Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015 Ran by megabizard at 2015-07-08 10:48:02 Running from C:\Users\megabizard\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-1192319706-4102634029-873296872-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-1192319706-4102634029-873296872-1003 - Limited - Enabled) Invité (S-1-5-21-1192319706-4102634029-873296872-501 - Limited - Disabled) megabizard (S-1-5-21-1192319706-4102634029-873296872-1000 - Administrator - Enabled) => C:\Users\megabizard ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Panda Global Protection 2014 (Enabled - Up to date) {86971480-9989-6750-B122-681A86518D59} AS: Panda Global Protection 2014 (Enabled - Up to date) {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Panda Personal Firewall 2014 (Enabled) {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - BitTorrent Inc.) 7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov) AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.10 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.880 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.) AirDroid 3.0.2 (HKLM-x32\...\AirDroid) (Version: 3.0.2 - Sand Studio) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Apple Application Support (32 bits) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Assistant de connexion Windows Live (HKLM-x32\...\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}) (Version: 5.000.818.5 - Microsoft Corporation) Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team) AVG PC TuneUp 2014 (fr-FR) (x32 Version: 14.0.1001.380 - AVG) Hidden AVG PC TuneUp 2014 (x32 Version: 14.0.1001.380 - AVG) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform) Chromium (HKU\.DEFAULT\...\Chromium) (Version: 45.0.2442.0 - Chromium) Chromium (HKU\.DEFAULT\...\Updatetask) (Version: - Chromium) Configuration DivX (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC) Convert FLV to MP3 (HKLM-x32\...\{0B026E2A-3026-4608-A1B9-03AD1C8CDF77}_is1) (Version: - convertflvtomp3.com) ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper) CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version: - ) CuteFTP 9 (HKLM-x32\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.0.0 - Globalscape) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) Direct Show Ogg Vorbis Filter (remove only) (HKLM-x32\...\OggDS) (Version: - ) DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - ) Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16.0.6 - Poikosoft) EBP Auto-entrepreneur Pratic 2014 6.0 (OL Technology) (Version: 6.0.0 - EBP) Hidden eMule (HKLM-x32\...\eMule) (Version: - ) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft) ffdshow v1.1.3611 [2010-10-06] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3611.0 - ) FotoSketcher 3.00 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version: - David THOIRON) Foxit PhantomPDF Business (HKLM-x32\...\{E9AA5BDC-7DFA-4CB8-96B5-F545F20EBFDB}) (Version: 7.0.3.916 - Foxit Software Inc.) Free M4a to MP3 Converter 8.4 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com) Free MP3 Converter 7.6.0.a (HKLM-x32\...\F20FBDC1-C2A3-4EE3-9ED5-970D979F8FE7_is1) (Version: - Accmeware Corporation) Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft) Free Sound Recorder v10.5.2 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2015 FreeSoundRecorder Technologies, Inc.) Free WMA to MP3 Converter 1.08 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.) Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Google Earth (HKLM-x32\...\{4286E640-B5FB-11DF-AC4B-005056C00008}) (Version: 5.2.1.1588 - Google) High-Definition Video Playback (x32 Version: 7.1.13400.42.0 - Nero AG) Hidden HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) IncrediMail (x32 Version: 6.3.9.5274 - IncrediMail) Hidden IncrediMail 2.0 (HKLM-x32\...\IncrediMail) (Version: 6.3.9.5274 - IncrediMail Ltd.) Installation Windows Live (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation) Installation Windows Live (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) KaraWin Std (HKLM-x32\...\{E3755EF2-5AE0-4DCB-8B36-CE44FD2C6F4F}) (Version: - ) Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version: - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Logiciel de base du périphérique HP Deskjet 3050A J611 series (HKLM\...\{2728177B-FBEC-415F-A9F5-83CD6CBD4816}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Ma-Config.com (64 bits) (HKLM\...\{D8B5E037-6493-4C27-B0E6-33B65F3C4957}) (Version: 7.0.083 - Cybelsoft) Magic FLAC to MP3 Converter 3.71 (HKLM-x32\...\Magic FLAC to MP3 Converter_is1) (Version: - Magic Video) Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Micromax A116 Drivers(x64) (HKLM-x32\...\{C3F57607-592D-458F-81AE-349FD05DFA74}) (Version: 1.00 - Micromax) Microsoft .NET Framework 4.5.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professionnel Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 FRA (HKLM-x32\...\{AF6919D0-5691-4F35-9D65-54F981013514}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 FRA (HKLM\...\{2906A05E-2D38-4B47-85A2-D3485E372C8F}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 fr)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyTomTom 3.2.0.1220 (HKLM-x32\...\MyTomTom) (Version: 3.2.0.1220 - TomTom) Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.6.11000.11.100 - Nero AG) Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG) Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG) Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.10700.7.100 - Nero AG) Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10300.1.100 - Nero AG) Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11100.12.100 - Nero AG) Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10300.5.100 - Nero AG) Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.12300.27.100 - Nero AG) Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.5.10500 - Nero AG) Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.8.10400.3.100 - Nero AG) Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10600.7.100 - Nero AG) Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.8.10200.1.100 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11100.10.100 - Nero AG) Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.2.14700.9.100 - Nero AG) Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.8.10400.2.100 - Nero AG) OpenOffice 4.1.1 (HKLM-x32\...\{121727D5-FDF3-4723-BA57-EB383440ED72}) (Version: 4.11.9775 - Apache Software Foundation) Outil de téléchargement USB/DVD Windows 7 (HKLM-x32\...\{5F8683B5-5056-411C-B808-B289E29E9BBB}) (Version: 1.0.30 - Microsoft Corporation) Outil de téléchargement Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security) Panda Global Protection 2014 (HKLM-x32\...\{81A25967-DB85-4B48-A8A7-D25AC191DEE4}) (Version: 7.01.01 - Panda Security) Panda Global Protection 2014 (x32 Version: 7.01.01 - Panda Security) Hidden Password Depot 7 - Panda Secure Vault Edition (HKLM-x32\...\{A6144BFB-45FB-4DDB-BC4F-AB10E9FF0395}_is1) (Version: 7.1.0 - AceBIT GmbH) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.4.17 - Prolific Technology INC) QuickTime (HKLM-x32\...\QuickTime) (Version: - ) Quintessential Media Player (HKLM-x32\...\Quintessential Media Player) (Version: Version 5.0 - Quinnware) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) RogueKiller version 10 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 10 - Adlice Software) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SteelSeries Xai Laser Mouse (HKLM-x32\...\{77E57197-30EC-444F-B1B8-A99AA2A45794}) (Version: 1.4.2 - SteelSeries) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Ultra MKV Converter 4.4.0311 (HKLM-x32\...\Ultra MKV Converter_is1) (Version: - Aone Software) UltraISO Premium V9.51 (HKLM-x32\...\UltraISO_is1) (Version: - ) Utilitaire de mise à jour des logiciels EBP 1.1.3 (HKLM-x32\...\Utilitaire de mise à jour des logiciels EBP 1.1.3) (Version: 1.1.3 - EBP) Utilitaire de mise à jour des logiciels EBP 1.1.3 (Version: 1.1.3 - EBP) Hidden VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WIKO CINK PEAX Drivers (HKLM-x32\...\{1F7579EC-B217-4ABB-8E0C-17A3BC6CB5CF}) (Version: 1.00 - WIKO) Windows Boot Genius (HKLM-x32\...\Windows Boot Genius) (Version: - Tenorshare, Inc.) Windows Driver Package - Acer, Inc (androidusb) USB (04/07/2011 1.0.0010.00000) (HKLM\...\C90373F31FCBEA27133FB8FD66ACE94121EFA097) (Version: 04/07/2011 1.0.0010.00000 - Acer, Inc) Windows Process Security 2.1 (HKLM-x32\...\WindowsProcessSecurity) (Version: 2.1 - WindowsProcessSecurity Software Inc) WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi)) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 02-07-2015 20:52:58 Installed Bluesoleil2.6.0.8 Release 070517 02-07-2015 20:56:39 Installed Bluesoleil2.6.0.8 Release 070517 07-07-2015 18:05:35 Installed mpegtomp3_setup 07-07-2015 18:14:58 Installed mpegtomp3_setup 07-07-2015 18:20:40 Installed Free MPEG To MP3 Converter 07-07-2015 18:23:19 Removed Free MPEG To MP3 Converter 07-07-2015 21:09:09 Removed Bluesoleil2.6.0.8 Release 070517 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2010-10-16 13:18 - 2015-02-20 05:34 - 00451221 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.iobit.com 127.0.0.1 www.asc55.iobit.com 127.0.0.1 localhost 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com There are 1000 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {06CC91CC-ABBC-4369-98B4-36EBB2B041A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-04] (Google Inc.) Task: {0E24B31F-6321-4ACF-B7A3-C7444B4D45B0} - System32\Tasks\{6251FA48-5B28-4D07-A840-859F750BB8F7} => E:\SETUP.EXE Task: {40EBB6E6-F0A9-40A9-A86B-9925740FCFC8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1192319706-4102634029-873296872-1000Core => C:\Users\megabizard\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {42D35093-EF5D-465F-8816-159F5157095C} - System32\Tasks\{59048F8D-4D3E-4065-A853-2DCD39BE28E8} => E:\SETUP.EXE Task: {4FEB0A42-1328-4ACF-8BA3-42BBFC7B5761} - System32\Tasks\HP AR Program Upload - 509020f41aed43e1b5ae820f60ee4d0f652f61d1ac184cf4bb0a9901baddffdb => C:\Program Files\HP\HP Deskjet 3050A J611 series\bin\HPRewards.exe [2012-10-17] (TODO: ) Task: {7D9068D7-D293-4AD8-B90E-0E19F765FB6B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1192319706-4102634029-873296872-1000UA => C:\Users\megabizard\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {94280BBA-D228-4A1E-87F4-BE232E1370C7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd) Task: {999DCDB9-352F-4492-933A-B7E69DAFBD64} - System32\Tasks\Trojan Killer => C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe Task: {B05C86FD-0B0F-45EB-BC2F-96B1DC07AE18} - System32\Tasks\Driver Booster SkipUAC (megabizard) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {B06DF477-8AA7-42FF-AD8B-47FBB41A3F80} - System32\Tasks\Nettoyage de base => C:\Program Files (x86)\Panda Security\Panda Global Protection 2014\PlaTasks.exe [2013-09-30] (Panda Security, S.L.) Task: {D76F2976-4507-4688-A3AD-C67C5936C167} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-04] (Google Inc.) Task: {E411A531-B70B-49BA-A643-1C34B7904802} - System32\Tasks\Uninstaller_SkipUac_megabizard => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {FBC9497E-4548-4A39-8868-013C7C213764} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-28] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1192319706-4102634029-873296872-1000Core.job => C:\Users\megabizard\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1192319706-4102634029-873296872-1000UA.job => C:\Users\megabizard\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Nettoyage de base.job => C:\Program Files (x86)\Panda Security\Panda Global Protection 2014\PlaTasks.exe ==================== Loaded Modules (Whitelisted) ============== 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-20 21:23 - 2014-11-20 21:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll 2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-08 10:36 - 2009-08-17 09:38 - 00148992 _____ () C:\Users\megabizard\AppData\Local\Temp\HouseCall\libexpatw.dll 2014-04-23 19:56 - 2014-04-23 19:56 - 00033128 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll 2014-04-23 19:56 - 2014-04-23 19:56 - 00072104 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll 2014-04-23 19:56 - 2014-04-23 19:56 - 00268712 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll 2014-04-23 19:56 - 2014-04-23 19:56 - 00108888 _____ () C:\Program Files (x86)\IncrediMail\Bin\pmc.dll 2014-04-23 19:56 - 2014-04-23 19:56 - 00133544 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll 2013-11-26 15:44 - 2007-02-14 14:55 - 00165424 _____ () C:\Program Files (x86)\Panda Security\Panda Global Protection 2014\MiniCrypto.dll 2013-11-26 15:44 - 2004-05-19 12:33 - 00507904 _____ () C:\Program Files (x86)\Panda Security\Panda Global Protection 2014\libxml2.dll 2014-04-23 19:56 - 2014-04-23 19:56 - 00080296 _____ () C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll 2013-11-26 15:44 - 2007-02-14 14:55 - 00099888 _____ () C:\Program Files (x86)\Panda Security\Panda Global Protection 2014\APIcr.dll 2015-06-28 18:50 - 2015-06-28 18:50 - 17321648 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 11405 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1192319706-4102634029-873296872-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\megabizard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: AMD FUEL Service => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: FoxitCloudUpdateService => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MaConfigAgent => 2 MSCONFIG\Services: MbaeSvc => 2 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NAUpdate => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupfolder: C:^Users^megabizard^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PhotoFunia for PC.lnk => C:\Windows\pss\PhotoFunia for PC.lnk.Startup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{AA70F80B-8F3B-4EBC-AF05-DD8B5A25E81A}] => (Allow) LPort=48113 FirewallRules: [{142EDBC9-055A-4446-9D0E-B58BAB6AC247}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{88EDF5B0-5621-4E9F-8F69-C669B1E791A7}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{29DC2CD8-15C8-45FA-8E17-27E0DB51ED36}] => (Allow) C:\Users\megabizard\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2DA88EA7-C997-414C-93F0-5A8E8E2DB1CF}] => (Allow) C:\Users\megabizard\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3B3D3B92-2E71-436C-A70E-7263F6DB8C54}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe FirewallRules: [{5428ED81-E500-4581-BE95-2F530CDEB3DC}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{1BE0DB57-70CA-4AD2-BB34-9FB9538A8187}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{01C0CC5E-A523-48F0-9B6F-BAC00DBB098D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{EF137B5F-0887-4930-A8BF-5E18DDAE537E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe FirewallRules: [{CB0F78D7-3261-4988-9A9B-B7288BE00E4D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{514F4C1D-0391-425A-A983-D01E829639E5}] => (Allow) svchost.exe FirewallRules: [{555BD676-66B3-4927-AF30-09C791872D50}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C434BC9B-38C5-4B09-A485-A843515A997A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7F34CB2B-E52C-462E-AE9D-F7CEA7C152A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{BA24AF6D-7807-49F8-B5EB-E967552CD64C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F1E22A7A-E869-4EFA-924B-EF60B615A1DB}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe FirewallRules: [{5FE33E0B-3203-48CC-90FB-A18EBCC6D6AC}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe FirewallRules: [{06F56F46-C4F6-486A-913E-C8DF31A9145F}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe FirewallRules: [{9EF20597-31DF-4608-A6F2-5C365CD09548}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe FirewallRules: [{4325F98C-65C2-42A5-A675-7077AF223040}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe FirewallRules: [{15EFF8E8-F75B-41B8-AABA-63FC7283997B}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe FirewallRules: [{37E3F20F-DE20-4516-B208-CC46191BDD72}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{AD29B28E-7AA3-4C13-8BCB-E7373F378ED2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{DC5FA52D-2EA4-4A63-8CD3-CE3CF4B3D717}] => (Allow) LPort=2869 FirewallRules: [{8C4C9F01-E6ED-4EE4-A861-ED9D6069E637}] => (Allow) LPort=1900 FirewallRules: [{AF4AE69A-970E-423A-BC81-27A1EA6D36DD}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{3733C92E-EC05-4014-B40F-9E9C9CEC76FE}] => (Allow) LPort=48113 FirewallRules: [{740197B5-9B91-43DC-9448-5F2FAA99E4ED}] => (Allow) LPort=48113 FirewallRules: [TCP Query User{E37493F8-C5FE-44CF-BE19-A6D716132D7A}E:\programmation\qtchat\release\qtchat.exe] => (Allow) E:\programmation\qtchat\release\qtchat.exe FirewallRules: [UDP Query User{44823339-CF28-4006-8630-458A16074A94}E:\programmation\qtchat\release\qtchat.exe] => (Allow) E:\programmation\qtchat\release\qtchat.exe FirewallRules: [{4D53A903-7BEF-4BA3-AC8B-CC00C9373728}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe FirewallRules: [{FF8D8BA2-C994-4643-ABA3-0D7E3CD76BCE}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe FirewallRules: [{2B3E8407-9851-41A3-A1E2-A990A0B49A52}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe FirewallRules: [{36990B79-5BD0-46D7-9277-B6474287CFE3}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe FirewallRules: [TCP Query User{6459C183-FDD4-4096-A891-F11D9DEE9DD5}C:\program files (x86)\panda security\panda global protection 2014\apvxdwin.exe] => (Allow) C:\program files (x86)\panda security\panda global protection 2014\apvxdwin.exe FirewallRules: [UDP Query User{C6B2B878-BA90-4057-96E9-DFF6D6B134F9}C:\program files (x86)\panda security\panda global protection 2014\apvxdwin.exe] => (Allow) C:\program files (x86)\panda security\panda global protection 2014\apvxdwin.exe FirewallRules: [{6C60D4BD-3F46-4312-820A-320D2254DAB3}] => (Block) C:\program files (x86)\panda security\panda global protection 2014\apvxdwin.exe FirewallRules: [{38D0E739-06F5-4FDD-89A1-97BA28DA0BC7}] => (Block) C:\program files (x86)\panda security\panda global protection 2014\apvxdwin.exe StandardProfile\AuthorizedApplications: [C:\Users\megabizard\AppData\Roaming\cacaoweb\cacaoweb.exe] => Enabled:cacaoweb ==================== Faulty Device Manager Devices ============= Name: Malwarebytes Anti-Exploit Description: Malwarebytes Anti-Exploit Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ESProtectionDriver Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (07/08/2015 10:28:38 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Échec de l’activation de la licence Windows. Erreur 0x80070005. Error: (07/08/2015 09:56:29 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Échec de l’activation de la licence Windows. Erreur 0x80070005. Error: (07/08/2015 09:16:39 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Le planificateur d’activation des licences (sppuinotify.dll) a échoué avec le code d’erreur suivant : 0x80070005 Error: (07/08/2015 09:01:38 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: La création du contexte d’activation a échoué pour « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 » à la ligne C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Composant 2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/08/2015 08:51:40 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoID={B45E6DCA-B4AC-40D8-A371-D849AB9E32EB} : L’utilisateur megabizard-PC\megabizard a composé le numéro de la connexion ipjetable. La connexion a échoué. Code d’erreur retourné : 0. Error: (07/08/2015 08:51:40 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoID={B45E6DCA-B4AC-40D8-A371-D849AB9E32EB} : L’utilisateur megabizard-PC\megabizard a composé le numéro de la connexion ipjetable. La connexion a échoué. Code d’erreur retourné : 868. Error: (07/08/2015 08:50:39 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoID={91560BBA-B31D-41D9-9FB5-0508213395A0} : L’utilisateur megabizard-PC\megabizard a composé le numéro de la connexion ipjetable. La connexion a échoué. Code d’erreur retourné : 0. Error: (07/08/2015 08:50:39 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoID={91560BBA-B31D-41D9-9FB5-0508213395A0} : L’utilisateur megabizard-PC\megabizard a composé le numéro de la connexion ipjetable. La connexion a échoué. Code d’erreur retourné : 868. Error: (07/08/2015 08:16:38 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Le planificateur d’activation des licences (sppuinotify.dll) a échoué avec le code d’erreur suivant : 0x80070005 Error: (07/08/2015 07:16:38 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Le planificateur d’activation des licences (sppuinotify.dll) a échoué avec le code d’erreur suivant : 0x80070005 System errors: ============= Error: (07/08/2015 10:30:56 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Le service Écouteur HomeGroup s’est arrêté avec l’erreur service particulière %%-2147023143. Error: (07/08/2015 10:30:39 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : BTHidMgr ESProtectionDriver Error: (07/08/2015 10:30:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Quinnware CDDA Driver (by InfinaDyne) n’a pas pu démarrer en raison de l’erreur : %%1275 Error: (07/08/2015 10:30:32 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Le chargement de \??\C:\Program Files (x86)\Quintessential Media Player\cdrpdacc a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. Error: (07/08/2015 10:28:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Périphérique Bluetooth (TDI protocole RFCOMM) n’a pas pu démarrer en raison de l’erreur : %%1058 Error: (07/08/2015 10:27:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Panda On-Access Anti-Malware Service s’est arrêté avec l’erreur : %%1 Error: (07/08/2015 09:58:45 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Le service Écouteur HomeGroup s’est arrêté avec l’erreur service particulière %%-2147023143. Error: (07/08/2015 09:58:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger : BTHidMgr ESProtectionDriver Error: (07/08/2015 09:58:25 AM) (Source: NetBT) (EventID: 4321) (User: ) Description: Le nom "MEGABIZARD-PC :20" n’a pas pu être enregistré sur l’interface avec l’adresse IP 192.168.0.10. L’ordinateur avec l’adresse IP 192.168.0.12 n’a pas permis que le nom soit réclamé par cet ordinateur. Error: (07/08/2015 09:58:25 AM) (Source: Server) (EventID: 2505) (User: ) Description: Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{49B16CBF-2716-48E4-BAA8-D5434DD97F7E} car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer. Microsoft Office: ========================= Error: (07/08/2015 10:28:38 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (07/08/2015 09:56:29 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (07/08/2015 09:16:39 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (07/08/2015 09:01:38 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\megabizard\Desktop\esetsmartinstaller_enu.exe Error: (07/08/2015 08:51:40 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: {B45E6DCA-B4AC-40D8-A371-D849AB9E32EB}megabizard-PC\megabizardipjetable0 Error: (07/08/2015 08:51:40 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: {B45E6DCA-B4AC-40D8-A371-D849AB9E32EB}megabizard-PC\megabizardipjetable868 Error: (07/08/2015 08:50:39 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: {91560BBA-B31D-41D9-9FB5-0508213395A0}megabizard-PC\megabizardipjetable0 Error: (07/08/2015 08:50:39 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: {91560BBA-B31D-41D9-9FB5-0508213395A0}megabizard-PC\megabizardipjetable868 Error: (07/08/2015 08:16:38 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (07/08/2015 07:16:38 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 CodeIntegrity Errors: =================================== Date: 2015-07-08 10:30:31.953 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Quintessential Media Player\cdrpdacc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2015-07-08 10:30:31.844 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Quintessential Media Player\cdrpdacc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2015-07-08 09:58:19.065 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Quintessential Media Player\cdrpdacc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2015-07-08 09:58:18.956 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Quintessential Media Player\cdrpdacc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2015-07-07 22:28:28.288 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Quintessential Media Player\cdrpdacc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2015-07-07 22:28:28.163 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Quintessential Media Player\cdrpdacc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2015-07-07 22:24:39.327 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Quintessential Media Player\cdrpdacc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2015-07-07 22:24:39.218 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Quintessential Media Player\cdrpdacc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2015-07-07 20:49:58.897 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Quintessential Media Player\cdrpdacc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2015-07-07 20:49:58.788 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Program Files (x86)\Quintessential Media Player\cdrpdacc.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. ==================== Memory info =========================== Processor: AMD Athlon(tm) 7750 Dual-Core Processor Percentage of memory in use: 51% Total physical RAM: 4094.3 MB Available physical RAM: 1997.43 MB Total Virtual: 8186.82 MB Available Virtual: 5412.88 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:161.99 GB) (Free:61.86 GB) NTFS Drive d: (part_1_f) (Fixed) (Total:295.09 GB) (Free:184.55 GB) NTFS Drive i: (coffre) (Fixed) (Total:138.9 GB) (Free:69.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 36A4968B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=162 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=138.9 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=295.1 GB) - (Type=07 NTFS) ==================== End of log ============================