Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-05-2015 Ran by sadaik at 2015-06-01 22:07:07 Running from C:\Users\sadaik\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-1243563072-2189662949-1172452096-500 - Administrator - Disabled) Invité (S-1-5-21-1243563072-2189662949-1172452096-501 - Limited - Disabled) sadaik (S-1-5-21-1243563072-2189662949-1172452096-1000 - Administrator - Enabled) => C:\Users\sadaik ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Lavasoft Ad-Watch Live! Antivirus (Enabled - Up to date) {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} AS: Lavasoft Ad-Watch Live! (Enabled - Up to date) {24938260-56EE-C1E5-047B-DC2BDD234BAB} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM\...\uTorrent) (Version: 2.2.0 - ) Ad-Aware (HKLM\...\{55A81696-CC30-4EAE-AC1F-EE6A5781EBFB}) (Version: 9.0.6 - Lavasoft Limited) Ad-Aware (HKLM\...\{D56B3391-1DAB-4AB3-AFF5-D55457911BBB}) (Version: 9.5.0 - Lavasoft Limited) Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated) Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Photoshop Elements 6.0 (HKLM\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems, Inc.) Adobe Premiere Elements 4.0 (HKLM\...\PremElem40) (Version: 4.0 - Adobe Systems Incorporated) Adobe Premiere Elements 4.0 Templates (HKLM\...\PremElem40Templates) (Version: 4.0.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.11) - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated) Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}) (Version: 2.6.0.32 - Apple Inc.) Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.) Archiveur WinRAR (HKLM\...\WinRAR archiver) (Version: - ) Assistance Livebox (HKLM\...\Assistance Livebox) (Version: 2.0.2.1 - Orange) Assistant de connexion Windows Live (HKLM\...\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}) (Version: 5.000.818.5 - Microsoft Corporation) AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies) AVG 2014 (Version: 14.0.4311 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.5.0.909 - AVG Technologies) Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.) Code de la Route 2008 (HKLM\...\{9BB9F8F2-3073-4F47-8207-0E7191C67DE9}) (Version: 3.3 - Micro Application) EasyBits Magic Desktop (HKLM\...\EasyBits Magic Desktop) (Version: - ) eMule (HKLM\...\eMule) (Version: - ) Favorit (HKLM\...\pjcdxa) (Version: - ) Google Chrome (HKU\S-1-5-21-1243563072-2189662949-1172452096-1000\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.) Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden HDReg France (HKLM\...\{0ED40D2A-7131-4FE7-941E-5C329336F712}) (Version: 2.0.0 - Acxiom) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Java 7 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle) Java(TM) 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.) LauncherMA (HKLM\...\{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}) (Version: 1.00.0000 - Micro Application) Les Trésors de Montezuma 2 (HKLM\...\{3FC1775B-82FE-4023-A374-F428992FDC19}) (Version: 1.00.000 - ) Lyrics Plugin for Windows Media Player (HKLM\...\{43002AE2-4093-49E0-A03D-990EE184C568}) (Version: 0.4 - Lyrics Plugin) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Famille et Étudiant 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Works 9.0 SE (HKLM\...\Works9SE) (Version: - ) Module linguistique Microsoft .NET Framework 3.5 SP1- fra (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - fra) (Version: - Microsoft Corporation) Module linguistique Microsoft .NET Framework 4 Client Profile FRA (HKLM\...\Microsoft .NET Framework 4 Client Profile FRA Language Pack) (Version: 4.0.30320 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x86) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 38.0.1 (x86 fr) (HKLM\...\Mozilla Firefox 38.0.1 (x86 fr)) (Version: 38.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla) msvcrt_installer (HKLM\...\{6068A42A-C1CF-45F2-9859-5DB16287FE5D}) (Version: 1.0.0 - SAH) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 8 Essentials (HKLM\...\{3559CDE0-11FC-4D7B-A65C-D646035B1036}) (Version: 8.3.389 - Nero AG) O2Micro Flash Memory Card Reader Driver (x86) (HKLM\...\{940BF44D-005A-41ED-A625-9B767C71A586}) (Version: 3.28 - O2Micro) Orange - Logiciels Internet (HKLM\...\{ORAHSS}.UninstallSuite) (Version: - ) Orange Inside (HKU\S-1-5-21-1243563072-2189662949-1172452096-1000\...\Orange Inside) (Version: V1.2.1.0 - Orange) Orange Installeur version 1.2.5.0 (HKLM\...\{D13FE823-C575-4451-AC37-E645A67AA581}_1.2.5.0) (Version: - Orange) Orange update (HKLM\...\OrangeUpdateManager) (Version: 2.3.0.1 - Orange) Outil de téléchargement Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) OutlookAddInNet3Setup (HKLM\...\{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}) (Version: 1.0.0 - Samsung) Packard Bell ImageWriter (HKLM\...\{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}) (Version: 1.00.0000 - ) Packard Bell Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3005 - Acer Incorporated) Packard Bell Updator (HKLM\...\{CA786CFF-1D31-4804-B436-F3405B14357F}) (Version: 3.00.0000 - ) Rapport (Version: 3.5.1404.94 - Trusteer) Hidden Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5704 - Realtek Semiconductor Corp.) RemoteRegistryCleaner v1.7 Build: 700 (HKLM\...\WMRemoteRegistryCleaner_is1) (Version: - WorkMoment) Safari (HKLM\...\{E56D39F8-2A9F-44B4-B068-A72E45A073E6}) (Version: 4.31.9.1 - Apple Inc.) SafeCast Shared Components (HKLM\...\CdaC13Ba) (Version: - Macrovision) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.950.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Setup My PC (HKLM\...\{28518520-F25C-48C3-A224-861F331602F4}) (Version: 3.00.0000 - ) TerraExplorer (HKLM\...\TerraExplorer) (Version: 5.1.2 - Skyline Software Systems, Inc.) Trusteer Sécurité des points d'accès (HKLM\...\Rapport_msi) (Version: 3.5.1404.94 - Trusteer) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) Zuma's Revenge! (HKLM\...\Zuma's Revenge!1.0) (Version: 1.0 - AllSmartGames) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\sadaik\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\sadaik\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\sadaik\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\sadaik\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\sadaik\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google) CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\sadaik\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\sadaik\AppData\Local\Google\Chrome\Application\43.0.2357.81\delegate_execute.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\sadaik\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\sadaik\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\sadaik\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\sadaik\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google) CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\sadaik\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\sadaik\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\sadaik\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File CustomCLSID: HKU\S-1-5-21-1243563072-2189662949-1172452096-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\sadaik\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File ==================== Restore Points ========================= 29-08-2014 03:02:56 Windows Update 29-08-2014 04:02:03 Windows Update 29-08-2014 10:33:44 Windows Update 17-03-2015 19:15:16 Windows Update 17-03-2015 22:17:21 Installed Rapport 17-03-2015 22:32:27 Windows Update 18-03-2015 20:49:35 Windows Update 31-05-2015 15:20:48 Installed Rapport 31-05-2015 23:22:19 Windows Update 01-06-2015 07:11:17 Installed Rapport ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {034FF5ED-4279-4EEB-8A5D-C21211E2300B} - \SoftwareUpdateTaskMachineCore No Task File <==== ATTENTION Task: {05E4D2E3-1ABA-4DDD-98DA-2B22924564EE} - System32\Tasks\{37F65A11-A97D-4CDB-A315-9F96A29420C5} => pcalua.exe -a "F:\Free Tarot\FreeTarot.exe" -d "F:\Free Tarot" Task: {13CCD4A4-7C44-4631-8A47-85BFC2AD57A8} - System32\Tasks\{C943D6CC-11F1-4868-974A-C7C18D60548F} => pcalua.exe -a C:\Users\sadaik\Downloads\epson323996eu.exe -d "C:\Program Files\Mozilla Firefox" Task: {1407E622-D145-4AA9-A049-02CD70EE35D8} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-09-01] (Lavasoft Limited ) Task: {1BAD1EDE-0D98-4289-81B2-F53EC84F6140} - System32\Tasks\{19EBFCE9-0B3E-4964-A9FA-75A449B18D1F} => pcalua.exe -a C:\Users\sadaik\Downloads\TarotPro99Eval.exe -d "C:\Program Files\Mozilla Firefox" Task: {1D6C6D8C-3872-4433-86F2-33A4008BB2D9} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe Task: {39FBE73E-F19A-44FA-884C-D64FB803B4D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.) Task: {3EAF2F51-5F89-4D5A-A3BF-5466CFB0E1EF} - System32\Tasks\RNUpgradeHelperResumePrompt_sadaik => C:\Users\sadaik\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.00\rnupgagent.exe Task: {4C33F445-DD36-4EF8-A786-3C395F3E76A2} - System32\Tasks\SoftwareUpdateTaskMachineUA => C:\Program Files\Software\Update\SoftwareUpdate.exe <==== ATTENTION Task: {61E4A59C-9279-4546-9FB6-84791308A691} - System32\Tasks\Real Networks Scheduler => C:\Program Files\Common Files\Real\Update_OB\realsched.exe Task: {6D57C228-55D7-4E13-90AD-1DC8C6BAA35C} - System32\Tasks\Google Updater and Installer => C:\Users\sadaik\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-31] (Google Inc.) Task: {74E49D49-42EA-43DF-B60D-2AE72F4146E9} - System32\Tasks\{FC97E592-50CD-4371-9540-220F6D347CCC} => pcalua.exe -a C:\Users\sadaik\Downloads\epson323997eu.exe -d "C:\Program Files\Mozilla Firefox" Task: {8B187495-C03F-483C-8495-668DEEF70EAE} - System32\Tasks\AssistanceLivebox => C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe [2013-06-12] (Orange) Task: {9A03BA9F-3C9C-4CF8-98AA-B4EB9A548AA5} - System32\Tasks\Programme de mise à jour en ligne de Adobe => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {BF29E4ED-0E64-48EB-87CA-355F47D62539} - System32\Tasks\Programme de mise à jour en ligne de Real Player => c:\program files\real\realplayer\Update\realsched.exe Task: {C2CA8CDD-D1C3-49E9-9815-BDE2F7CE2475} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1243563072-2189662949-1172452096-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe Task: {CD198569-5DE3-43FE-BDDB-98700D89B776} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-01] (Adobe Systems Incorporated) Task: {E52B266E-0DED-4C6D-B413-CFDF0005A676} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1243563072-2189662949-1172452096-1000Core => C:\Users\sadaik\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-31] (Google Inc.) Task: {E91C180B-13D0-4479-8460-182ABC192812} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1243563072-2189662949-1172452096-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe Task: {EC38B6F4-6479-4269-A3B5-E4009C93F2C5} - System32\Tasks\{379770B5-0AC9-4DA2-8685-7479C769EBD3} => pcalua.exe -a C:\Users\sadaik\Downloads\eMule0.50a-Installer(5).exe -d "C:\Program Files\Mozilla Firefox" Task: {ECF56025-29DD-4A8F-8066-B8A50DA2CAC4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.) Task: {F399620E-50AF-4A5F-B091-26D62872B13B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1243563072-2189662949-1172452096-1000UA => C:\Users\sadaik\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-31] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243563072-2189662949-1172452096-1000Core.job => C:\Users\sadaik\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1243563072-2189662949-1172452096-1000UA.job => C:\Users\sadaik\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job => C:\Program Files\Software\Update\SoftwareUpdate.exe <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2007-09-11 01:45 - 2007-09-11 01:45 - 00124832 _____ () C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 2013-06-10 17:58 - 2013-06-10 17:58 - 01966960 _____ () C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe 2013-06-10 17:58 - 2013-06-10 17:58 - 00549888 _____ () C:\Program Files\Orange\Assistance Livebox\dedicarz\netsnmp.dll 2013-06-10 17:58 - 2013-06-10 17:58 - 00182784 _____ () C:\Program Files\Orange\Assistance Livebox\dedicarz\ProxyDetection.dll 2013-06-10 17:58 - 2013-06-10 17:58 - 00157184 _____ () C:\Program Files\Orange\Assistance Livebox\dedicarz\pupnp.dll 2009-02-21 04:36 - 2008-07-16 15:00 - 00024576 _____ () C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe 2009-02-21 04:36 - 2009-02-21 04:36 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3010.0__14bcaafdb44b5951\Framework.Model.Controller.dll 2009-02-21 04:36 - 2009-02-21 04:36 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3010.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll 2009-02-21 04:36 - 2009-02-21 04:36 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3010.0__3036420f80dd6947\Framework.Library.dll 2009-02-21 04:36 - 2009-02-21 04:36 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3010.0__672b450de5a7e94a\Framework.Host.dll 2009-02-21 04:36 - 2009-02-21 04:36 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3010.0__9ecdf03bb2054f94\Framework.PluginInterface.dll 2009-02-21 04:36 - 2009-02-21 04:36 - 00036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3010.0__4df5dcab8860d239\Framework.Utility.dll 2015-05-31 14:38 - 2015-05-31 14:34 - 00166848 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe 2015-05-31 14:38 - 2015-05-31 14:35 - 00526784 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\log4cplusU.dll 2014-08-28 15:16 - 2014-08-28 15:16 - 04792480 _____ () c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll 2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll 2015-03-18 20:48 - 2015-03-18 20:42 - 01638424 _____ () C:\Program Files\AVG Secure Search\TBAPI.dll 2013-04-25 16:08 - 2015-03-18 20:42 - 02503704 _____ () C:\Program Files\AVG Secure Search\vprot.exe 2013-06-12 15:59 - 2013-06-12 15:59 - 00020480 _____ () C:\Program Files\orange\Assistance Livebox\dist\rt\bin\jetvm\jvm.dll 2013-06-12 15:59 - 2013-06-12 15:59 - 00069632 _____ () C:\Program Files\orange\Assistance Livebox\dist\rt\bin\java.dll 2013-06-12 15:59 - 2013-06-12 15:59 - 00126976 _____ () C:\Program Files\orange\Assistance Livebox\dist\rt\bin\zip.dll 2013-06-12 15:59 - 2013-06-12 15:59 - 00159744 _____ () C:\Program Files\orange\Assistance Livebox\dist\rt\jetrt\baseline720.dll 2013-06-12 15:59 - 2013-06-12 15:59 - 00132608 _____ () C:\Program Files\orange\Assistance Livebox\dist\NetworkAPI.dll 2013-06-12 15:59 - 2013-06-12 15:59 - 00019456 _____ () C:\Program Files\Orange\Assistance Livebox\dist\NetWPSAPI.dll 2013-06-12 15:59 - 2013-06-12 15:59 - 00151552 _____ () C:\Program Files\Orange\Assistance Livebox\dist\Tools.DLL ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_LBP5VNGFGV19FP842MVFFXMYJMFLGKMVW6M1JUP AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_LBP5VNGFGV19FP842MVFFXMYJMFLGKMVW6M1JUP AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_LBP5VNGFGV19FP842MVFFXMYJMFLGKMVW6M1JUP AlternateDataStreams: C:\ProgramData\TEMP:48D30F15 AlternateDataStreams: C:\ProgramData\TEMP:6F1F66C0 AlternateDataStreams: C:\ProgramData\TEMP:ADF211B1 AlternateDataStreams: C:\ProgramData\TEMP:BD2054EF AlternateDataStreams: C:\Users\sadaik\Downloads\Lost.S06E17.REAL.PROPER.VOSTFR.HDTV.XviD-PTN.avi:TOC.WMV AlternateDataStreams: C:\Users\sadaik\Downloads\Lost.S06E18.FINAL.REAL.PROPER.VOSTFR.HDTV.XviD-PTN.avi:TOC.WMV AlternateDataStreams: C:\Users\sadaik\AppData\Local\Temp:SL_{42726572-7361-6369-352e-30312e303032} ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1243563072-2189662949-1172452096-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\sadaik\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WMP-Out-TCP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-UDP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe FirewallRules: [WMP-In-UDP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe FirewallRules: [{50F3947B-DC96-449A-812B-3E9F076E35A0}] => (Allow) C:\Program Files\eMule\emule.exe FirewallRules: [{8B21B9C3-38CA-4F3C-82F0-E12BEF858931}] => (Allow) C:\Program Files\eMule\emule.exe FirewallRules: [{AEDEE22D-66D5-4F48-ABB2-294EB3945E38}] => (Allow) C:\Program Files\DNA\btdna.exe FirewallRules: [{817EC359-D30B-452E-B32B-7E231878330B}] => (Allow) C:\Program Files\DNA\btdna.exe FirewallRules: [{17232E1B-8F01-406A-A704-E96BF6C761E2}] => (Allow) C:\Program Files\BitTorrent\bittorrent.exe FirewallRules: [{8446AB2E-054E-481E-9937-31865039C884}] => (Allow) C:\Program Files\BitTorrent\bittorrent.exe FirewallRules: [{1F93ADF1-CFCC-4D6C-BE00-676301C57784}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D806BAA5-57C4-4521-8CBE-924324E0E66B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{9FFC63BB-0352-4F67-90C1-F009AA3B4741}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{FA4181A0-C1A0-4CA1-9217-D82D1844391B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{5BDF8341-E36D-4250-9A28-9DF79BE9C0AC}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe FirewallRules: [UDP Query User{31A018FE-3878-4E8E-8961-D20CF3BF7B51}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe FirewallRules: [TCP Query User{AED4643F-1D3B-441B-A3D5-519CE954D35D}C:\program files\dna\btdna.exe] => (Block) C:\program files\dna\btdna.exe FirewallRules: [UDP Query User{0CD22A25-0080-49A4-B605-CAF020CB9746}C:\program files\dna\btdna.exe] => (Block) C:\program files\dna\btdna.exe FirewallRules: [TCP Query User{A53D1512-39D9-4FA9-8101-56D20D06355D}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe FirewallRules: [UDP Query User{579BD4BB-5027-46F8-87BB-F849B0209BA4}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe FirewallRules: [TCP Query User{C86208F8-608B-496F-8B4D-6A193B01A599}C:\users\sadaik\program files\dna\btdna.exe] => (Allow) C:\users\sadaik\program files\dna\btdna.exe FirewallRules: [UDP Query User{515B88F8-5B8F-4781-8E5E-680AAAD38674}C:\users\sadaik\program files\dna\btdna.exe] => (Allow) C:\users\sadaik\program files\dna\btdna.exe FirewallRules: [TCP Query User{440DE716-C39D-432B-9E0A-2FCF370185DD}C:\program files\emule\emule.exe] => (Allow) C:\program files\emule\emule.exe FirewallRules: [UDP Query User{11E68AB6-4282-4519-A4C5-5A4863FAEB08}C:\program files\emule\emule.exe] => (Allow) C:\program files\emule\emule.exe FirewallRules: [{34C1CF21-44BC-48DE-8025-88B4BF97F198}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{B1787E03-6C21-44DD-98AD-0625A330922D}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [TCP Query User{56965AD7-F66C-49F3-B740-677F82B76E12}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe FirewallRules: [UDP Query User{4433E14E-78D6-408A-949F-F8CA6C31D547}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe FirewallRules: [{6E420EB3-0335-4522-8C40-C50AF49C8970}] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe FirewallRules: [{EB65983E-CF0F-4E17-B2CE-934226C66F61}] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe FirewallRules: [{02E5D826-DB59-4A6E-9641-36B36175C2E7}] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe FirewallRules: [{B3DEEF16-7FC9-4733-9C8C-0A63A29D545C}] => (Allow) C:\Windows\System32\muzapp.exe FirewallRules: [{46029BDE-8CBC-4D8F-8677-C35ED0436297}] => (Allow) C:\Windows\System32\muzapp.exe FirewallRules: [TCP Query User{477D9E0E-C397-4445-9505-62C1B64E90C1}C:\program files\frostwire\frostwire.exe] => (Allow) C:\program files\frostwire\frostwire.exe FirewallRules: [UDP Query User{3E1D243D-718D-4AB2-8953-3346F01946FA}C:\program files\frostwire\frostwire.exe] => (Allow) C:\program files\frostwire\frostwire.exe FirewallRules: [TCP Query User{3F961556-1ACA-4460-B873-6B2027C5D1D7}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [UDP Query User{27503F01-B554-44C6-AFD9-D5D95497D662}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [{35458147-7F5C-4E6A-A94C-3A086ACC1098}] => (Allow) LPort=80 FirewallRules: [{09046096-9658-435C-9BD6-4BA6F1763995}] => (Allow) LPort=80 FirewallRules: [{54313AB6-8B0E-4E28-AF1F-F90B525579A0}] => (Allow) LPort=80 FirewallRules: [{8CC62057-8269-4B26-B1AB-118D225A238C}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe FirewallRules: [{D8BDBF61-B44E-4664-9A62-532E15872482}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe FirewallRules: [{58B3CE12-0EF3-4D95-9ECC-59E0D133BB3E}] => (Allow) C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe FirewallRules: [{FC152175-BDE2-49A0-A6BC-8A0A73C291F2}] => (Allow) C:\Program Files\Samsung\AllShare\AllShare.exe FirewallRules: [{A6C8D63E-0F9D-4FF9-9585-D04E1EAC148D}] => (Allow) C:\Program Files\Samsung\AllShare\AllShareAgent.exe FirewallRules: [{665F0700-353F-43E2-9C13-40B0A299A1FC}] => (Allow) C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe FirewallRules: [{EE3A3909-64D4-4EBF-BF75-DB0A29DDD75E}] => (Allow) C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe FirewallRules: [{12CE65F0-3CC1-48A6-8950-FA040A1AA94B}] => (Allow) C:\Users\sadaik\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{EAC20C00-00CE-42B9-B368-D5AC170DC611}] => (Allow) C:\Users\sadaik\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [TCP Query User{1EF3EBAF-1B01-4057-9042-63EBBB5E18C6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{041FA3F0-F54D-4CA6-A247-814D8063AC8C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{291B8096-5671-42A9-8CD0-06783D2A5E4B}C:\program files\orange\assistance livebox\dist\st2.exe] => (Allow) C:\program files\orange\assistance livebox\dist\st2.exe FirewallRules: [UDP Query User{D7CAD7DD-BF78-4E65-8CCE-49536826B562}C:\program files\orange\assistance livebox\dist\st2.exe] => (Allow) C:\program files\orange\assistance livebox\dist\st2.exe FirewallRules: [{25839AE3-B3AE-40C6-9753-56D581FC3DA9}] => (Allow) D:\fscommand\CKSocketServer.exe FirewallRules: [{B30A54FB-2CF4-4E6A-9028-777C1BC9513C}] => (Allow) D:\fscommand\CKSocketServer.exe FirewallRules: [{34FDE4EF-DDB4-46C1-87DC-4DF26BEF9371}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe FirewallRules: [{4B2933A8-E0C8-4F65-81F7-6992B4742B39}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe FirewallRules: [{41999AB6-50FB-409D-A757-11828620270D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{C98368C7-7DD9-4D11-84F7-19F2370A4DC3}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{453B2C76-0728-456D-8FC4-54781C3CAFCC}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{E750E0F1-1576-4B74-AE6C-DC6AFC64A9B9}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe FirewallRules: [{EE1E77BC-BB66-41D4-AAC2-43BA9EA4DC05}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe FirewallRules: [{C1F8E797-7AF5-4F86-9167-604DD33ADD5A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{FE36E8F1-6B8E-4F32-A99C-1F99C610DC3D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3EA3F4C8-A921-4C34-9ED2-AFC5BB1D0ACB}] => (Allow) C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe FirewallRules: [{5C48A29E-FD5E-45B3-8130-4F92ED4E13C0}] => (Allow) C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe FirewallRules: [{FB605930-6B3F-42C3-B0BC-FD5CEA2B4896}] => (Allow) C:\Program Files\Orange\Assistance Livebox\dedicarz\LiveboxManager.exe FirewallRules: [{B30C79ED-6E43-429E-9AFB-A7D8F8BB25EB}] => (Allow) C:\Program Files\Orange\Assistance Livebox\dedicarz\LiveboxManager.exe FirewallRules: [{D7EDF0B3-1548-44A1-B3D0-C5D49ABC0625}] => (Allow) C:\Program Files\Orange\Assistance Livebox\dedicarz\PluginDmControlPoint.exe FirewallRules: [{CF838148-BE95-416C-BB7E-16A60C20D820}] => (Allow) C:\Program Files\Orange\Assistance Livebox\dedicarz\PluginDmControlPoint.exe FirewallRules: [{DC13B0D8-92E5-40FA-8130-7749A8743F75}] => (Allow) C:\Program Files\Orange\Assistance Livebox\dedicarz\PluginLivebox.exe FirewallRules: [{435F1915-81F1-4498-AD0D-8ACFAA09906A}] => (Allow) C:\Program Files\Orange\Assistance Livebox\dedicarz\PluginLivebox.exe FirewallRules: [{194232B3-B724-43AE-BBAC-02B61D5204F9}] => (Allow) C:\Program Files\orange\OrangeUpdate\Service\OUCore.exe FirewallRules: [{FA483A02-7FC2-4DD8-A092-5F58C77A33C0}] => (Allow) C:\Program Files\orange\OrangeUpdate\Service\OUCore.exe FirewallRules: [{B9650141-4190-4654-8BA2-8433EFA0DFD4}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe FirewallRules: [{78A47C36-FA0A-417D-ADE9-F247B06EF9D6}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe FirewallRules: [{40203E98-6CE5-4E87-8B01-5FE046323A3C}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe FirewallRules: [{EC1B1D3B-90CA-4224-B6CF-D789E381B12B}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe FirewallRules: [{903ECB9D-1358-4EE1-99E7-46272E113F06}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe FirewallRules: [{C1CD1CE6-6A41-47B0-B858-70B325364CBC}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe FirewallRules: [{2EBCC2F6-7F0E-4704-A2FC-C7E61A6B394E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{87DCFF19-AF43-4B41-A413-E7EDC6AFD0C6}] => (Allow) C:\Program Files\orange\OrangeUpdate\Service\OUCore.exe FirewallRules: [{C811F50A-9799-4BAB-B52D-5106BECF3FAA}] => (Allow) C:\Program Files\orange\OrangeUpdate\Service\OUCore.exe FirewallRules: [{376E4A90-5DA0-479E-96EA-C38F1FFBAAC1}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe FirewallRules: [{2CC77CFF-88E5-400C-A869-4E50722AD0D5}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe FirewallRules: [{8C8A04FE-CF5B-4954-B86C-878DB4DC1904}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe FirewallRules: [{E19F214E-5775-4AAA-945C-FCCD032C9E4B}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe FirewallRules: [{B5AD7579-B331-41BD-8A18-2D0C04212E59}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{32EA0AC6-F785-44CF-AADC-A45B01C2AFC3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe StandardProfile\AuthorizedApplications: [C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe] => enabled:CSS StandardProfile\AuthorizedApplications: [C:\Program Files\BitTorrent\bittorrent.exe] => Enabled:BitTorrent ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/01/2015 09:18:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Application défaillante OUSoftwareManager.exe, version 2.3.0.1, horodatage 0x54d394c4, module défaillant MSVCR100.dll, version 10.0.30319.1, horodatage 0x4ba1dbbe, code d’exception 0xc0000005, décalage d’erreur 0x00001ed7, ID du processus 0x13cc, heure de début de l’application 0xOUSoftwareManager.exe0. Error: (06/01/2015 09:14:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Application défaillante OUSoftwareManager.exe, version 2.3.0.1, horodatage 0x54d394c4, module défaillant MSVCR100.dll, version 10.0.30319.1, horodatage 0x4ba1dbbe, code d’exception 0xc0000005, décalage d’erreur 0x00001ed7, ID du processus 0xbb0, heure de début de l’application 0xOUSoftwareManager.exe0. Error: (06/01/2015 09:12:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Application défaillante SystrayApp.exe, version 1.0.37.730, horodatage 0x46a63d01, module défaillant SystrayApp.exe, version 1.0.37.730, horodatage 0x46a63d01, code d’exception 0xc0000005, décalage d’erreur 0x00001c1c, ID du processus 0xe10, heure de début de l’application 0xSystrayApp.exe0. Error: (06/01/2015 09:11:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Application défaillante OUSoftwareManager.exe, version 2.3.0.1, horodatage 0x54d394c4, module défaillant MSVCR100.dll, version 10.0.30319.1, horodatage 0x4ba1dbbe, code d’exception 0xc0000005, décalage d’erreur 0x00001ed7, ID du processus 0x1058, heure de début de l’application 0xOUSoftwareManager.exe0. Error: (06/01/2015 09:11:33 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: La création du contexte d’activation a échoué pour « msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1 ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error: (06/01/2015 06:14:05 PM) (Source: Lavasoft Ad-Aware Service) (EventID: 0) (User: ) Description: Only one instance of service process is allowed. Error: (06/01/2015 07:11:04 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {f6ce11a5-b226-4091-bc53-7a4890a9b2eb} Error: (06/01/2015 07:08:13 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/01/2015 00:13:21 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: SpoolerC:\Windows\system32\winspool.drv4 Error: (06/01/2015 00:13:21 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4 System errors: ============= Error: (06/01/2015 09:11:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Service Partage réseau du Lecteur Windows MediaHôte de périphérique UPnP%%1058 Error: (06/01/2015 07:15:56 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Windows Update Error: (06/01/2015 07:10:20 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Dedicarz Service Error: (06/01/2015 07:08:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Software Update Service (supdate)%%2 Error: (06/01/2015 07:08:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (06/01/2015 07:07:10 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: AUTORITE NT) Description: 2147942402 Error: (06/01/2015 00:34:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Windows Search%%1053 Error: (06/01/2015 00:34:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Windows Search Error: (05/31/2015 11:46:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Windows Search%%1053 Error: (05/31/2015 11:46:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Windows Search Microsoft Office: ========================= Error: (06/01/2015 09:18:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: OUSoftwareManager.exe2.3.0.154d394c4MSVCR100.dll10.0.30319.14ba1dbbec000000500001ed713cc01d09c9fcde79b2e Error: (06/01/2015 09:14:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: OUSoftwareManager.exe2.3.0.154d394c4MSVCR100.dll10.0.30319.14ba1dbbec000000500001ed7bb001d09c9f3ed0cece Error: (06/01/2015 09:12:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: SystrayApp.exe1.0.37.73046a63d01SystrayApp.exe1.0.37.73046a63d01c000000500001c1ce1001d09c9eb7850516 Error: (06/01/2015 09:11:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: OUSoftwareManager.exe2.3.0.154d394c4MSVCR100.dll10.0.30319.14ba1dbbec000000500001ed7105801d09c9ed3786a56 Error: (06/01/2015 09:11:33 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe Error: (06/01/2015 06:14:05 PM) (Source: Lavasoft Ad-Aware Service) (EventID: 0) (User: ) Description: Only one instance of service process is allowed. Error: (06/01/2015 07:11:04 AM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005 Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {f6ce11a5-b226-4091-bc53-7a4890a9b2eb} Error: (06/01/2015 07:08:13 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/01/2015 00:13:21 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: SpoolerC:\Windows\system32\winspool.drv4 Error: (06/01/2015 00:13:21 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4 CodeIntegrity Errors: =================================== Date: 2015-06-01 22:06:43.833 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 22:06:43.321 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 22:06:42.810 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 22:06:42.297 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 22:05:54.991 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 22:05:54.491 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 22:05:53.911 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 22:05:53.371 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 22:05:52.758 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Program Files\Trusteer\Rapport\bin\RapportEI.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2015-06-01 22:05:52.259 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Program Files\Trusteer\Rapport\bin\RapportEI.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système. ==================== Memory info =========================== Processor: Genuine Intel(R) CPU 575 @ 2.00GHz Percentage of memory in use: 69% Total physical RAM: 2007.88 MB Available physical RAM: 603.89 MB Total Pagefile: 4261.03 MB Available Pagefile: 2368.66 MB Total Virtual: 2047.88 MB Available Virtual: 1907.52 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:136.05 GB) (Free:51.92 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 149.1 GB) (Disk ID: 94875B82) Partition 1: (Not Active) - (Size=13 GB) - (Type=27) Partition 2: (Active) - (Size=136 GB) - (Type=07 NTFS) ==================== End of log ============================