Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-12-2014 01 Ran by bernard at 2014-12-16 20:12:37 Running from C:\Users\bernard\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3DVIA player 5.0.0.20 (HKLM\...\{B01DD1A4-F4E1-4CE7-AB6E-3168C5BD5D30}) (Version: 5.0.20 - 3DVIA) 7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - ) Acronis True Image Home (HKLM\...\{E5343B27-55DF-40BD-9FCF-A643C1331E8A}) (Version: 11.0.8041 - Acronis) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{319271B3-E2AA-F623-928E-245C9EBF16F7}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology) Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software) AVIcodec (remove only) (HKLM\...\AVIcodec) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform) CDDRV_Installer (Version: 4.60 - Logitech) Hidden Centre Souris et Claviers Microsoft (Version: 2.1.177.0 - Microsoft Corporation) Hidden Disk Unlocker (HKLM\...\{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}) (Version: 2.0.6 - ASUS) EPSON SX110 Series Printer Uninstall (HKLM\...\EPSON SX110 Series) (Version: - SEIKO EPSON Corporation) Glary Utilities 5.13 (HKLM\...\Glary Utilities 5) (Version: 5.13.0.26 - Glarysoft Ltd) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) HP Deskjet 3050 J610 series Aide (HKLM\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard) Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) JMicron JMB36X Driver (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.65.11 - JMicron Technology Corp.) KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden LibreOffice 4.3.0.4 (HKLM\...\{5C005E2A-AEAE-4DF7-B7CA-1E6DCDD2AEA4}) (Version: 4.3.0.4 - The Document Foundation) Logiciel de base du périphérique HP Deskjet 3050 J610 series (HKLM\...\{E05489BA-79B1-4125-A24D-032745910B65}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Ma-Config.com (HKLM\...\{2188D50C-BA8A-47AD-8477-17B5BE12532D}) (Version: 7.1.5.0 - Cybelsoft) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Micro Application - Le Généalogiste Deluxe (HKLM\...\Le Généalogiste Deluxe) (Version: - ) Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Money (HKLM\...\Money2005b) (Version: 14 - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM\...\{9011040C-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Module de compatibilité pour Microsoft Office System 2007 (HKLM\...\{90120000-0020-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Mozilla Firefox 34.0.5 (x86 fr) (HKLM\...\Mozilla Firefox 34.0.5 (x86 fr)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla) Mozilla Thunderbird 31.3.0 (x86 fr) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 fr)) (Version: 31.3.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.0 - pdfforge) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Prerequisite installer (Version: 12.0.0002 - Nero AG) Hidden Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.89.716.2014 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.) RegSeeker (HKLM\...\RegSeeker) (Version: 2.57.2212 - HoverDesk) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version: - Punk Software) SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.6 - Seagate Technology) SecurityKISS Tunnel v0.3.0 (HKLM\...\SecurityKISS Tunnel_is1) (Version: - ) SES Driver (HKLM\...\{0673654C-5296-453B-9798-B61CD7E03FEB}) (Version: 1.0.0 - Western Digital) Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform) TuneUp Utilities Language Pack (fr-FR) (Version: 9.0.6000.10 - TuneUp Software) Hidden UsbFix (HKLM\...\Usbfix) (Version: 7.806 - El Desaparecido - www.usbfix.net - www.sosvirus.net) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) XnView 2.25 (HKLM\...\XnView_is1) (Version: 2.25 - Gougelet Pierre-e) ZHPDiag 2014 (HKLM\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{00b7e0ab-817a-44ad-a04b-d1148d524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{7c6e29bc-8b8b-4c3d-859e-af6cd158be0f}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{88d969c0-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{88d969c1-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{88d969c2-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{88d969c3-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{88d969c4-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{88d969c5-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{88d969c6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{88d969c8-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{88d969c9-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{88d969ca-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{88d969d6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{C539A15A-3AF9-4c92-B771-50CB78F5C751}\InprocServer32 -> C:\Program Files\Acronis\TrueImageHome\tishell.dll (Acronis) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{C539A15B-3AF9-4c92-B771-50CB78F5C751}\InprocServer32 -> C:\Program Files\Acronis\TrueImageHome\tishell.dll (Acronis) CustomCLSID: HKU\S-1-5-21-1310518111-3091880941-4090526132-1000_Classes\CLSID\{C539A15C-3AF9-4c92-B771-50CB78F5C751}\InprocServer32 -> C:\Program Files\Acronis\TrueImageHome\tishell32.dll (Acronis) ==================== Restore Points ========================= 14-10-2014 16:32:32 Point de contrôle planifié 16-10-2014 11:43:31 Windows Update 23-10-2014 16:58:12 Point de contrôle planifié 01-11-2014 16:49:01 Point de contrôle planifié 08-11-2014 18:07:47 Point de contrôle planifié 12-11-2014 15:35:45 Windows Update 16-11-2014 12:54:30 avast! antivirus system restore point 19-11-2014 14:00:08 Windows Update 22-11-2014 15:55:13 Installed Ma-Config.com 22-11-2014 16:02:23 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 22-11-2014 16:09:34 Installé Realtek Ethernet Controller Driver 22-11-2014 16:12:40 Installed ASUS MultiFrame 22-11-2014 16:37:08 Removed ASUS MultiFrame 22-11-2014 16:38:49 Installed Ma-Config.com 22-11-2014 16:43:57 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 22-11-2014 19:51:17 Installed ASUS MultiFrame 23-11-2014 15:29:46 Installed Microsoft WorldWide Telescope 23-11-2014 15:30:54 Installed Windows Live ID Client Runtime 23-11-2014 15:43:30 Removed Microsoft WorldWide Telescope 23-11-2014 16:20:43 Removed ASUS MultiFrame 24-11-2014 12:35:43 Sauvegarde Windows 25-11-2014 15:41:32 Installation du package de pilotes : TAP-Windows Provider V9 Cartes réseau 28-11-2014 12:56:29 Supprimé TuneUp Utilities 2014 28-11-2014 12:57:27 Supprimé TuneUp Utilities 2014 (fr-FR) 30-11-2014 09:53:47 Installed PDF Architect 2 View Module 30-11-2014 09:56:06 Installed PDF Architect 2 Create Module 30-11-2014 09:56:49 Installed PDF Architect 2 Edit Module 30-11-2014 10:00:19 avast! antivirus system restore point 30-11-2014 10:25:27 Installation du package de pilotes : TAP-Win32 Provider V9 Cartes réseau 01-12-2014 11:03:04 Sauvegarde Windows 06-12-2014 21:35:12 Removed Boxore Client 07-12-2014 14:44:01 Supprimé Acronis True Image 2014 07-12-2014 14:59:29 Supprimé Acronis True Image Home 2011 07-12-2014 15:00:58 Supprimé Acronis True Image Home 2011 07-12-2014 15:02:06 Supprimé Acronis True Image Home 2011 07-12-2014 15:05:21 Supprimé Acronis True Image Home 2011 07-12-2014 15:35:36 Supprimé 07-12-2014 19:13:05 Revo Uninstaller's restore point - Acronis True Image Home 2011 07-12-2014 19:13:34 Supprimé 07-12-2014 19:28:42 Sauvegarde Windows 08-12-2014 10:11:58 Removed Disk Unlocker 10-12-2014 09:25:13 Windows Update 10-12-2014 09:38:42 Windows Update 10-12-2014 12:32:35 Installé Acronis True Image Home 10-12-2014 16:29:46 Removed Logitech Vid. 10-12-2014 16:32:02 Logitech Webcam Software v12.10.1110 12-12-2014 12:00:56 Windows Update 12-12-2014 13:30:16 Windows Update 12-12-2014 13:31:06 Windows Update 12-12-2014 14:03:00 12 décembre 2014 12-12-2014 14:07:33 12 décembre 2014 15h 12-12-2014 14:57:32 Windows Update 13-12-2014 13:44:16 Windows Update 13-12-2014 16:26:44 Windows Update 14-12-2014 09:18:48 Removed Java 7 Update 67 14-12-2014 09:45:36 ZHPFix Restore System Point 14-12-2014 10:09:48 Windows Update 14-12-2014 12:55:39 Windows Update 14-12-2014 18:00:39 Sauvegarde Windows 14-12-2014 19:51:43 Windows Update 15-12-2014 14:05:47 Windows Update 15-12-2014 19:53:38 Windows Update 16-12-2014 10:03:12 Windows Update 16-12-2014 18:21:40 Programme d’installation pour les modules Windows ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2013-12-24 14:24 - 00450660 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.10sek.com 127.0.0.1 10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 www.123fporn.info 127.0.0.1 123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1FB4CE33-0986-4F4B-BBAA-A6C6ED730456} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-16] (AVAST Software) Task: {2A735163-ED0D-43A8-9E10-1EC6CD0CC48D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe Task: {2B8C6CFD-91F2-425C-B6FB-2A4B8BDC6441} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe Task: {3A976831-2E80-44D3-86B9-5481FE2B43B9} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [2014-11-24] (Glarysoft Ltd) Task: {414FDA39-A851-48A4-8063-FA0DBAA1B81D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.) Task: {5BDDAF41-7740-411D-B6D8-75A52BEB668A} - \Update Service SimpleFiles No Task File <==== ATTENTION Task: {62B5F411-80E9-4C7E-8B45-073A0EBAB653} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated) Task: {8EE4B44D-97F7-49A5-AA53-F27C30093600} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe Task: {91872D54-DB6B-4593-A1FE-EA04765CF82F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd) Task: {ABA57514-2385-4E11-84B3-06AFC7D3606F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-24] (Google Inc.) Task: {AE8D1FFC-3AC3-46BC-862F-8333FF18E9FB} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe Task: {BAA9F678-B278-4A71-AF1B-B1B2EE6934A1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe Task: {F37AB401-E92B-4ED0-99F3-DD52F8BE7058} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files\Glary Utilities 5\Initialize.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-12-16 10:35 - 2014-12-16 10:35 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121600\algo.dll 2014-11-16 13:56 - 2014-11-16 13:56 - 02151544 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxVMM.dll 2014-11-16 13:56 - 2014-11-16 13:56 - 00021488 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxREM.dll 2014-11-16 13:56 - 2014-11-16 13:56 - 04474224 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2007-10-08 11:19 - 2007-10-08 11:19 - 00493200 _____ () C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe 2012-02-29 20:15 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files\RocketDock\RocketDock.dll 2012-11-03 18:24 - 2007-05-22 10:59 - 00128512 _____ () C:\Program Files\WinRAR\rarext.dll 2014-11-16 13:56 - 2014-11-16 13:56 - 00317632 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2014-11-16 13:56 - 2014-11-16 13:56 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2012-02-29 20:15 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files\RocketDock\RocketDock.exe 2014-12-09 21:09 - 2014-12-09 21:09 - 03758192 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2014-12-14 16:30 - 2014-12-14 16:30 - 01020928 _____ () C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\6er7s2bi.default-1417900381391\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 AlternateDataStreams: C:\Users\bernard\Downloads:P2PRocket.GUID AlternateDataStreams: C:\Users\bernard\Downloads:Shareaza.GUID AlternateDataStreams: C:\Users\bernard\Videos:Shareaza.GUID AlternateDataStreams: C:\Users\bernard\Documents\Mes vidéos:Shareaza.GUID ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: AcrSch2Svc => 2 MSCONFIG\Services: afcdpsrv => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Agent Serveur Média.lnk => C:\Windows\pss\Agent Serveur Média.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk => C:\Windows\pss\Install LastPass FF RunOnce.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk => C:\Windows\pss\Install LastPass IE RunOnce.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^bernard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Enregistrement du produit.lnk => C:\Windows\pss\Logitech . Enregistrement du produit.lnk.Startup MSCONFIG\startupfolder: C:^Users^bernard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^lollipop.lnk => C:\Windows\pss\lollipop.lnk.Startup MSCONFIG\startupfolder: C:^Users^bernard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => MSCONFIG\startupreg: BitTorrent => MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR MSCONFIG\startupreg: Gadwin PrintScreen => MSCONFIG\startupreg: Glary Memory Optimizer => C:\Program Files\Glary Utilities 5\memdefrag.exe /autostart MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun MSCONFIG\startupreg: IndexSearch => MSCONFIG\startupreg: IntelliPoint => MSCONFIG\startupreg: IntelliType Pro => MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE MSCONFIG\startupreg: Logitech Vid => "C:\Program Files\Logitech\Logitech Vid\Vid.exe" -bootmode MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide MSCONFIG\startupreg: OpAgent => MSCONFIG\startupreg: OpScheduler => MSCONFIG\startupreg: Opware15 => MSCONFIG\startupreg: Orange Installer => MSCONFIG\startupreg: orangeinside => MSCONFIG\startupreg: PaperPort PTD => MSCONFIG\startupreg: RtHDVCpl => MSCONFIG\startupreg: SAOB Monitor => MSCONFIG\startupreg: ScanSoft OmniPage 15.0-reminder => MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: Shareaza => MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: swg => MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe ========================= Accounts: ========================== Administrateur (S-1-5-21-1310518111-3091880941-4090526132-500 - Administrator - Disabled) bernard (S-1-5-21-1310518111-3091880941-4090526132-1000 - Administrator - Enabled) => C:\Users\bernard Invité (S-1-5-21-1310518111-3091880941-4090526132-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/16/2014 07:25:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Le service Services de chiffrement n’a pas réussi à initialiser la base de données du catalogue. L’erreur ESENT était : -1305. Error: (12/16/2014 07:24:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Initialize.exe, version : 5.0.0.31, horodatage : 0x5403cf53 Nom du module défaillant : MSVCR90.dll, version : 9.0.30729.6161, horodatage : 0x4dace5b9 Code d’exception : 0xc0000417 Décalage d’erreur : 0x0006f5ca ID du processus défaillant : 0xb18 Heure de début de l’application défaillante : 0xInitialize.exe0 Chemin d’accès de l’application défaillante : Initialize.exe1 Chemin d’accès du module défaillant: Initialize.exe2 ID de rapport : Initialize.exe3 Error: (12/16/2014 03:51:01 PM) (Source: Acronis Scheduler) (EventID: 1) (User: AUTORITE NT) Description: Scheduler can not run task with GUID "A2BB4F95-348C-4590-958E-DF518374D6D4" and command "C:\Program Files\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exenis\TrueImageHome\license_activator.exe". Error: (12/16/2014 00:37:43 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (12/16/2014 00:37:20 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (12/16/2014 00:37:18 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (12/16/2014 00:07:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Initialize.exe, version : 5.0.0.31, horodatage : 0x5403cf53 Nom du module défaillant : MSVCR90.dll, version : 9.0.30729.6161, horodatage : 0x4dace5b9 Code d’exception : 0xc0000417 Décalage d’erreur : 0x0006f5ca ID du processus défaillant : 0x8e4 Heure de début de l’application défaillante : 0xInitialize.exe0 Chemin d’accès de l’application défaillante : Initialize.exe1 Chemin d’accès du module défaillant: Initialize.exe2 ID de rapport : Initialize.exe3 Error: (12/16/2014 10:35:13 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Initialize.exe, version : 5.0.0.31, horodatage : 0x5403cf53 Nom du module défaillant : MSVCR90.dll, version : 9.0.30729.6161, horodatage : 0x4dace5b9 Code d’exception : 0xc0000417 Décalage d’erreur : 0x0006f5ca ID du processus défaillant : 0xb80 Heure de début de l’application défaillante : 0xInitialize.exe0 Chemin d’accès de l’application défaillante : Initialize.exe1 Chemin d’accès du module défaillant: Initialize.exe2 ID de rapport : Initialize.exe3 Error: (12/15/2014 04:54:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Initialize.exe, version : 5.0.0.31, horodatage : 0x5403cf53 Nom du module défaillant : MSVCR90.dll, version : 9.0.30729.6161, horodatage : 0x4dace5b9 Code d’exception : 0xc0000417 Décalage d’erreur : 0x0006f5ca ID du processus défaillant : 0x914 Heure de début de l’application défaillante : 0xInitialize.exe0 Chemin d’accès de l’application défaillante : Initialize.exe1 Chemin d’accès du module défaillant: Initialize.exe2 ID de rapport : Initialize.exe3 Error: (12/15/2014 04:53:36 PM) (Source: Acronis Scheduler) (EventID: 1) (User: AUTORITE NT) Description: Scheduler can not run task with GUID "A2BB4F95-348C-4590-958E-DF518374D6D4" and command "C:\Program Files\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exenis\TrueImageHome\license_activator.exe". System errors: ============= Error: (12/16/2014 07:29:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Windows Update est en attente de démarrage. Error: (12/16/2014 07:26:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service HP Network Devices Support s’est arrêté avec l’erreur : %%126 Error: (12/16/2014 07:24:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service AODDriver4.3 n’a pas pu démarrer en raison de l’erreur : %%2 Error: (12/16/2014 07:24:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service AODDriver4.3 n’a pas pu démarrer en raison de l’erreur : %%2 Error: (12/16/2014 07:24:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service AODDriver4.2.0 n’a pas pu démarrer en raison de l’erreur : %%2 Error: (12/16/2014 04:51:00 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service ASDiskUnlocker a signalé un état actuel 11 non valide. Error: (12/16/2014 03:53:48 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service ASDiskUnlocker a signalé un état actuel 11 non valide. Error: (12/16/2014 03:52:18 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service ASDiskUnlocker a signalé un état actuel 11 non valide. Error: (12/16/2014 02:11:57 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service ASDiskUnlocker a signalé un état actuel 11 non valide. Error: (12/16/2014 02:02:54 PM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Le service ASDiskUnlocker a signalé un état actuel 11 non valide. Microsoft Office Sessions: ========================= Error: (12/16/2014 07:25:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: -1305 Error: (12/16/2014 07:24:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Initialize.exe5.0.0.315403cf53MSVCR90.dll9.0.30729.61614dace5b9c00004170006f5cab1801d0195d8c00df5dC:\Program Files\Glary Utilities 5\Initialize.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dlld2a8db84-8550-11e4-8e82-c8600007d713 Error: (12/16/2014 03:51:01 PM) (Source: Acronis Scheduler) (EventID: 1) (User: AUTORITE NT) Description: Scheduler can not run task with GUID "A2BB4F95-348C-4590-958E-DF518374D6D4" and command "C:\Program Files\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exenis\TrueImageHome\license_activator.exe".Error code: 3Le chemin d’accès spécifié est introuvable. Error: (12/16/2014 00:37:43 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\ati technologies\ATI.ACE\core-static\SLSTaskbar64.exe Error: (12/16/2014 00:37:20 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 3050 J610 series\DriverStore\Pipeline\amd64\hpinkins9311.exe Error: (12/16/2014 00:37:18 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\glary utilities 5\DPInst64.exe Error: (12/16/2014 00:07:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Initialize.exe5.0.0.315403cf53MSVCR90.dll9.0.30729.61614dace5b9c00004170006f5ca8e401d019207442c335C:\Program Files\Glary Utilities 5\Initialize.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dllbd6fd445-8513-11e4-a150-c8600007d713 Error: (12/16/2014 10:35:13 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Initialize.exe5.0.0.315403cf53MSVCR90.dll9.0.30729.61614dace5b9c00004170006f5cab8001d019137bbbc504C:\Program Files\Glary Utilities 5\Initialize.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dlld53c1a86-8506-11e4-8dec-c8600007d713 Error: (12/15/2014 04:54:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Initialize.exe5.0.0.315403cf53MSVCR90.dll9.0.30729.61614dace5b9c00004170006f5ca91401d0187f4969de09C:\Program Files\Glary Utilities 5\Initialize.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dlla2105de2-8472-11e4-a076-c8600007d713 Error: (12/15/2014 04:53:36 PM) (Source: Acronis Scheduler) (EventID: 1) (User: AUTORITE NT) Description: Scheduler can not run task with GUID "A2BB4F95-348C-4590-958E-DF518374D6D4" and command "C:\Program Files\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exenis\TrueImageHome\license_activator.exe".Error code: 3Le chemin d’accès spécifié est introuvable. ==================== Memory info =========================== Processor: AMD FX(tm)-4100 Quad-Core Processor Percentage of memory in use: 41% Total physical RAM: 3033.36 MB Available physical RAM: 1759.91 MB Total Pagefile: 6065.02 MB Available Pagefile: 4480.58 MB Total Virtual: 2047.88 MB Available Virtual: 1904.04 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:317.3 GB) NTFS Drive d: (GRMCPRFREO_FR_DVD) (CDROM) (Total:2.28 GB) (Free:0 GB) UDF Drive e: () (Fixed) (Total:465.76 GB) (Free:55.6 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive f: (Réservé au système) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive g: (My Passport) (Fixed) (Total:298.09 GB) (Free:197.73 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F228DDB8) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 702791A2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 298.1 GB) (Disk ID: 5B6AC646) Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================