD () C:\Users\Antoine\Dropbox
2015-05-27 21:14 - 2014-01-10 20:27 - 00000000 ____D () C:\Users\Antoine\AppData\Roaming\Dropbox
2015-05-27 21:12 - 2014-02-03 15:29 - 00000000 __RDO () C:\Users\Antoine\SkyDrive
2015-05-27 21:12 - 2014-01-11 01:37 - 00000074 _____ () C:\Users\Antoine\AppData\Roaming\sp_data.sys
2015-05-27 21:11 - 2014-01-22 20:04 - 00000000 ____D () C:\Users\Antoine
2015-05-27 21:11 - 2014-01-11 02:32 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-27 21:10 - 2014-12-19 15:53 - 00000000 ____D () C:\WINDOWS\Minidump
2015-05-27 21:10 - 2013-08-22 16:44 - 00544824 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-27 21:07 - 2014-01-10 20:12 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2040339073-2083693996-3833942027-1001
2015-05-27 21:06 - 2015-03-05 19:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-27 21:04 - 2013-11-14 09:16 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-05-27 21:04 - 2013-04-26 01:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-27 21:02 - 2014-01-22 19:51 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-05-27 21:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-27 20:58 - 2012-07-26 07:26 - 00000108 _____ () C:\WINDOWS\win.ini
2015-05-27 20:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-27 20:44 - 2014-03-10 12:28 - 00000000 ____D () C:\Users\Antoine\AppData\Roaming\uTorrent
2015-05-27 20:41 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-26 22:29 - 2014-01-11 02:43 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-26 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-26 21:05 - 2014-01-23 19:52 - 00003952 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{82B58CEB-4CC1-447C-B107-D26083ADCF94}
2015-05-24 20:14 - 2014-01-11 02:34 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-05-24 20:13 - 2014-05-30 01:15 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-05-24 20:13 - 2014-01-11 02:32 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-05-24 20:13 - 2014-01-11 02:32 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-05-24 20:13 - 2014-01-11 02:32 - 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-05-24 20:13 - 2014-01-11 02:32 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-05-24 20:13 - 2014-01-11 02:32 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-05-24 20:13 - 2014-01-11 02:32 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-05-24 20:13 - 2014-01-11 02:32 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-05-24 14:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-23 16:26 - 2014-01-10 19:28 - 00000000 ____D () C:\Users\Antoine\AppData\Roaming\vlc
2015-05-23 02:19 - 2015-04-04 21:08 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-23 02:19 - 2015-04-04 21:08 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-23 02:19 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-22 00:53 - 2014-01-11 02:34 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-17 14:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-17 03:59 - 2014-01-10 20:31 - 00001079 _____ () C:\Users\Antoine\Desktop\Dropbox.lnk
2015-05-17 03:59 - 2014-01-10 20:29 - 00000000 ____D () C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-17 03:57 - 2013-11-14 09:32 - 01824010 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-17 03:57 - 2013-11-14 09:13 - 00812350 _____ () C:\WINDOWS\system32\perfh00C.dat
2015-05-17 03:57 - 2013-11-14 09:13 - 00159412 _____ () C:\WINDOWS\system32\perfc00C.dat
2015-05-16 21:16 - 2014-01-11 14:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-16 21:16 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-16 21:06 - 2014-01-11 14:29 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-15 19:24 - 2014-01-11 02:32 - 00004070 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 19:24 - 2014-01-11 02:32 - 00003834 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 19:24 - 2014-01-11 02:32 - 00001098 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 00:15 - 2013-11-14 09:16 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-05 19:59 - 2014-12-14 15:41 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2014-12-14 15:41 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-30 19:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
 
==================== Files in the root of some directories =======
 
2014-01-11 01:37 - 2015-05-27 21:12 - 0000074 _____ () C:\Users\Antoine\AppData\Roaming\sp_data.sys
2014-01-17 02:28 - 2014-01-18 12:28 - 0000071 _____ () C:\Users\Antoine\AppData\Roaming\WB.CFG
2013-04-26 01:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 01:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2014-01-10 20:02 - 2014-01-10 20:04 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-01-10 20:02 - 2014-01-10 20:02 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
 
 
Some files in TEMP:
====================
C:\Users\Antoine\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_tref0.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-25 12:45
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015
Ran by Antoine at 2015-05-27 22:19:34
Running from C:\Users\Antoine\Downloads
Boot Mode: Safe Mode (minimal)
==========================================================
 
 
==================== Accounts: =============================
 
Administrateur (S-1-5-21-2040339073-2083693996-3833942027-500 - Administrator - Disabled)
Antoine (S-1-5-21-2040339073-2083693996-3833942027-1001 - Administrator - Enabled) => C:\Users\Antoine
HomeGroupUser$ (S-1-5-21-2040339073-2083693996-3833942027-1005 - Limited - Enabled)
Invité (S-1-5-21-2040339073-2083693996-3833942027-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Add-in ODF pour Microsoft Office (HKLM-x32\...\{2BC21CD2-8053-406A-80F6-9AB61717B49D}) (Version: 4.0.5309.0 - OpenXML/ODF Translator Team)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.0 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
LibreOffice 4.4.1.2 (HKLM-x32\...\{4A754DA6-6E12-40AF-BAF0-B7D60C6BE005}) (Version: 4.4.1.2 - The Document Foundation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
OpenOffice Packages (HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\...\OpenOffice Packages) (Version:  - ) <==== ATTENTION
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
PriiceeMinus (HKLM-x32\...\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}) (Version:  - )
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
R for Windows 3.0.2 (HKLM\...\R for Windows 3.0.2_is1) (Version: 3.0.2 - R Core Team)
R for Windows 3.0.3 (HKLM\...\R for Windows 3.0.3_is1) (Version: 3.0.3 - R Core Team)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.507 - RStudio)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeXworks 0.4.5 (HKLM-x32\...\{41DA4817-4D2A-4D83-AD02-6A2D95DC8DCB}_is1) (Version:  - TeX Users Group)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware View Client (HKLM\...\{78742412-BA9E-4E8B-A19D-2846EC794A37}) (Version: 5.1.0.704644 - VMware, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (05/09/2013 1.0.0.173) (HKLM\...\1016059FBF327ED9E3BAE758BD08CF10D3C6252D) (Version: 05/09/2013 1.0.0.173 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Antoine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Antoine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Antoine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Antoine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2040339073-2083693996-3833942027-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Antoine\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
09-05-2015 16:52:53 Point de contrôle planifié
13-05-2015 00:12:52 Windows Update
16-05-2015 20:55:42 Windows Update
23-05-2015 02:13:16 Windows Update
24-05-2015 20:10:50 avast! antivirus system restore point
27-05-2015 20:52:57 Removed Microsoft Office Professional Plus 2007
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0AC7E37E-28F6-4286-AE62-7370B94C30F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-16] (Microsoft Corporation)
Task: {27B9BEB3-55E3-445B-B864-4EF40EA81E98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {2FA0B2B2-56F7-4BC0-9AC8-231354A4EA68} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-06-28] (AsusTek)
Task: {35CC6A02-6ADC-4068-8158-551393E32232} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {471B7B97-D830-40FD-84DD-D35833F90050} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {4E310778-80F3-468D-AA55-CB9D5830B664} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {7D42E932-9C60-4950-B34A-F8FDB95DE546} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {80676B68-C185-428D-92F8-50F0144FA11D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-11] (Google Inc.)
Task: {84B91644-EA60-42B2-88A9-3EDEA4B28A79} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-24] (Avast Software s.r.o.)
Task: {A7268C82-72A4-47DD-AF78-F05F2037014B} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {BCBE0646-483B-429D-BC50-C691EC1F14FD} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {C6FB77EA-0E4B-4B8F-8F12-DB0E4DC29062} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-11] (Google Inc.)
Task: {DC1C244C-07C6-4460-B89B-618B729E8F51} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {DD98058B-8106-4E4D-AFF6-2AF910248F2F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {EE690212-6172-46A8-9ABF-7F5E0CF5D4EA} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {F52370AD-06EA-4B2D-A3FD-CC4387543694} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Antoine\SkyDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: Media is not connected to internet.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-2040339073-2083693996-3833942027-1001\...\StartupApproved\Run: => "Power2GoExpress"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [uDP Query User{46500EF1-BEAC-4C98-B850-39280B321D0B}C:\users\antoine\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\antoine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{8A09B75B-1A66-4E7E-B8F3-529FAA23A56D}C:\users\antoine\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\antoine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{73C5CA26-A8B4-411C-B914-6834559CE2F4}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{FD39BC62-FA0B-4066-BD55-8BDD26EB0250}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{ABD77203-60FD-4525-A410-9C4D6CE9BD0D}] => (Allow) C:\Users\Antoine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B160C1D8-EC60-438E-9362-848C82945D2B}] => (Allow) C:\Users\Antoine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4257B3C8-3494-4002-9471-225A67E9CEFA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{3F67EC9D-93FF-4BFE-9570-B69E8C43C386}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9CBDB688-1560-4EC3-B3C4-13B86FD1A88A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{99AB5382-1059-45AC-AAEB-E32736E99DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900
FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869
FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CFC146B7-C99F-4DCF-BC78-56FDFFDF2BFA}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{411968B2-CD8D-466C-A199-937E0B4AF663}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{B2952A6D-8CEC-4CE2-8950-0963BAFC13E5}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{AF1A004B-8D9B-4F06-88DC-CE61011C6FED}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\vmware-remotemks.exe
FirewallRules: [{A3F3F6AF-BB32-43CA-AB6F-5065C5E414E9}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{0FB4D8E3-00BA-447E-BB61-4D86B7A04B02}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{55917FD7-D2E6-4935-814A-D9A09C18EC3B}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [{BD21AFA3-E0E9-4D65-BE29-7DCACF2DB5DF}] => (Allow) C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
FirewallRules: [TCP Query User{5DFA4162-A911-4679-A47A-85E31EEF3BCA}C:\program files\vmware\vmware view\client\bin\wswc.exe] => (Block) C:\program files\vmware\vmware view\client\bin\wswc.exe
FirewallRules: [uDP Query User{9201E7F1-C1A6-4BF3-A0A3-F800A46FE012}C:\program files\vmware\vmware view\client\bin\wswc.exe] => (Block) C:\program files\vmware\vmware view\client\bin\wswc.exe
FirewallRules: [TCP Query User{27DB5F47-2736-4AD7-9506-649A653B09A6}C:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe] => (Block) C:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe
FirewallRules: [uDP Query User{BFDF55CF-1AAB-45F0-ADC1-325CEE6F64DD}C:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe] => (Block) C:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe
FirewallRules: [TCP Query User{50A51688-747F-4B36-9034-358CFB73136E}C:\users\antoine\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\antoine\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [uDP Query User{6747DD59-171E-4154-9DC6-877837A73C93}C:\users\antoine\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\antoine\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{932DCF1D-40E5-464D-945F-11A17B5A7CE1}] => (Allow) C:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exe
FirewallRules: [{7B3085AA-B1E7-4FFC-B76D-0DA902F09481}] => (Allow) C:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exe
FirewallRules: [TCP Query User{30EAAC8A-63E9-4B92-BB29-47C7AB595BEC}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [uDP Query User{B11E2A71-5DBB-4390-B634-91F269F1C151}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{96DDAE4C-27D4-4A98-9260-E1596D205722}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [uDP Query User{BE4670A3-A6AB-4E5A-873A-0B7D85676737}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{5D933F5B-F93D-4DFB-A1B9-F72EDA991EC3}C:\users\antoine\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\antoine\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [uDP Query User{C82DDEB9-D506-4625-9DBF-CE689F0CBEB5}C:\users\antoine\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\antoine\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{FE90B6A5-3212-4E8A-9B5D-70C1031B7756}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{161AD62F-B3EA-428C-8FDD-CA6290607097}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{93450042-B1D7-4BAD-86FB-48B64A15280F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F644E517-CA96-421C-BFA9-32C9D4119DEC}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/27/2015 09:16:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme SystemSettings.exe version 6.3.9600.17489 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
 
ID de processus : 1a40
 
Heure de début : 01d098b1889373bb
 
Heure de fin : 4294967295
 
Chemin d’accès de l’application : C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
 
ID de rapport : d7edf103-04a4-11e5-bec0-d850e6017b9d
 
Nom complet du package défaillant : windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
 
ID de l’application relative au package défaillant : microsoft.windows.immersivecontrolpanel
 
Error: (05/27/2015 09:16:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PC-ANTOINE)
Description: Le package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel a été interrompu, car sa suspension a été trop longue.
 
Error: (05/27/2015 08:34:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante MsMpEng.exe, version : 4.7.205.0, horodatage : 0x54cb5aeb
Nom du module défaillant : mpengine.dll, version : 1.1.10501.0, horodatage : 0x533a1237
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00000000006100da
ID du processus défaillant : 0x11f8
Heure de début de l’application défaillante : 0xMsMpEng.exe0
Chemin d’accès de l’application défaillante : MsMpEng.exe1
Chemin d’accès du module défaillant: MsMpEng.exe2
ID de rapport : MsMpEng.exe3
Nom complet du package défaillant : MsMpEng.exe4
ID de l’application relative au package défaillant : MsMpEng.exe5
 
Error: (05/26/2015 11:24:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante MsMpEng.exe, version : 4.7.205.0, horodatage : 0x54cb5aeb
Nom du module défaillant : mpengine.dll, version : 1.1.10501.0, horodatage : 0x533a1237
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00000000006100da
ID du processus défaillant : 0x770
Heure de début de l’application défaillante : 0xMsMpEng.exe0
Chemin d’accès de l’application défaillante : MsMpEng.exe1
Chemin d’accès du module défaillant: MsMpEng.exe2
ID de rapport : MsMpEng.exe3
Nom complet du package défaillant : MsMpEng.exe4
ID de l’application relative au package défaillant : MsMpEng.exe5
 
Error: (05/26/2015 10:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante MsMpEng.exe, version : 4.7.205.0, horodatage : 0x54cb5aeb
Nom du module défaillant : mpengine.dll, version : 1.1.10501.0, horodatage : 0x533a1237
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00000000006100da
ID du processus défaillant : 0x57c
Heure de début de l’application défaillante : 0xMsMpEng.exe0
Chemin d’accès de l’application défaillante : MsMpEng.exe1
Chemin d’accès du module défaillant: MsMpEng.exe2
ID de rapport : MsMpEng.exe3
Nom complet du package défaillant : MsMpEng.exe4
ID de l’application relative au package défaillant : MsMpEng.exe5
 
Error: (05/26/2015 10:13:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante MsMpEng.exe, version : 4.7.205.0, horodatage : 0x54cb5aeb
Nom du module défaillant : mpengine.dll, version : 1.1.10501.0, horodatage : 0x533a1237
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00000000006100da
ID du processus défaillant : 0xbd8
Heure de début de l’application défaillante : 0xMsMpEng.exe0
Chemin d’accès de l’application défaillante : MsMpEng.exe1
Chemin d’accès du module défaillant: MsMpEng.exe2
ID de rapport : MsMpEng.exe3
Nom complet du package défaillant : MsMpEng.exe4
ID de l’application relative au package défaillant : MsMpEng.exe5
 
Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Impossible d’initialiser l’index.
 
Détails :
L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Impossible d’initialiser l’application.
 
Contexte : Application Windows
 
Détails :
L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Impossible d’initialiser l’objet rassembleur.
 
Contexte : Application Windows, Catalogue SystemIndex
 
Détails :
L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/26/2015 10:01:26 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Impossible d’initialiser le plug-in dans <Search.TripoliIndexer>.
 
Contexte : Application Windows, Catalogue SystemIndex
 
Détails :
L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant.  (HRESULT : 0x80040d06) (0x80040d06)
 
 
System errors:
=============
Error: (05/27/2015 10:19:47 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)
Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (05/27/2015 10:19:41 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)
Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (05/27/2015 10:19:35 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)
Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (05/27/2015 10:19:35 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)
Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (05/27/2015 10:19:31 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)
Description: 1084WSearchNon disponible{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (05/27/2015 10:19:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows dépend du service Client DHCP qui n’a pas pu démarrer en raison de l’erreur : 
%%1068
 
Error: (05/27/2015 10:19:28 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)
Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (05/27/2015 10:19:27 PM) (Source: DCOM) (EventID: 10005) (User: PC-ANTOINE)
Description: 1068netprofmNon disponible{A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (05/27/2015 10:19:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : 
%%1068
 
Error: (05/27/2015 10:19:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Connaissance des emplacements réseau dépend du service Client DHCP qui n’a pas pu démarrer en raison de l’erreur : 
%%1068
 
 
Microsoft Office:
=========================
Error: (05/27/2015 09:16:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SystemSettings.exe6.3.9600.174891a4001d098b1889373bb4294967295C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exed7edf103-04a4-11e5-bec0-d850e6017b9dwindows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel
 
Error: (05/27/2015 09:16:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PC-ANTOINE)
Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel
 
Error: (05/27/2015 08:34:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10501.0533a1237c000000500000000006100da11f801d097fa88ef6789C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D1AE4CF-9870-4B0C-A5E2-DDF3FFD1EAF0}\mpengine.dll0b0e2251-049f-11e5-bebf-d850e6017b9d
 
Error: (05/26/2015 11:24:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10501.0533a1237c000000500000000006100da77001d097fa3d91a6aeC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D1AE4CF-9870-4B0C-A5E2-DDF3FFD1EAF0}\mpengine.dlla067a799-03ed-11e5-bebf-d850e6017b9d
 
Error: (05/26/2015 10:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10501.0533a1237c000000500000000006100da57c01d097f08fc4a2e2C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D1AE4CF-9870-4B0C-A5E2-DDF3FFD1EAF0}\mpengine.dll4021ced2-03e5-11e5-bebe-d850e6017b9d
 
Error: (05/26/2015 10:13:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10501.0533a1237c000000500000000006100dabd801d097eed2dfa5f1C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D1AE4CF-9870-4B0C-A5E2-DDF3FFD1EAF0}\mpengine.dlla5842474-03e3-11e5-bebe-d850e6017b9d
 
Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Détails :
L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Contexte : Application Windows
 
Détails :
L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/26/2015 10:01:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Contexte : Application Windows, Catalogue SystemIndex
 
Détails :
L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (05/26/2015 10:01:26 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Contexte : Application Windows, Catalogue SystemIndex
 
Détails :
L’objet spécifié est introuvable. Spécifiez le nom d’un objet existant.  (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 23%
Total physical RAM: 3981.74 MB
Available physical RAM: 3042.74 MB
Total Pagefile: 8077.74 MB
Available Pagefile: 7217 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:125.73 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:258.34 GB) (Free:257.9 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 568814A2)
 
Partition: GPT Partition Type.
 
==================== End of log ============================
 
Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll try to help your with your issue.
 
     
    
Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 



 

FRST.gif Scan with Farbar Recovery Scan Tool
 
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please upload them into your next reply.

Link to post
Share on other sites

Google Chrome has been altered by malware, and you need to reinstall it:
 
CHR dev: Chrome dev build detected! <======= ATTENTION
 


 

FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please upload it to your reply.
 


 

adwcleaner_new.png Fix with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait until the database is updated.
  • Accept the Terms of use and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.

Please upload report in your reply.
 
Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

fixlist.txt

Link to post
Share on other sites

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware
 
Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • First of all, select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the newest Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and upload your next reply.
 




FRST.gif Scan with Farbar Recovery Scan Tool
 
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please upload them into your next reply.

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.