PC infecté Help 2015-04-13T00:11:21+00:00

Dépannage Informatique : PC infecté Help

  • Auteur
    Messages
  • Anash
    Nombre d'articles : 0

    Bonjour, j’ai suivi vos conseils en téléchargeant USBfix parce que j’ai 2 fichiers avec une petit flèche que tous mes disques durs externes, un avec mon nom l’autre avec écrit “nouveau dossier”.

    Voila la rapport
    http://www.usbfix.net/rapport/?id=report/7.921.2/ca217cef2e767df402802ed151023f2b57c72911.txt&nomfichier=ca217cef2e767df402802ed151023f2b57c72911

    Seulement j’en ai fait deux autres après, en enlevant l’antivirus…
    http://www.usbfix.net/rapport/?id=report/7.921.2/f637ae76ed464101e5a1e4c1773d83752fade109.txt&nomfichier=f637ae76ed464101e5a1e4c1773d83752fade109
    http://www.usbfix.net/rapport/?id=report/7.921.2/1837c33dc7e006600c7bd7281fc2b50d79b3242a.txt&nomfichier=1837c33dc7e006600c7bd7281fc2b50d79b3242a

    Pouvez vous m’aider svp ?

  • Anonyme
    Nombre d'articles : 0

    Hello :hello: ,

    Bienvenue sur SosVirus :welcome:

    UsbFix a bien travaillé , supprime ces deux fichiers :

    D:bizo.mp3
    H:bizo.mp3

    • Télécharge FRST (de Farbar) sur ton bureau !
    • Ferme toutes les applications en cours !
    • Lance FRST, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche la case Addition.txt
    • Clique sur Scan

    • Une fois le scan terminé rends toi sur le bureau, deux rapports FRST.txt et Addition.txt ont été créés.
    • Héberge les rapports FRST.txt et Addition.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse
      -> Tutoriel SosUpload : actu/tutoriel-sosupload/
  • Anonyme
    Nombre d'articles : 0

    Voila l 1er rapport : Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2015
    Ran by Anaïs (administrator) on ANACH on 13-04-2015 10:49:59
    Running from C:UsersAnaïsDownloads
    Loaded Profiles: Anaïs (Available profiles: Anaïs & Invité)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:WindowsSystem32atiesrxx.exe
    (IDT, Inc.) C:Program FilesIDTWDMstacsv64.exe
    (AMD) C:WindowsSystem32atieclxx.exe
    (Hewlett-Packard Company) C:WindowsSystem32hpservice.exe
    (Avast Software s.r.o.) C:Program FilesAVAST SoftwareAvastAvastSvc.exe
    (Microsoft Corporation) C:WindowsSystem32wlanext.exe
    (Adobe Systems Incorporated) C:Program Files (x86)AdobeElements 9 OrganizerPhotoshopElementsFileAgent.exe
    (Andrea Electronics Corporation) C:Program FilesIDTWDMAESTSr64.exe
    (Apple Inc.) C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    (Broadcom Corporation.) C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe
    (Avid Technology, Inc.) C:Program Files (x86)DigidesignDriversMMERefresh.exe
    (EasyBits Software AS) C:WindowsSysWOW64ezSharedSvcHost.exe
    (Hewlett-Packard Company) C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe
    (Realsil Microelectronics Inc.) C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe
    (PACE Anti-Piracy, Inc.) C:Program Files (x86)Common FilesPACEServicesLicenseServicesLDSvc.exe
    (Microsoft Corporation) C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe
    (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
    (Microsoft Corporation) C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe
    (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE
    (Safer Networking Ltd.) C:Program Files (x86)Spybot – Search & DestroySDWinSec.exe
    (Microsoft Corporation) C:WindowsSystem32StikyNot.exe
    (Avast Software s.r.o.) C:Program FilesAVAST SoftwareAvastAvastUI.exe
    (Microsoft Corporation) C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE
    (CyberLink) C:Program Files (x86)CyberLinkYouCamYCMMirage.exe
    (Microsoft Corporation) C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVH.EXE
    () Q:140066.fraOffice14WINWORDC.EXE
    (Intel Corporation) C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe
    (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE
    (Intel Corporation) C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    (Intel Corporation) C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    (Microsoft Corporation) C:Windowssplwow64.exe
    (Microsoft Corporation) C:Program Files (x86)Common Filesmicrosoft sharedSource EngineOSE.EXE
    (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe
    () Q:140066.fraOffice14OffSpon.EXE
    (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM-x32…Run: [AvastUI.exe] => C:Program FilesAVAST SoftwareAvastAvastUI.exe [5512912 2015-04-01] (Avast Software s.r.o.)
    WinlogonNotifyigfxcui: C:Windowssystem32igfxdev.dll (Intel Corporation)
    HKLM…PoliciesExplorer: [EnableShellExecuteHooks] 0
    HKUS-1-5-21-877926961-664204807-4073508768-1000…Run: [RESTART_STICKY_NOTES] => C:WindowsSystem32StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
    HKUS-1-5-21-877926961-664204807-4073508768-1000…Policiessystem: [DisableLockWorkstation] 0
    HKUS-1-5-21-877926961-664204807-4073508768-1000…Policiessystem: [DisableChangePassword] 0
    HKUS-1-5-21-877926961-664204807-4073508768-1000Control PanelDesktop\SCRNSAVE.EXE -> C:Windowssystem32scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShA64.dll (Avast Software s.r.o.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLMSOFTWAREPoliciesMicrosoftInternet Explorer: Policy restriction <======= ATTENTION
    HKUS-1-5-21-877926961-664204807-4073508768-1000SOFTWAREPoliciesMicrosoftInternet Explorer: Policy restriction <======= ATTENTION
    HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
    HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Start Page = https://fr.yahoo.com/?fr=hp-avast&type=avastbcl
    HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Search Page = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
    HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL =
    HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.google.com
    HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL =
    HKU.DEFAULTSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU.DEFAULTSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKUS-1-5-21-877926961-664204807-4073508768-1000SoftwareMicrosoftInternet ExplorerMain,Start Page = https://fr.yahoo.com/?fr=hp-avast&type=avastbcl
    HKUS-1-5-21-877926961-664204807-4073508768-1000SoftwareMicrosoftInternet ExplorerMain,Search Page = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
    HKUS-1-5-21-877926961-664204807-4073508768-1000SoftwareMicrosoftInternet ExplorerMain,Search Bar = https://fr.yahoo.com/?fr=hp-avast&type=avastbcl
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {0116926F-0D22-4E9E-B579-77C0B0F02A0C} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
    SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
    SearchScopes: HKLM-x32 -> {0116926F-0D22-4E9E-B579-77C0B0F02A0C} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
    SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
    SearchScopes: HKUS-1-5-21-877926961-664204807-4073508768-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
    SearchScopes: HKUS-1-5-21-877926961-664204807-4073508768-1000 -> {0116926F-0D22-4E9E-B579-77C0B0F02A0C} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKUS-1-5-21-877926961-664204807-4073508768-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKUS-1-5-21-877926961-664204807-4073508768-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www.google.com/search?hl=en&q={searchTerms}
    SearchScopes: HKUS-1-5-21-877926961-664204807-4073508768-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
    SearchScopes: HKUS-1-5-21-877926961-664204807-4073508768-1000 -> {C13DD200-4E5B-4E01-9E9B-238B90153B94} URL =
    SearchScopes: HKUS-1-5-21-877926961-664204807-4073508768-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre6binjp2ssv.dll [2011-09-02] (Sun Microsystems, Inc.)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program Files (x86)Javajre7binssv.dll [2012-11-28] (Oracle Corporation)
    BHO-x32: Programme d’aide de l’Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program Files (x86)Javajre7binjp2ssv.dll [2012-11-28] (Oracle Corporation)
    Toolbar: HKUS-1-5-21-877926961-664204807-4073508768-1000 -> No Name – {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} – No File
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    ShellExecuteHooks-x32: EasyBits ShellExecute Hook – {E54729E8-BB3D-4270-9D49-7389EA579090} – C:WindowsSysWOW64ezUPBHook.dll [52920 2011-09-02] (EasyBits Software Corp.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    TcpipParameters: [DhcpNameServer] 192.168.1.1
    Tcpip..Interfaces{1F3F5B25-ADD3-4089-AAC1-0878AF919E0E}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
    StartMenuInternet: IEXPLORE.EXE – iexplore.exe

    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_16_0_0_305.dll [2015-02-05] ()
    FF Plugin: @java.com/JavaPlugin -> C:Program FilesJavajre6binnew_pluginnpjp2.dll [2011-09-02] (Sun Microsystems, Inc.)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:Program FilesMicrosoft Silverlight5.1.31211.0npctrl.dll [2014-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_16_0_0_305.dll [2015-02-05] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:Windowssystem32AdobeDirectornp32dsw.dll No File
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll [2012-04-05] ()
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:Program Files (x86)GooglePicasa3npPicasa3.dll [2013-12-23] (Google, Inc.)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.10.2 -> C:Program Files (x86)Javajre7binplugin2npjp2.dll [2012-11-28] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:Program Files (x86)Microsoft Silverlight5.1.31211.0npctrl.dll [2014-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:PROGRA~2MICROS~1Office14NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:Program Files (x86)GoogleUpdate1.3.26.9npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:Program Files (x86)GoogleUpdate1.3.26.9npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2012-03-17] (VideoLAN)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegistered9NP_wtapp.dll [2013-10-22] ()
    FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dll [2014-05-08] (Adobe Systems Inc.)
    FF Plugin HKUS-1-5-21-877926961-664204807-4073508768-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:UsersAnaïsAppDataLocalFacebookVideoSkypenpFacebookVideoCalling.dll No File

    Chrome:
    =======
    CHR Profile: C:UsersAnaïsAppDataLocalGoogleChromeUser DataDefault
    CHR Extension: (AdBlock) – C:UsersAnaïsAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2014-11-11]
    CHR Extension: (Chrome Hotword Shared Module) – C:UsersAnaïsAppDataLocalGoogleChromeUser DataDefaultExtensionslccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
    CHR Extension: (Google Wallet) – C:UsersAnaïsAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 avast! Antivirus; C:Program FilesAVAST SoftwareAvastAvastSvc.exe [343336 2015-04-01] (Avast Software s.r.o.)
    R2 DigiRefresh; C:Program Files (x86)DigidesignDriversMMERefresh.exe [77824 2010-05-04] (Avid Technology, Inc.) [File not signed]
    S3 Disc Soft Bus Service; C:Program Files (x86)DAEMON Tools UltraDiscSoftBusService.exe [723192 2013-11-14] (Disc Soft Ltd)
    R2 ezSharedSvc; C:WindowsSysWOW64ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
    S3 GamesAppIntegrationService; C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe [255040 2014-08-31] (WildTangent)
    R2 IconMan_R; C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe [2413056 2013-05-26] (Realsil Microelectronics Inc.) [File not signed]
    S3 Origin Client Service; C:Program Files (x86)OriginOriginClientService.exe [1903472 2014-12-19] (Electronic Arts)
    R2 PaceLicenseDServices; C:Program Files (x86)Common FilesPACEServicesLicenseServicesLDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed]
    R2 SBSDWSCService; C:Program Files (x86)Spybot – Search & DestroySDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    S3 SwitchBoard; C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    S3 AvastVBoxSvc; C:Program FilesAVAST SoftwareAvastngvboxAvastVBoxSVC.exe [X]
    S3 iPod Service; “C:Program FilesiPodbiniPodService.exe” [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    U5 AppMgmt; C:Windowssystem32svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R2 aswHwid; C:Windowssystem32driversaswHwid.sys [29168 2015-04-01] ()
    R2 aswMonFlt; C:Windowssystem32driversaswMonFlt.sys [88408 2015-04-01] (Avast Software s.r.o.)
    R1 aswRdr; C:Windowssystem32driversaswRdr2.sys [93528 2015-04-01] (Avast Software s.r.o.)
    R0 aswRvrt; C:WindowsSystem32DriversaswRvrt.sys [65736 2015-04-01] ()
    R1 aswSnx; C:Windowssystem32driversaswSnx.sys [1047320 2015-04-01] (Avast Software s.r.o.)
    R1 aswSP; C:Windowssystem32driversaswSP.sys [442264 2015-04-01] (Avast Software s.r.o.)
    R2 aswStm; C:Windowssystem32driversaswStm.sys [136752 2015-04-01] (Avast Software s.r.o.)
    R0 aswVmm; C:WindowsSystem32DriversaswVmm.sys [271200 2015-04-01] ()
    R1 cdrblock; C:WindowsSystem32DRIVERScdrblock.sys [34360 2008-05-30] (Canopus Co,. Ltd.)
    R3 dtscsibus; C:WindowsSystem32DRIVERSdtscsibus.sys [29696 2014-02-10] (Disc Soft Ltd)
    R1 dtsoftbus01; C:WindowsSystem32DRIVERSdtsoftbus01.sys [283200 2012-04-21] (DT Soft Ltd)
    S3 MBAMSwissArmy; C:Windowssystem32driversMBAMSwissArmy.sys [136408 2015-04-12] (Malwarebytes Corporation)
    S2 Sentinel64; C:WindowsSystem32DriversSentinel64.sys [142120 2007-04-27] (SafeNet, Inc.)
    R0 sptd; C:WindowsSystem32Driverssptd.sys [834544 2014-05-27] () [File not signed]
    U3 ap0suksp; C:WindowsSystem32Driversap0suksp.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
    S3 catchme; ??C:ComboFixcatchme.sys [X]
    S3 esgiguard; ??C:Program FilesEnigma Software GroupSpyHunteresgiguard.sys [X]
    U3 VBoxAswDrv; ??C:Program FilesAVAST SoftwareAvastngvboxVBoxAswDrv.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the filefolder will be moved.)

    2015-04-13 10:49 – 2015-04-13 10:50 – 00018897 _____ () C:UsersAnaïsDownloadsFRST.txt
    2015-04-13 10:42 – 2015-04-13 10:50 – 00000000 ____D () C:FRST
    2015-04-13 10:40 – 2015-04-13 10:40 – 02096640 _____ (Farbar) C:UsersAnaïsDownloadsFRST64.exe
    2015-04-13 01:57 – 2015-04-13 01:57 – 00013126 _____ () C:UsersAnaïsDesktopUsbFix_Report.txt
    2015-04-13 01:40 – 2015-04-13 01:40 – 00001452 _____ () C:UsersAnaïsDesktopUsbFix.lnk
    2015-04-13 01:39 – 2015-04-13 02:00 – 00000000 ____D () C:UsbFix
    2015-04-13 01:39 – 2015-04-13 01:39 – 04312424 _____ (El Desaparecido – SosVirus.net – UsbFix.net) C:UsersAnaïsDownloadsUsbFix_7.9212.exe
    2015-04-13 00:17 – 2015-04-13 00:17 – 00000000 ____D () C:UsersAnaïsAppDataLocal{6BC2734C-4DC9-4373-BD1B-3F0AC237D8C0}
    2015-04-12 13:42 – 2015-04-12 13:42 – 00000000 ____D () C:UsersAnaïsDesktopAnaïs
    2015-04-06 23:55 – 2015-04-06 23:55 – 00000000 ___SD () C:WindowsSysWOW64GWX
    2015-04-06 23:55 – 2015-04-06 23:55 – 00000000 ___SD () C:Windowssystem32GWX
    2015-04-01 17:42 – 2015-04-01 17:42 – 00364472 _____ (Avast Software s.r.o.) C:Windowssystem32aswBoot.exe
    2015-04-01 17:42 – 2015-04-01 17:42 – 00043112 _____ (Avast Software s.r.o.) C:WindowsavastSS.scr
    2015-03-31 19:56 – 2015-03-31 19:56 – 00000000 ____D () C:UsersAnaïsAppDataLocal{F6FC46A7-558C-4D3A-BA48-760A1074BE92}
    2015-03-31 14:23 – 2015-03-31 14:23 – 00839522 _____ () C:UsersAnaïsDownloadssous titrage THREE Arrien Anais.odp (1).pptx
    2015-03-31 14:22 – 2015-03-31 14:22 – 00839522 _____ () C:UsersAnaïsDownloadssous titrage THREE Arrien Anais.odp.pptx
    2015-03-31 12:30 – 2015-03-31 12:30 – 00022449 _____ () C:UsersAnaïsDownloadssous titrage THREE Arrien Anais (2).odp
    2015-03-31 12:29 – 2015-03-31 12:29 – 00022449 _____ () C:UsersAnaïsDownloadssous titrage THREE Arrien Anais (1).odp
    2015-03-31 12:28 – 2015-03-31 12:28 – 00022449 _____ () C:UsersAnaïsDownloadssous titrage THREE Arrien Anais.odp
    2015-03-31 12:27 – 2015-03-31 12:27 – 00800978 _____ () C:UsersAnaïsDownloadstemplate corrida 2014.pptx
    2015-03-29 21:19 – 2015-04-01 17:44 – 00132416 _____ () C:WindowsPFRO.log
    2015-03-29 20:21 – 2015-04-12 01:30 – 00136408 _____ (Malwarebytes Corporation) C:Windowssystem32DriversMBAMSwissArmy.sys
    2015-03-29 20:18 – 2015-03-29 20:18 – 00001102 _____ () C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk
    2015-03-29 20:18 – 2015-03-29 20:18 – 00001102 _____ () C:ProgramDataDesktopMalwarebytes Anti-Malware.lnk
    2015-03-29 20:18 – 2015-03-29 20:18 – 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes Anti-Malware
    2015-03-29 20:17 – 2015-03-29 20:17 – 21540440 _____ (Malwarebytes Corporation ) C:UsersAnaïsDownloadsmbam-setup-2.1.4.1018.exe
    2015-03-29 20:17 – 2015-03-29 20:17 – 00000000 ____D () C:Program Files (x86)Malwarebytes Anti-Malware
    2015-03-29 20:17 – 2015-03-17 06:15 – 00107736 _____ (Malwarebytes Corporation) C:Windowssystem32Driversmbamchameleon.sys
    2015-03-29 20:17 – 2015-03-17 06:15 – 00063704 _____ (Malwarebytes Corporation) C:Windowssystem32Driversmwac.sys
    2015-03-29 20:17 – 2015-03-17 06:15 – 00025816 _____ (Malwarebytes Corporation) C:Windowssystem32Driversmbam.sys
    2015-03-28 15:28 – 2015-03-28 15:30 – 07363584 _____ () C:UsersAnaïsDownloadsMM26_FR (1).msi
    2015-03-26 14:41 – 2015-03-26 14:41 – 00007261 _____ () C:UsersAnaïsDownloadsPIERRE Lesly.odt
    2015-03-26 14:36 – 2015-03-26 14:36 – 00023917 _____ () C:UsersAnaïsDownloadsMotiv Stage 2015 (1).odt
    2015-03-26 02:58 – 2015-03-26 02:58 – 00023917 _____ () C:UsersAnaïsDownloadsMotiv Stage 2015.odt
    2015-03-25 17:40 – 2015-03-25 17:40 – 12659452 _____ () C:UsersAnaïsDownloads[FF1J 2014 Teaser] Blue Velviette – Montbéliard-FLUVORE.avi
    2015-03-25 16:18 – 2015-03-25 16:20 – 32159836 _____ () C:UsersAnaïsDownloads25032015141755.mp4
    2015-03-25 13:51 – 2015-03-11 06:06 – 00943616 _____ (Microsoft Corporation) C:Windowssystem32appraiser.dll
    2015-03-25 13:51 – 2015-03-11 06:06 – 00760832 _____ (Microsoft Corporation) C:Windowssystem32invagent.dll
    2015-03-25 13:51 – 2015-03-11 06:06 – 00677888 _____ (Microsoft Corporation) C:Windowssystem32generaltel.dll
    2015-03-25 13:51 – 2015-03-11 06:06 – 00414720 _____ (Microsoft Corporation) C:Windowssystem32devinv.dll
    2015-03-25 13:51 – 2015-03-11 06:05 – 00227328 _____ (Microsoft Corporation) C:Windowssystem32aepdu.dll
    2015-03-25 13:51 – 2015-03-11 06:05 – 00192000 _____ (Microsoft Corporation) C:Windowssystem32aepic.dll
    2015-03-25 13:51 – 2015-03-11 06:05 – 00030720 _____ (Microsoft Corporation) C:Windowssystem32acmigration.dll
    2015-03-25 13:51 – 2015-03-11 06:02 – 01107456 _____ (Microsoft Corporation) C:Windowssystem32aeinv.dll
    2015-03-22 12:26 – 2015-03-22 12:26 – 00000132 _____ () C:UsersAnaïsAppDataRoamingPréfs Format BMP Adobe CS6
    2015-03-22 11:44 – 2015-04-13 10:07 – 00004362 _____ () C:Windowssetupact.log
    2015-03-22 11:44 – 2015-03-22 11:44 – 00000000 _____ () C:Windowssetuperr.log
    2015-03-21 15:44 – 2015-03-21 15:44 – 00000000 ____D () C:UsersAnaïsAppDataLocal{0DA78B1D-593B-4CEC-9E9B-3DCE9B31DE6E}
    2015-03-21 14:06 – 2015-03-22 13:56 – 00000000 ____D () C:UsersAnaïsDesktopsilence ca tourne
    2015-03-14 19:48 – 2015-03-14 21:17 – 1185737345 _____ () C:UsersAnaïsDesktopMargot.mov
    2015-03-14 15:40 – 2015-03-14 15:51 – 771218811 _____ () C:UsersAnaïsDownloadswetransfer-bf0a58.zip

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the filefolder will be moved.)

    2015-04-13 10:45 – 2012-04-21 16:57 – 00001070 _____ () C:WindowsTasksGoogleUpdateTaskMachineUA.job
    2015-04-13 10:31 – 2012-04-04 10:02 – 00001002 _____ () C:WindowsTasksAdobe Flash Player Updater.job
    2015-04-13 10:15 – 2009-07-14 06:45 – 00032064 ____H () C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-04-13 10:15 – 2009-07-14 06:45 – 00032064 ____H () C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-04-13 10:12 – 2014-06-12 11:44 – 01559668 _____ () C:WindowsWindowsUpdate.log
    2015-04-13 10:11 – 2011-09-02 10:41 – 03667778 _____ () C:Windowssystem32perfh00C.dat
    2015-04-13 10:11 – 2011-09-02 10:41 – 01149190 _____ () C:Windowssystem32perfc00C.dat
    2015-04-13 10:11 – 2009-07-14 07:13 – 00006484 _____ () C:Windowssystem32PerfStringBackup.INI
    2015-04-13 10:07 – 2012-04-21 16:57 – 00001066 _____ () C:WindowsTasksGoogleUpdateTaskMachineCore.job
    2015-04-13 10:07 – 2009-07-14 07:08 – 00000006 ____H () C:WindowsTasksSA.DAT
    2015-04-13 02:00 – 2012-02-10 16:16 – 00000000 ____D () C:UsersAnaïsAppDataLocalAdobe
    2015-04-13 00:35 – 2014-08-31 21:26 – 00000928 _____ () C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-877926961-664204807-4073508768-1000UA.job
    2015-04-12 21:35 – 2014-08-31 21:26 – 00000906 _____ () C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-877926961-664204807-4073508768-1000Core.job
    2015-04-12 13:08 – 2012-02-09 22:08 – 00003924 _____ () C:WindowsSystem32TasksUser_Feed_Synchronization-{65F956B0-C514-48C9-A5DD-7608CBD94548}
    2015-04-12 13:03 – 2015-01-19 14:10 – 00002301 _____ () C:UsersAnaïsDesktopGoogle Chrome.lnk
    2015-04-12 13:03 – 2015-01-19 14:10 – 00002056 _____ () C:UsersAnaïsDesktopInternet Explorer.lnk
    2015-04-12 02:16 – 2012-02-09 22:07 – 00003186 _____ () C:WindowsSystem32TasksHPCeeScheduleForAnaïs
    2015-04-12 02:16 – 2012-02-09 22:07 – 00000332 _____ () C:WindowsTasksHPCeeScheduleForAnaïs.job
    2015-04-11 02:50 – 2014-05-09 13:21 – 00004182 _____ () C:WindowsSystem32Tasksavast! Emergency Update
    2015-04-02 05:56 – 2012-02-26 20:27 – 00000000 ____D () C:UsersAnaïsAppDataRoamingSoftGrid Client
    2015-04-01 17:42 – 2014-08-23 16:42 – 00029168 _____ () C:Windowssystem32DriversaswHwid.sys
    2015-04-01 17:42 – 2014-06-12 11:56 – 01047320 _____ (Avast Software s.r.o.) C:Windowssystem32DriversaswSnx.sys
    2015-04-01 17:42 – 2014-06-12 11:56 – 00442264 _____ (Avast Software s.r.o.) C:Windowssystem32DriversaswSP.sys
    2015-04-01 17:42 – 2014-06-12 11:56 – 00271200 _____ () C:Windowssystem32DriversaswVmm.sys
    2015-04-01 17:42 – 2014-06-12 11:56 – 00136752 _____ (Avast Software s.r.o.) C:Windowssystem32DriversaswStm.sys
    2015-04-01 17:42 – 2014-06-12 11:56 – 00093528 _____ (Avast Software s.r.o.) C:Windowssystem32DriversaswRdr2.sys
    2015-04-01 17:42 – 2014-06-12 11:56 – 00088408 _____ (Avast Software s.r.o.) C:Windowssystem32DriversaswMonFlt.sys
    2015-04-01 17:42 – 2014-06-12 11:56 – 00065736 _____ () C:Windowssystem32DriversaswRvrt.sys
    2015-03-31 00:50 – 2012-09-10 18:29 – 00000000 ____D () C:UsersAnaïsAppDataRoamingSkype
    2015-03-30 00:06 – 2012-03-30 17:59 – 00000000 ____D () C:UsersAnaïsAppDataRoamingvlc
    2015-03-29 21:17 – 2012-07-22 12:49 – 00000000 ____D () C:ProgramDataInstallMate
    2015-03-29 21:15 – 2012-07-09 23:40 – 00000000 ____D () C:UsersAnaïsAppDataRoamingdvdcss
    2015-03-29 21:12 – 2012-10-09 19:20 – 00007168 _____ () C:UsersAnaïsAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2015-03-28 15:31 – 2014-12-24 15:23 – 00002507 _____ () C:ProgramDataMicrosoftWindowsStart MenuProgramsWindows Movie Maker 2.6.lnk
    2015-03-28 15:31 – 2014-12-24 15:23 – 00000000 ____D () C:Program Files (x86)Movie Maker 2.6
    2015-03-27 02:09 – 2012-12-06 14:01 – 00003196 _____ () C:WindowsSystem32TasksHPCeeScheduleForANACH$
    2015-03-27 02:09 – 2012-12-06 14:01 – 00000338 _____ () C:WindowsTasksHPCeeScheduleForANACH$.job
    2015-03-27 00:30 – 2014-06-15 13:13 – 227578484 _____ () C:UsersAnaïsDesktopBlueVelviette_Capharnahomme.mov
    2015-03-27 00:30 – 2013-05-11 15:13 – 527463284 _____ () C:UsersAnaïsDesktopBlueVelviette-RIEN NE SERT DE COURIR.mov
    2015-03-26 23:15 – 2012-02-23 14:56 – 00000000 ____D () C:UsersAnaïsAppDataLocalCrashDumps
    2015-03-26 21:49 – 2015-03-08 14:26 – 00092232 _____ () C:UsersAnaïsAppDataLocalGDIPFONTCACHEV1.DAT
    2015-03-26 00:15 – 2014-12-10 13:06 – 00000000 ____D () C:Windowssystem32appraiser
    2015-03-26 00:15 – 2014-05-10 13:38 – 00000000 ___SD () C:Windowssystem32CompatTel
    2015-03-23 01:41 – 2009-07-14 07:08 – 00032482 _____ () C:WindowsTasksSCHEDLGU.TXT
    2015-03-22 02:08 – 2014-06-11 15:58 – 00000000 ____D () C:ProgramDataSpybot – Search & Destroy
    2015-03-14 19:43 – 2014-09-29 14:28 – 11973725 _____ () C:UsersAnaïsDesktopSTOP.prproj

    ==================== Files in the root of some directories =======

    2013-09-22 10:35 – 2013-09-22 10:36 – 0178852 _____ () C:UsersAnaïsAppDataRoamingDXDriver_Install.log
    2013-09-22 10:36 – 2013-09-22 10:37 – 0182104 _____ () C:UsersAnaïsAppDataRoamingFlamethrowerDriver_Install.log
    2013-09-22 10:37 – 2013-09-22 10:46 – 15977230 _____ () C:UsersAnaïsAppDataRoamingMediaComposer_Install.log
    2013-09-22 10:35 – 2013-09-22 10:35 – 0070240 _____ () C:UsersAnaïsAppDataRoamingPACEDrivers_Install.log
    2015-03-22 12:26 – 2015-03-22 12:26 – 0000132 _____ () C:UsersAnaïsAppDataRoamingPréfs Format BMP Adobe CS6
    2014-09-03 15:23 – 2014-09-03 15:23 – 0000039 _____ () C:UsersAnaïsAppDataRoamingWB.CFG
    2012-10-09 19:20 – 2015-03-29 21:12 – 0007168 _____ () C:UsersAnaïsAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2012-12-29 17:12 – 2014-05-28 18:52 – 0007597 _____ () C:UsersAnaïsAppDataLocalresmon.resmoncfg

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:WindowsSystem32winlogon.exe => File is digitally signed
    C:WindowsSystem32wininit.exe => File is digitally signed
    C:WindowsSysWOW64wininit.exe => File is digitally signed
    C:Windowsexplorer.exe => File is digitally signed
    C:WindowsSysWOW64explorer.exe => File is digitally signed
    C:WindowsSystem32svchost.exe => File is digitally signed
    C:WindowsSysWOW64svchost.exe => File is digitally signed
    C:WindowsSystem32services.exe => File is digitally signed
    C:WindowsSystem32User32.dll => File is digitally signed
    C:WindowsSysWOW64User32.dll => File is digitally signed
    C:WindowsSystem32userinit.exe => File is digitally signed
    C:WindowsSysWOW64userinit.exe => File is digitally signed
    C:WindowsSystem32rpcss.dll => File is digitally signed
    C:WindowsSystem32Driversvolsnap.sys => File is digitally signed

    LastRegBack: 2015-04-08 23:49

    ==================== End Of Log ============================

  • Anonyme
    Nombre d'articles : 0

    Voilà le 2eme rapport :

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2015
    Ran by Anaïs at 2015-04-13 10:51:38
    Running from C:UsersAnaïsDownloads
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled – Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled – Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with “hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 9.20 (HKLM-x32…7-Zip) (Version: – )
    Adobe AIR (HKLM-x32…Adobe AIR) (Version: 3.1.0.4880 – Adobe Systems Incorporated)
    Adobe Creative Suite 6 Master Collection (HKLM-x32…{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 – Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM-x32…Adobe Flash Player ActiveX) (Version: 16.0.0.305 – Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32…Adobe Flash Player NPAPI) (Version: 16.0.0.305 – Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32…chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 – Adobe Systems Incorporated)
    Adobe Premiere Elements 9 (HKLM-x32…PremElem90) (Version: 9.0 – Adobe Systems Incorporated)
    Adobe Reader X (10.1.10) MUI (HKLM-x32…{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 – Adobe Systems Incorporated)
    Adobe Shockwave Player 11.5 (HKLM-x32…Adobe Shockwave Player) (Version: 11.5.9.620 – Adobe Systems, Inc.)
    Akamai NetSession Interface (HKUS-1-5-21-877926961-664204807-4073508768-1000…Akamai) (Version: – Akamai Technologies, Inc)
    Any Video Converter Professional 5.0.9 (HKLM-x32…Any Video Converter Professional_is1) (Version: – Any-Video-Converter.com)
    Apple Application Support (HKLM-x32…{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 – Apple Inc.)
    Apple Mobile Device Support (HKLM…{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 – Apple Inc.)
    Apple Software Update (HKLM-x32…{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 – Apple Inc.)
    ATI Catalyst Install Manager (HKLM…{9A11B072-9CE7-ABB9-2F65-EC971A7B839D}) (Version: 3.0.816.0 – ATI Technologies, Inc.)
    Audacity 2.0.2 (HKLM-x32…Audacity_is1) (Version: 2.0.2 – Audacity Team)
    Avast Free Antivirus (HKLM-x32…Avast) (Version: 10.2.2215 – AVAST Software)
    Avid Audio Drivers (x64) (HKLM…{2F227ACA-204C-4529-BA33-D095C42C72DB}) (Version: 8.0.4 – Avid)
    Avid Effects (HKLM-x32…{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3 – Avid Technology, Inc.)
    Avid Pro Tools (HKLM-x32…{8E60BB71-7EF3-42ED-9F10-AA041F25841A}) (Version: 10.3 – Avid Technology, Inc.)
    BitTorrent (HKUS-1-5-21-877926961-664204807-4073508768-1000…BitTorrent) (Version: 7.9.2.35704 – BitTorrent Inc.)
    bl (x32 Version: 1.0.0 – Your Company Name) Hidden
    Blender (HKLM…Blender) (Version: 2.68a – Blender Foundation)
    Broadcom 2070 Bluetooth 3.0 (HKLM…{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 – Broadcom Corporation)
    Broadcom 802.11 Wireless LAN Adapter (HKLM…Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.140 – Broadcom Corporation)
    Canon MG6200 series MP Drivers (HKLM…{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6200_series) (Version: – )
    Canopus Codec Option 6.01 (HKLM-x32…{28C515CC-489B-4c02-898E-FE5B790E52FF}) (Version: 6.01 – Thomson Canopus Co., Ltd.)
    CCleaner (HKLM…CCleaner) (Version: 4.07 – Piriform)
    CCleaner (HKLM-x32…CCleaner) (Version: 2.36 – Piriform)
    Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32…{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 – Microsoft Corporation)
    CyberLink YouCam (HKLM-x32…InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3922 – CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 – Microsoft) Hidden
    DAEMON Tools Lite (HKLM-x32…DAEMON Tools Lite) (Version: 4.47.1.0333 – Disc Soft Ltd)
    DAEMON Tools Ultra (HKLM-x32…DAEMON Tools Ultra) (Version: 2.1.0.0187 – Disc Soft Ltd)
    EDIUS 6.01 (HKLM-x32…{B91A1230-C199-421e-8F63-7235731D925E}) (Version: 6.01 – Thomson Canopus Co., Ltd.)
    Elements 9 Organizer (x32 Version: 9.0 – Nom de votre société) Hidden
    Elements STI Installer (x32 Version: 1.0 – Adobe Systems Incorporated) Hidden
    ESU for Microsoft Windows 7 (HKLM-x32…{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 – Hewlett-Packard)
    Facebook Video Calling 3.1.0.521 (HKLM-x32…{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 – Skype Limited)
    ForceDownload (x32 Version: 2.5906.00073 – Aedge Performance BCN SL) Hidden
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 – Microsoft Corporation) Hidden
    Google Chrome (HKLM-x32…Google Chrome) (Version: 41.0.2272.118 – Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 – Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 – Google Inc.) Hidden
    HP Games (HKLM-x32…WildTangent hp Master Uninstall) (Version: 1.0.2.4 – WildTangent)
    HP Setup (HKLM-x32…{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 – Hewlett-Packard Company)
    HP Setup Manager (HKLM-x32…{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 – Hewlett-Packard Company)
    IDT Audio (HKLM-x32…{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 – IDT)
    Intel(R) Control Center (HKLM-x32…{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 – Intel Corporation)
    Intel(R) Display Audio Driver (HKLM-x32…{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 – Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32…{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 – Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32…{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 – Intel Corporation)
    Internet TV pour Windows Media Center (HKLM-x32…{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 – Microsoft Corporation)
    iTunes (HKLM…{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 – Apple Inc.)
    Java 7 Update 10 (HKLM-x32…{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.100 – Oracle)
    Java(TM) 6 Update 24 (64-bit) (HKLM…{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 – Oracle)
    Jeux WildTangent (HKLM-x32…WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 – WildTangent)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 – Microsoft Corporation) Hidden
    Keying Suite 64-bit (HKLM-x32…InstallShield_{C6A6C665-F8D7-4CAD-942A-5D2A5C8F5133}) (Version: 11.0.1 – Red Giant Software)
    Keying Suite 64-bit (Version: 11.0.1 – Red Giant Software) Hidden
    Les Sims™ 4 (HKLM-x32…{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 – Electronic Arts Inc.)
    License Support (HKLM-x32…InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 – PACE Anti-Piracy, Inc.)
    License Support (Version: 1.2.0.5555 – PACE Anti-Piracy, Inc.) Hidden
    Mah Jong Medley (x32 Version: 2.2.0.95 – WildTangent) Hidden
    Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32…Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 – Malwarebytes Corporation)
    Matisseo Studio (HKLM-x32…{519B156C-A88C-4BB6-922F-4DA08ADAD6F7}) (Version: 3.5.4 – Matisseo)
    Mesh Runtime (x32 Version: 15.4.5722.2 – Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (Français) (HKLM…{92FB6C44-E685-45AD-9B20-CADF4CABA132} – 1036) (Version: 4.5.50938 – Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM…{92FB6C44-E685-45AD-9B20-CADF4CABA132} – 1033) (Version: 4.5.51209 – Microsoft Corporation)
    Microsoft Office « Démarrer en un clic » 2010 (HKLM-x32…Office14.Click2Run) (Version: 14.0.4763.1000 – Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32…{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: – Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32…{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 – Microsoft Corporation)
    Microsoft Office Professional Plus 2007 (HKLM-x32…PROPLUS) (Version: 12.0.6612.1000 – Microsoft Corporation)
    Microsoft Office Starter 2010 – Français (HKLM-x32…{90140011-0066-040C-0000-0000000FF1CE}) (Version: 14.0.5128.5002 – Microsoft Corporation)
    Microsoft Silverlight (HKLM…{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 – Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32…{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 – Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 – Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 – Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 – Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 – Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729 (HKLM-x32…{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 – Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.21005 (HKLM-x32…{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 – Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.21005 (HKLM-x32…{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 – Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM-x32…{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 – Microsoft Corp.)
    Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32…{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: – Microsoft)
    Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32…{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: – Microsoft)
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32…{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: – Microsoft)
    Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32…{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: – Microsoft)
    MonAlbumPhoto (HKLM-x32…MonAlbumPhoto_is1) (Version: 6.3.5.0 – MonAlbumPhoto)
    Origin (HKLM-x32…Origin) (Version: 9.5.3.636 – Electronic Arts, Inc.)
    PDF Settings CS6 (x32 Version: 11.0 – Adobe Systems Incorporated) Hidden
    ph (x32 Version: 1.0.0 – Your Company Name) Hidden
    Picasa 3 (HKLM-x32…Picasa 3) (Version: 3.9 – Google, Inc.)
    Plants vs. Zombies – Game of the Year (x32 Version: 2.2.0.95 – WildTangent) Hidden
    Plants vs. Zombies (HKLM-x32…Plants vs. Zombies) (Version: – PopCap Games)
    PX Profile Update (x32 Version: 1.00.1. – AMD) Hidden
    QuickTime (HKLM-x32…{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 – Apple Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32…{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 – Realtek)
    Realtek PCIE Card Reader (HKLM-x32…{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 – Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 2.0.0 – Hewlett-Packard) Hidden
    Skype™ 6.20 (HKLM-x32…{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 – Skype Technologies S.A.)
    SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32…InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 – SmartSound Software Inc)
    SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 – SmartSound Software Inc) Hidden
    Spybot – Search & Destroy (HKLM-x32…{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 – Safer Networking Limited)
    Synaptics TouchPad Driver (HKLM…SynTPDeinstKey) (Version: 15.3.11.0 – Synaptics Incorporated)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32…{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: – Microsoft)
    Update Installer for WildTangent Games App (x32 Version: – WildTangent) Hidden
    UsbFix (HKLM-x32…Usbfix) (Version: 7.921 – El Desaparecido – http://www.usbfix.nethttp://www.sosvirus.net)
    Visionneuse Microsoft PowerPoint (HKLM-x32…{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 – Microsoft Corporation)
    Visual C++ 64-bit Redistributables (HKLM-x32…InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 – PACE Anti-Piracy, Inc.)
    Visual C++ Redistributables (HKLM-x32…InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 – PACE Anti-Piracy, Inc.)
    VLC media player 2.0.1 (HKLM-x32…VLC media player) (Version: 2.0.1 – VideoLAN)
    WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 – WildTangent) Hidden
    Windows Live (HKLM-x32…WinLiveSuite) (Version: 15.4.3555.0308 – Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32…{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 – Microsoft Corporation)
    Windows Movie Maker 2.6 (HKLM-x32…{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 – Microsoft Corporation)
    WinRAR 5.21 (32-bit) (HKLM-x32…WinRAR archiver) (Version: 5.21.0 – win.rar GmbH)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKUS-1-5-21-877926961-664204807-4073508768-1000_ClassesCLSID{D45F043D-F17F-4e8a-8435-70971D9FA46D}InprocServer32 -> C:Program Files (x86)Blender FoundationBlenderBlendThumb64.dll ()

    ==================== Restore Points =========================

    ATTENTION: System Restore is disabled.

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 04:34 – 2014-06-12 15:13 – 00449915 ____R C:Windowssystem32Driversetchosts
    127.0.0.1 localhost
    127.0.0.1 http://www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 http://www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 http://www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 http://www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 http://www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 http://www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 http://www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 http://www.100888290cs.com
    127.0.0.1 http://www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 http://www.10sek.com
    127.0.0.1 http://www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 http://www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 http://www.123haustiereundmehr.com

    There are 1000 more lines.

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0346458B-16D5-401F-8E4C-F86410A04215} – System32Tasks{7B028048-2F5E-4014-AD03-931CDF8CD634} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {0559080F-332C-4A44-A4F6-75061E0EF146} – System32Tasks{CE81CCD2-197A-4E78-87D7-99EA044640BA} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {07111E8D-23B9-4802-95BC-EE2B7A829A65} – System32Tasks{1760019D-C1EB-4281-9FE0-C5AF5568AA40} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {0B93140F-B950-436D-B5EB-E2DF96E9AD43} – System32TasksHewlett-PackardHP Support AssistantWarranty Opt-In(Yes) => c:program files (x86)hewlett-packardhp health checkactivecheckproduct_lineDetection_PostWarrantyAlert.exe
    Task: {0DCD4005-D3C7-4487-926F-CA85CB9C9592} – System32TasksServicePlan => C:Program Files (x86)Hewlett-PackardHP SetupRemEngine.exe [2011-01-31] ()
    Task: {0E4FAA28-18D6-4A3F-B399-34D96AF6AF98} – System32Tasks{0B7C506C-B58D-451A-90BE-351AC8201B75} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {17EAF2A9-E9F9-4BFE-9A6A-D00545D3F2ED} – System32TasksMicrosoftWindowsSetupgwxlaunchtrayprocess => C:Windowssystem32GWXGWX.exe [2015-03-25] (Microsoft Corporation)
    Task: {1868C596-4603-4626-A795-3B4B9C20D98E} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2014-10-22] (Google Inc.)
    Task: {1A7C986A-D0E3-4BA1-B53C-8CEA8F0F0E15} – System32Tasks{8C47E546-CC56-4341-ACEE-73972DE77161} => C:Program Files (x86)iTunesiTunes.exe [2012-06-07] (Apple Inc.)
    Task: {1B3812EC-2DF5-4289-A13B-729B844051BA} – System32Tasks{136BAFB5-C771-44E7-A6E9-0159C9E8A619} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {2D500264-F966-4919-B8AC-8177C6A33B51} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2014-10-22] (Google Inc.)
    Task: {2F0DF6FC-E872-4184-B32A-3A8CFA701043} – System32TasksMicrosoftWindowsSetupgwxrefreshgwxcontent => C:Windowssystem32GWXGWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
    Task: {3380E135-F931-4B83-A9E9-7F5AF4BA82E9} – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker => C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe
    Task: {356FFC26-8782-467B-80E9-DCA21324B0D1} – System32Tasks{08FCA88F-6858-4D7C-931D-189953BA3D91} => C:Program Files (x86)GamesAgatha Christie Evil Under the Suneuts.ifn.exe
    Task: {39AE3DCC-A393-4C77-AB24-6F94CDF6741F} – System32TasksAdobeAAMUpdater-1.0-Anach-Anaïs => C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
    Task: {3C4978AC-4D12-4CDC-9836-C27A56E59D5E} – System32Tasks{77E5F3F9-732E-4C46-BF8C-CC59EAAA3D20} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {4159CA97-1378-484C-8490-F7FE8C28EF0E} – System32Tasks{03B37618-11C7-4469-8655-138980AA69C2} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {4A804A3B-ED38-441F-8687-3C4C25E820D7} – System32Tasks{DEEB7061-F9BF-489C-BD0C-32D8B6FC93BC} => C:Program Files (x86)iTunesiTunes.exe [2012-06-07] (Apple Inc.)
    Task: {4CE27016-447A-435A-87B0-C2A9C23093A9} – System32Tasks{86B8AEF3-EFE7-49CE-8011-0DA166476215} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {4D7645EA-268D-4E6D-B0CD-6FF26FE04BAE} – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [2013-10-22] (Piriform Ltd)
    Task: {4F485F86-89D8-4C4F-9D5E-F9CDACCE7E74} – System32Tasks{7A0E9C9A-6FF1-462B-BF6E-5241BBB75D45} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {5352B393-391C-4A4D-A0A5-46F299D5FB98} – System32Tasks{3799018E-6FD3-4F27-8D74-B5BB7F866DD9} => Chrome.exe http://ui.skype.com/ui/0/5.1.0.104.161/fr/go/help.faq.installer?LastError=1603
    Task: {595D8679-7B7F-4B84-9729-356D0E14AD82} – System32Tasks{4C8A8E87-F52C-4242-A1F0-77870DD47393} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {661F854E-F00D-49C8-B971-40F57E142FA5} – System32Tasks{50F8FE3A-39D2-4130-BC20-B7F8714BAA35} => pcalua.exe -a “C:Program Files (x86)WildGamesUninstall.exe”
    Task: {6FCE974C-F28E-4F09-83F4-B2C5CB0015C5} – System32Tasks{0A2CBD04-5CF8-463A-85C0-934869F124D1} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {7111029C-1255-45D2-A148-B3BA138B6E9B} – System32Tasks{DB6AC54A-E004-4523-A1A0-E3F4CBC57135} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {779D9E96-0B92-48BC-9476-87F21ACF65B5} – System32Tasks{6AABA555-AE81-403E-9FA4-B7F40C0AA735} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {88A591FC-7FC1-414F-B2BF-1AC1E7243B41} – System32Tasks{AEF76535-4B32-40A0-A68D-EE673F2D35D2} => C:Program Files (x86)SkypePhoneSkype.exe [2014-08-27] (Skype Technologies S.A.)
    Task: {8BAD4AE6-4E15-4F8E-A5BE-9F7E8DB07BC6} – System32Tasks{8D4495E8-2C49-4FAB-868D-C97148185810} => Chrome.exe http://ui.skype.com/ui/0/5.1.0.104.161/fr/go/help.faq.installer?LastError=1603
    Task: {8CA0AAA4-2115-4A71-A6F2-23FD8E39B685} – System32Tasks{422589A3-AFA0-45AA-9CDF-D67700C7D295} => C:Program Files (x86)GamesAgatha Christie Evil Under the Suneuts.ifn.exe
    Task: {8DB31734-5537-44A5-B276-5809F082ED93} – System32TasksHPCeeScheduleForANACH$ => C:Program Files (x86)Hewlett-PackardHP CeementHPCEE.exe [2010-09-13] (Hewlett-Packard)
    Task: {8EA668E8-CB29-49FA-80DB-057F1FC9FA8C} – System32Tasks{FD17A077-BA8D-485E-A805-FD47B33CDBB4} => C:Program Files (x86)iTunesiTunes.exe [2012-06-07] (Apple Inc.)
    Task: {94B10B31-DB24-4830-A98E-E45127E94AF8} – System32Tasks{8CBC2288-B31B-40D2-8E12-0FFE1A5AE7E8} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {95D5C414-1147-4ECA-805F-F13F6ACBC090} – System32TasksHPCeeScheduleForAnaïs => C:Program Files (x86)Hewlett-PackardHP CeementHPCEE.exe [2010-09-13] (Hewlett-Packard)
    Task: {97E39041-E6F1-452D-9D94-DA38A284BBBB} – System32TasksMicrosoftWindowsSetupgwxrefreshgwxconfig => C:Windowssystem32GWXGWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
    Task: {9CB52043-8AAB-4EF6-AC04-739479EC09DD} – System32TasksFacebookUpdateTaskUserS-1-5-21-877926961-664204807-4073508768-1000UA => C:UsersAnaïsAppDataLocalFacebookUpdateFacebookUpdate.exe
    Task: {9D1669FB-CFB4-4FC1-94CC-24785FB9CBAA} – System32Tasks{F18DE4DB-F0C2-44CC-AFED-DFB867F50E44} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {9E4CF6DD-6F63-4861-9996-2DB5A64253A7} – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker_DeviceScan => C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe
    Task: {A24D019A-1CB8-4384-8726-EBAD25965E88} – System32Tasks{7AC05ECA-450E-426D-8814-1B7ED9BC3B23} => pcalua.exe -a “C:UsersAnaïsVideosJeuxThe Sims 4 (Origin) PC full game + DLC ^^nosTEAM^^Sims4-Origins-nosTEAM.part1The Sims 4__Installervp6vp6install.exe” -d “C:UsersAnaïsVideosJeuxThe Sims 4 (Origin) PC full game + DLC ^^nosTEAM^^Sims4-Origins-nosTEAM.part1The Sims 4__Installervp6”
    Task: {A8F829A6-7F76-4170-A8BD-3F6C6E9E5B88} – System32TasksFacebookUpdateTaskUserS-1-5-21-877926961-664204807-4073508768-1000Core => C:UsersAnaïsAppDataLocalFacebookUpdateFacebookUpdate.exe
    Task: {AB46E701-3EAA-41B0-B74A-F4AA578A4AE1} – System32Tasks{3E2E22D3-7522-47C7-9578-0B09D6E42856} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {AF115090-6347-41C5-8DB9-0D04F831989E} – System32TasksGo for FilesUpdate => C:Program Files (x86)GoforFilesGFFUpdater.exe <==== ATTENTION
    Task: {B086DECB-441A-420C-8E8D-95E6BED8A5F5} – System32Tasks{CEB80E9F-9DFA-46F4-B247-D752EA3E1516} => C:Program Files (x86)GamesAgatha Christie Evil Under the Suneuts.ifn.exe
    Task: {B2FCAF4D-5E58-4400-AFBD-9F5D633B3F2E} – System32Tasks{97B596E1-9E4B-49EE-AD35-2C0FB03D82B3} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {B5F069B0-76EA-4F50-A105-AE8E77CD4987} – System32Tasks{F70C97A3-D2A7-461D-B0CB-53AE6C959D22} => C:UsersAnaïsDesktopAnaïsAdobeprotoolsProTools.exe
    Task: {C2827C6C-E461-4083-8B38-B611B6D4B2C1} – System32Tasks{3272BF75-101B-4D03-A55C-870D5C0660EB} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {C98BE047-0048-479A-A50A-CE897BD8DDF6} – System32Tasks{B4AF19E4-268A-4941-919F-04A268CE1EBF} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {CA9A6DE6-5F64-4549-A22D-65F42C102B98} – System32TasksAdobe Flash Player Updater => C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
    Task: {CF664B88-C056-4546-964B-86F95166DFBF} – System32Tasks{FCB0E8C4-6084-480B-9A62-92E7E35ECFB5} => pcalua.exe -a “C:UsersAnaïsAppDataLocalTempTemp1_Media_Composer_6.5.2_Win.zipMediaComposer_6.5.2Install Media Composer.exe”
    Task: {D31756B2-D503-410E-9E08-A38EBAA96B0D} – System32Tasksavast! Emergency Update => C:Program FilesAVAST SoftwareAvastAvastEmUpdate.exe [2015-04-01] (Avast Software s.r.o.)
    Task: {D57BF789-2910-4F03-BE0F-EC20CB32DFEA} – System32Tasks{BAA6B494-E5FC-44CF-841C-B9D787A537F1} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {D5F702EB-7B00-44B1-B845-B444CDF77D56} – System32TasksOfficeSoftwareProtectionPlatformSvcRestartTask => Sc.exe start osppsvc
    Task: {DE1C93DE-83D4-4213-8010-327059879328} – System32TasksMirageAgent => C:Program Files (x86)CyberLinkYouCamYCMMirage.exe [2011-03-22] (CyberLink)
    Task: {E9E47D38-28D8-4CCF-BA64-47CC319694E6} – System32TasksHewlett-PackardHP Support AssistantWarranty Opt-In(No) => c:program files (x86)hewlett-packardhp health checkactivecheckproduct_lineDetection_PostWarrantyAlert.exe
    Task: {F0F5C32A-F48B-4E66-A84D-9684EE7C8EB5} – System32Tasks{0A518104-42C1-4381-AA31-FBC2F1E05F17} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {F1B7F76E-FE9E-42CD-AE57-5F4A9C875650} – System32Tasks{2867EE6A-F0AE-4BF6-BB99-14713283893F} => C:Program Files (x86)CyberLinkYouCamYouCam.exe [2011-03-22] (CyberLink Corp.)
    Task: {F508D218-BA64-4645-8D85-FDB8FC101C1B} – System32TasksAppleAppleSoftwareUpdate => C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {F6CA4D5D-8EFB-4136-8824-1A09DB25ECA1} – System32TasksMicrosoftWindowsSetupgwxrunappraiser => C:Windowssystem32GWXGWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
    Task: {F70DA853-FE34-4932-A48D-B0B6316FFA20} – System32TasksHewlett-PackardHP Support AssistantHPSAObjUtilTask => C:Program Files (x86)Hewlett-PackardHP Health CheckActiveCheckproduct_lineUtilTask.exe
    Task: C:WindowsTasksAdobe Flash Player Updater.job => C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    Task: C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-877926961-664204807-4073508768-1000Core.job => C:UsersAnaïsAppDataLocalFacebookUpdateFacebookUpdate.exe
    Task: C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-877926961-664204807-4073508768-1000UA.job => C:UsersAnaïsAppDataLocalFacebookUpdateFacebookUpdate.exe
    Task: C:WindowsTasksGoogleUpdateTaskMachineCore.job => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    Task: C:WindowsTasksGoogleUpdateTaskMachineUA.job => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    Task: C:WindowsTasksHPCeeScheduleForANACH$.job => C:Program Files (x86)Hewlett-PackardHP CeementHPCEE.exe
    Task: C:WindowsTasksHPCeeScheduleForAnaïs.job => C:Program Files (x86)Hewlett-PackardHP CeementHPCEE.exe

    ==================== Loaded Modules (whitelisted) ==============

    2015-04-01 17:42 – 2015-04-01 17:42 – 00104400 _____ () C:Program FilesAVAST SoftwareAvastlog.dll
    2015-04-01 17:42 – 2015-04-01 17:42 – 00081728 _____ () C:Program FilesAVAST SoftwareAvastJsonRpcServer.dll
    2015-04-12 21:05 – 2015-04-12 21:05 – 02925568 _____ () C:Program FilesAVAST SoftwareAvastdefs15041201algo.dll
    2015-04-13 10:07 – 2015-04-13 10:07 – 02925568 _____ () C:Program FilesAVAST SoftwareAvastdefs15041300algo.dll
    2011-11-02 00:26 – 2011-11-02 00:26 – 00087912 _____ () C:Program Files (x86)Common FilesAppleApple Application Supportzlib1.dll
    2011-11-02 00:26 – 2011-11-02 00:26 – 01242472 _____ () C:Program Files (x86)Common FilesAppleApple Application Supportlibxml2.dll
    2015-04-01 17:42 – 2015-04-01 17:42 – 40540672 _____ () C:Program FilesAVAST SoftwareAvastlibcef.dll
    2014-10-17 12:50 – 2014-10-17 12:50 – 00172544 _____ () C:WindowsassemblyNativeImages_v2.0.50727_32IsdiInteropb2363cf94faf59386ab4778a39c16e2bIsdiInterop.ni.dll
    2011-11-17 21:48 – 2011-05-20 10:05 – 00059904 _____ () C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIsdiInterop.dll
    2015-04-06 23:47 – 2015-03-30 23:07 – 01174856 _____ () C:Program Files (x86)GoogleChromeApplication41.0.2272.118libglesv2.dll
    2015-04-06 23:47 – 2015-03-30 23:07 – 00080200 _____ () C:Program Files (x86)GoogleChromeApplication41.0.2272.118libegl.dll
    2015-04-06 23:47 – 2015-03-30 23:07 – 09279304 _____ () C:Program Files (x86)GoogleChromeApplication41.0.2272.118pdf.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:Program FilesCommon FilesMicrosoft Shared:RljNhfZ1ojHBcEXtnlyE
    AlternateDataStreams: C:Program FilesCommon FilesSystem:V2g8DMZCTd3nc8X3dFx
    AlternateDataStreams: C:ProgramDataMicrosoft:36JhS8IducoIKrI76qn9pDccMMDj
    AlternateDataStreams: C:ProgramDataMicrosoft:4b79B1gZxKKmFPBSr0p0EpQFYykX
    AlternateDataStreams: C:ProgramDataMicrosoft:4jYPtZEoOvO5uB8fKMzNSuy13c
    AlternateDataStreams: C:ProgramDataMicrosoft:anhugu4Dr1WegN8Eq1hjr
    AlternateDataStreams: C:ProgramDataMicrosoft:btzqCsWKj6YRk5IUyGL
    AlternateDataStreams: C:ProgramDataMicrosoft:lD70ew3MhQClYihVgJQT3UNc
    AlternateDataStreams: C:ProgramDataMicrosoft:meyetO6oxcgFmH3krJ
    AlternateDataStreams: C:ProgramDataMicrosoft:Uu1Ly2qqEeHUOTeiQYGLMDELoj
    AlternateDataStreams: C:UsersAnaïsLocal Settings:JQC6EsA4BwMk6zNRHTocUn0p5FnJq
    AlternateDataStreams: C:UsersAnaïsAppDataLocal:JQC6EsA4BwMk6zNRHTocUn0p5FnJq
    AlternateDataStreams: C:UsersAnaïsAppDataLocalApplication Data:JQC6EsA4BwMk6zNRHTocUn0p5FnJq
    AlternateDataStreams: C:UsersAnaïsAppDataLocalTemporary Internet Files:1tfYW50hUKxR4dQ1CGBvIs9
    AlternateDataStreams: C:UsersAnaïsAppDataLocalTemporary Internet Files:ANO9aZv8QRXK7UPIcS8I
    AlternateDataStreams: C:UsersAnaïsAppDataLocalTemporary Internet Files:fj9AZT0yfyEFF4JPcoVOtI9MHX9

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKUS-1-5-21-877926961-664204807-4073508768-1000Control PanelDesktop\Wallpaper -> C:UsersAnaïsAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIGstartupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:WindowspssBluetooth.lnk.CommonStartup
    MSCONFIGstartupreg: Adobe ARM => “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    MSCONFIGstartupreg: Adobe Reader Speed Launcher => “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
    MSCONFIGstartupreg: AdobeAAMUpdater-1.0 => “C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”
    MSCONFIGstartupreg: AdobeCS6ServiceManager => “C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin
    MSCONFIGstartupreg: Akamai NetSession Interface => “C:UsersAnaïsAppDataLocalAkamainetsession_win.exe”
    MSCONFIGstartupreg: APSDaemon => “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    MSCONFIGstartupreg: DAEMON Tools Lite => “C:Program Files (x86)DAEMON Tools LiteDTLite.exe” -autorun
    MSCONFIGstartupreg: DAEMON Tools Ultra Agent => “C:Program Files (x86)DAEMON Tools UltraDTAgent.exe” -autorun
    MSCONFIGstartupreg: DigidesignMMERefresh => C:Program Files (x86)DigidesignDriversMMERefresh.exe
    MSCONFIGstartupreg: Easybits Recovery => C:Program Files (x86)EasyBits For KidsezRecover.exe
    MSCONFIGstartupreg: Facebook Update => “C:UsersAnaïsAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    MSCONFIGstartupreg: HotKeysCmds => C:Windowssystem32hkcmd.exe
    MSCONFIGstartupreg: HP Quick Launch => C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
    MSCONFIGstartupreg: HPConnectionManager => C:Program Files (x86)Hewlett-PackardHP Connection ManagerHPCMDelayStart.exe
    MSCONFIGstartupreg: HPOSD => C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
    MSCONFIGstartupreg: IAStorIcon => C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
    MSCONFIGstartupreg: IgfxTray => C:Windowssystem32igfxtray.exe
    MSCONFIGstartupreg: Iminent => C:Program Files (x86)IminentIminent.exe /warmup “F77F87E5-A6BD-4922-A530-EDF63D7E9F8C”
    MSCONFIGstartupreg: IminentMessenger => C:Program Files (x86)IminentIminent.Messengers.exe /startup
    MSCONFIGstartupreg: iTunesHelper => “C:Program Files (x86)iTunesiTunesHelper.exe”
    MSCONFIGstartupreg: Persistence => C:Windowssystem32igfxpers.exe
    MSCONFIGstartupreg: QuickTime Task => “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
    MSCONFIGstartupreg: RESTART_STICKY_NOTES => C:WindowsSystem32StikyNot.exe
    MSCONFIGstartupreg: StartCCC => “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    MSCONFIGstartupreg: SunJavaUpdateSched => “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    MSCONFIGstartupreg: SweetIM =>
    MSCONFIGstartupreg: SwitchBoard => C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
    MSCONFIGstartupreg: SynTPEnh => %programFiles%SynapticsSynTPSynTPEnh.exe
    MSCONFIGstartupreg: SysTrayApp => C:Program FilesIDTWDMsttray64.exe

    ==================== Accounts: =============================

    13845260001343C99E40 (S-1-5-21-877926961-664204807-4073508768-1001 – Limited – Enabled)
    4EBA1371B60D4C33B22E (S-1-5-21-877926961-664204807-4073508768-1101 – Limited – Enabled)
    Administrateur (S-1-5-21-877926961-664204807-4073508768-500 – Administrator – Disabled)
    Anaïs (S-1-5-21-877926961-664204807-4073508768-1000 – Administrator – Enabled) => C:UsersAnaïs
    C84FFC72E75449D78F62 (S-1-5-21-877926961-664204807-4073508768-1049 – Limited – Enabled)
    Invité (S-1-5-21-877926961-664204807-4073508768-501 – Limited – Disabled) => C:UsersInvité

    ==================== Faulty Device Manager Devices =============

    Could not list Devices. Check “winmgmt” service or repair WMI.

    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (04/13/2015 10:11:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORITE NT)
    Description: Le déchargement des chaînes de compteurs de performances pour le service WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code d’erreur.

    Error: (04/13/2015 10:11:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
    Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

    Error: (04/13/2015 10:11:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
    Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

    Error: (04/13/2015 10:08:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./ROOT/CIMV2SELECT * FROM __InstanceCreationEvent WITHIN 5 WHERE TargetInstance ISA ‘Win32_Process’0x80041010

    Error: (04/13/2015 01:56:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORITE NT)
    Description: Le déchargement des chaînes de compteurs de performances pour le service WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code d’erreur.

    Error: (04/13/2015 01:56:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
    Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

    Error: (04/13/2015 01:56:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: AUTORITE NT)
    Description: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

    Error: (04/13/2015 01:53:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./ROOT/CIMV2SELECT * FROM __InstanceCreationEvent WITHIN 5 WHERE TargetInstance ISA ‘Win32_Process’0x80041010

    Error: (04/12/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4104) (User: )
    Description: La sauvegarde a échoué. Erreur : La sauvegarde Windows a dû ignorer tous les lecteurs inclus dans la sauvegarde. Vérifiez que les lecteurs sont branchés et fonctionnent correctement. (0x810000FF).

    Error: (04/12/2015 01:06:17 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: AUTORITE NT)
    Description: Le déchargement des chaînes de compteurs de performances pour le service WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code d’erreur.

    System errors:
    =============
    Error: (04/13/2015 10:08:33 AM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
    Description: spécifiques à l’applicationLocalExécution{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORITE NTSystèmeS-1-5-18LocalHost (utilisation de LRPC)

    Error: (04/13/2015 10:07:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Le service Sentinel64 n’a pas pu démarrer en raison de l’erreur :
    %%20

    Error: (04/13/2015 02:25:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
    Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.

    Chemin d’accès du module : C:WindowsSystem32bcmihvsrv64.dll

    Error: (04/13/2015 02:25:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
    Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.

    Chemin d’accès du module : C:WindowsSystem32bcmihvsrv64.dll

    Error: (04/13/2015 02:25:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
    Description: Le module d’extensibilité WLAN s’est arrêté de façon inattendue.

    Chemin d’accès du module : C:WindowsSystem32bcmihvsrv64.dll

    Error: (04/13/2015 02:12:26 AM) (Source: Disk) (EventID: 7) (User: )
    Description: Le périphérique DeviceHarddisk1DR3 comporte un bloc défectueux.

    Error: (04/13/2015 01:57:49 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: Le Gestionnaire de services de contrôle a essayé d’entreprendre une action corrective (Redémarrer le service) après la fin inattendue du service Windows Search, mais cette action a échoué en raison de l’erreur suivante :
    %%1056

    Error: (04/13/2015 01:57:48 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: Le Gestionnaire de services de contrôle a essayé d’entreprendre une action corrective (Redémarrer le service) après la fin inattendue du service Service Partage réseau du Lecteur Windows Media, mais cette action a échoué en raison de l’erreur suivante :
    %%1056

    Error: (04/13/2015 01:57:49 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

    Error: (04/13/2015 01:57:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: Le service Application Virtualization Client s’est terminé de façon inattendue pour la 1ème fois.

    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2014-06-12 11:26:35.967
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier DeviceHarddiskVolume2ComboFixcatchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

    Date: 2014-06-12 11:26:35.889
    Description: Windows ne peut pas vérifier l’intégrité d’image du fichier DeviceHarddiskVolume2ComboFixcatchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
    Percentage of memory in use: 34%
    Total physical RAM: 8139.86 MB
    Available physical RAM: 5312.57 MB
    Total Pagefile: 16277.91 MB
    Available Pagefile: 13314.86 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.83 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:680.86 GB) (Free:122.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (RECOVERY) (Fixed) (Total:17.49 GB) (Free:1.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive e: (Blue Velviette) (CDROM) (Total:4.38 GB) (Free:4.3 GB) UDF
    Drive h: (EOS_DIGITAL) (Removable) (Total:59.62 GB) (Free:39.27 GB) exFAT
    Drive j: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:163.34 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: D292CBF5)
    Partition 1: (Active) – (Size=199 MB) – (Type=07 NTFS)
    Partition 2: (Not Active) – (Size=680.9 GB) – (Type=07 NTFS)
    Partition 3: (Not Active) – (Size=17.5 GB) – (Type=07 NTFS)
    Partition 4: (Not Active) – (Size=103 MB) – (Type=0C)

    ========================================================
    Disk: 1 (Size: 59.7 GB) (Disk ID: 00000000)

    Partition: GPT Partition Type.

    ========================================================
    Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 29A5BF00)
    Partition 1: (Not Active) – (Size=931.5 GB) – (Type=07 NTFS)

    ==================== End Of Log ============================

  • Anonyme
    Nombre d'articles : 0
  • g3n-h@ckm@n
    Admin bbPress
    Nombre d'articles : 8433

    Salut pour avancer :

    • Désactive ton antivirus le temps du téléchargement et de l’utilisation, le mieux étant jusqu’au prochain redémarrage.
    • Télécharge AdsFix sur ton bureau.
      Note : Enregistrer votre travail avant de continuer !
    • Lance AdsFix ( clic droit “executer en tant qu’administrateur” pour Vista/7/8/8.1 )
    • Pour un pc assez infecté , il peut mettre plusieurs secondes à se charger
    • Inscrit ton pays
    • Clique sur Nettoyer , après l’avoir débloqué dans les options

      Note : Patiente le temps du scan
    • Laisse travailler l’outil même s’il te parait bloqué
    • Si l’outil détecte un proxy que tu ne connais pas clic sur : “Supprimer le proxy
    • Héberge le rapport C:AdsFix_date_heure.txt sur SOSUpload puis donne le lien obtenu.

    Aide:

Le sujet ‘PC infecté Help’ est fermé à de nouvelles réponses.