Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-07-2015 Ran by sophie at 2015-07-26 21:35:31 Running from C:\Users\sophie\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-668859941-3776755467-2018057237-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-668859941-3776755467-2018057237-1005 - Limited - Enabled) Invité (S-1-5-21-668859941-3776755467-2018057237-501 - Limited - Disabled) sophie (S-1-5-21-668859941-3776755467-2018057237-1002 - Administrator - Enabled) => C:\Users\sophie ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros) ATI Catalyst Install Manager (HKLM\...\{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}) (Version: 3.0.715.0 - ATI Technologies, Inc.) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform) Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Centre Souris et Claviers Microsoft (Version: 2.3.188.0 - Microsoft Corporation) Hidden CinemaPlus-4.2vV24.07 (HKLM\...\CinemaPlus-4.2vV24.07) (Version: 1.36.01.22 - Cinema PlusV24.07) <==== ATTENTION Crossbrowse (HKLM\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== ATTENTION! Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.) Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM\...\{9011040C-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM\...\{9085040C-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 fr) (HKLM\...\Mozilla Firefox 39.0 (x86 fr)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd) REALTEK GbE & FE Ethernet PCI NIC Driver (HKLM\...\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}) (Version: 1.02.0000 - Realtek) Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.) Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) SmartSaver+ 3 (HKLM\...\SmartSaver+ 3) (Version: 1.36.01.22 - smart-saverplus) <==== ATTENTION Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.24.0 - Synaptics) TOSHIBA ConfigFree (HKLM\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.23 - TOSHIBA Corporation) TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.2.97 - LSI Corporation) TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.40 - TOSHIBA Corporation) VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{00b7e0ab-817a-44ad-a04b-d1148d524136}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{7c6e29bc-8b8b-4c3d-859e-af6cd158be0f}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{88d969c0-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{88d969c1-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{88d969c2-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{88d969c3-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{88d969c4-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{88d969c5-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{88d969c6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{88d969c8-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{88d969c9-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{88d969ca-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File CustomCLSID: HKU\S-1-5-21-668859941-3776755467-2018057237-1002_Classes\CLSID\{88d969d6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> %SystemDrive%\Users\sophie\AppData\Roaming\Microsoft\MSXML2\msxml4.dll No File ==================== Restore Points ========================= 17-07-2015 17:36:58 Windows Update 17-07-2015 21:07:31 Windows Update 17-07-2015 21:20:33 Windows Update 17-07-2015 21:21:11 Windows Update 17-07-2015 21:23:39 Windows Update 19-07-2015 10:36:20 Windows Update 19-07-2015 10:59:08 Windows Update 20-07-2015 09:38:04 Windows Update 20-07-2015 12:01:51 Windows Update 20-07-2015 14:25:26 Windows Update 21-07-2015 09:20:41 Windows Update 24-07-2015 18:57:05 Windows Update 24-07-2015 18:57:18 Windows Update 24-07-2015 23:55:01 Removed Boxore Client 25-07-2015 00:00:13 Windows Update 25-07-2015 02:06:09 avast! antivirus system restore point 25-07-2015 11:55:59 Windows Update 25-07-2015 12:01:01 Windows Update 25-07-2015 13:00:02 Windows Update 25-07-2015 15:15:54 Removed Microsoft Silverlight 25-07-2015 15:32:49 Windows Update 25-07-2015 17:38:58 Windows Update 25-07-2015 17:52:02 Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 25-07-2015 20:17:21 Windows Update 26-07-2015 18:23:24 Windows Update 26-07-2015 18:53:43 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2015-07-15 09:48 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {043659D7-8734-4ADA-ACA2-5025B177FC4B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd) Task: {0F4F9ACE-5CE2-42FC-8B03-3B5E0AADB7B2} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: {10C8FC81-70C5-49D2-89AE-BEECBE63E66D} - System32\Tasks\{8A2FC004-B86A-4610-9B9C-82457D245C00} => pcalua.exe -a C:\Users\pinson\Desktop\FileFormatConverters.exe -d C:\Users\pinson\Desktop Task: {12CD34B1-0130-4966-A40E-FE321DD325CD} - System32\Tasks\APSnotifierPP2 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {1BECE2EA-A28E-4B56-B09E-DEA93F44F748} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2009-09-03] (TOSHIBA CORPORATION) Task: {1E94012A-A396-4787-A1DA-EF6D9997C8DC} - System32\Tasks\LaunchPreSignup => C:\Program Files\OLBPre\OLBPre.exe [2015-07-24] () <==== ATTENTION Task: {1F429BFC-1FC3-47FB-9F9C-57546528E1D0} - System32\Tasks\09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-6 => C:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-6.exe [2015-07-25] (Cinema PlusV24.07) <==== ATTENTION Task: {241A82F9-95A9-4BA6-915C-056A99827395} - System32\Tasks\09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-7 => C:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-7.exe [2015-07-25] (Cinema PlusV24.07) <==== ATTENTION Task: {27BF0E94-2FA1-45AA-B511-850E48438654} - System32\Tasks\09cc8bd5-b88a-4c42-9479-0edd6657bb72-5_user => C:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-5.exe [2015-07-25] (Cinema PlusV24.07) <==== ATTENTION Task: {3136DE2E-2464-4D12-A3E6-2DAB8D86952A} - System32\Tasks\09cc8bd5-b88a-4c42-9479-0edd6657bb72-5 => C:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-5.exe [2015-07-25] (Cinema PlusV24.07) <==== ATTENTION Task: {3B869B04-FFDE-4F00-B98B-F73737CA5D9E} - System32\Tasks\Crossbrowse => C:\Program Files\Crossbrowse\Crossbrowse\Application\utility.exe [2015-07-25] () <==== ATTENTION Task: {4351C48C-B612-4A3D-822E-02CAD3B3CD00} - System32\Tasks\avabvexvac => C:\Users\sophie\AppData\Local\avabvexvac\avabvexvac.exe [2015-07-02] () <==== ATTENTION Task: {4B840EE8-B907-41E6-BD50-FAE0F9F5A148} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {5F6B80F8-D714-4B13-BE04-80378E3152BC} - System32\Tasks\Opera N Sunday => C:\Program Files\Opera\launcher.exe Task: {7F8A7F54-92F1-4154-A1EB-41D58AC033DF} - System32\Tasks\APSnotifierPP3 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {84E6AB93-396A-45D2-901E-5CBF9F6F3B1C} - System32\Tasks\Opera N Saturday => C:\Program Files\Opera\launcher.exe Task: {89E9F393-2CDA-42A0-9D9F-D8B21F87E6E6} - System32\Tasks\{98C90F7D-3F0F-496A-88CA-55D50B75E4C1} => pcalua.exe -a "C:\Program Files\FriendlyError\tmpAD90.bat" Task: {AF32D8FD-85F9-4FCD-B6AA-A960FE2E16AE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {AF72A855-A343-4F62-9067-B7BE240A8EDE} - System32\Tasks\{792FC688-CE71-441D-B3C9-A0820E252367} => pcalua.exe -a "C:\Users\pinson\Desktop\convertir doc office2007\ExcelViewer.exe" -d "C:\Users\pinson\Desktop\convertir doc office2007" Task: {B06226BD-1610-421B-BDD4-2D0F8A5F4E3F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-24] (Adobe Systems Incorporated) Task: {BA6EA6D2-5B96-4EA9-841B-151496DCB9CB} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: {BDC1BBB6-D225-4474-ACA7-A6402EE22B30} - System32\Tasks\APSnotifierPP1 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {C857E417-09B1-4199-AEFA-6F2E3B49ACA6} - System32\Tasks\{97B45D06-2BB9-4CC0-B432-592EC17EB2A9} => pcalua.exe -a C:\Users\pinson\Desktop\GRAPH\10-2_legacy_vista32-64_dd_ccc.exe -d C:\Users\pinson\Desktop\GRAPH Task: {D613EFEB-C2BB-4267-B3B3-30B49A4C4B47} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-25] (AVAST Software) Task: {D8F3ECAE-9197-4092-91D3-D590FC7E35AF} - System32\Tasks\{EEC3F4EF-C42C-44DE-AE16-5C87F6ABA2C4} => pcalua.exe -a C:\Users\sophie\Downloads\FileFormatConverters.exe -d C:\Users\sophie\Downloads Task: {D953E2CB-36F8-4C8E-A6B9-0EA8E7EF31EE} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {DFF20DC9-54B8-4AFF-88E1-ED9A3A6BD8E8} - System32\Tasks\{09835E32-70E4-49D8-B497-21F34CEFDE75} => pcalua.exe -a C:\Users\sophie\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=pcs Task: {E585BDAA-DB16-4256-AFA2-0EAEEECCAFBB} - System32\Tasks\09cc8bd5-b88a-4c42-9479-0edd6657bb72-4 => C:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-4.exe [2015-07-25] (Cinema PlusV24.07) <==== ATTENTION Task: {EA9B6F14-4F3E-4FCA-837B-76C3E262D208} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {F3098974-601E-45FB-A1C3-2DC0A924DE7E} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\04b14df3-6ef5-42ed-b210-7f791a0855f0-1-6.job => C:\Program Files\SmartSaver+ 3\04b14df3-6ef5-42ed-b210-7f791a0855f0-1-6.exe <==== ATTENTION Task: C:\Windows\Tasks\04b14df3-6ef5-42ed-b210-7f791a0855f0-1-7.job => C:\Program Files\SmartSaver+ 3\04b14df3-6ef5-42ed-b210-7f791a0855f0-1-7.exe <==== ATTENTION Task: C:\Windows\Tasks\04b14df3-6ef5-42ed-b210-7f791a0855f0-10_user.job => C:\Program Files\SmartSaver+ 3\04b14df3-6ef5-42ed-b210-7f791a0855f0-10.exe <==== ATTENTION Task: C:\Windows\Tasks\04b14df3-6ef5-42ed-b210-7f791a0855f0-4.job => C:\Program Files\SmartSaver+ 3\04b14df3-6ef5-42ed-b210-7f791a0855f0-4.exe <==== ATTENTION Task: C:\Windows\Tasks\04b14df3-6ef5-42ed-b210-7f791a0855f0-5.job => C:\Program Files\SmartSaver+ 3\04b14df3-6ef5-42ed-b210-7f791a0855f0-5.exe <==== ATTENTION Task: C:\Windows\Tasks\04b14df3-6ef5-42ed-b210-7f791a0855f0-5_user.job => C:\Program Files\SmartSaver+ 3\04b14df3-6ef5-42ed-b210-7f791a0855f0-5.exe <==== ATTENTION Task: C:\Windows\Tasks\09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-6.job => C:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-6.exe <==== ATTENTION Task: C:\Windows\Tasks\09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-7.job => C:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-7.exe <==== ATTENTION Task: C:\Windows\Tasks\09cc8bd5-b88a-4c42-9479-0edd6657bb72-10_user.job => C:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-10.exe <==== ATTENTION Task: C:\Windows\Tasks\09cc8bd5-b88a-4c42-9479-0edd6657bb72-4.job => C:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-4.exe <==== ATTENTION Task: C:\Windows\Tasks\09cc8bd5-b88a-4c42-9479-0edd6657bb72-5.job => C:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-5.exe <==== ATTENTION Task: C:\Windows\Tasks\09cc8bd5-b88a-4c42-9479-0edd6657bb72-5_user.job => C:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-5.exe <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: C:\Windows\Tasks\Optscan.job => c:\programdata\{56efc95f-dbf9-64ae-56ef-fc95fdbf257f}\hqghumeaylnlf.exe <==== ATTENTION Task: C:\Windows\Tasks\wBAg8aQHAG7fA9S.job => C:\Users\sophie\AppData\Roaming\wBAg8aQHAG7fA9S.exe <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2015-07-25 02:19 - 2015-07-25 02:19 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-25 02:19 - 2015-07-25 02:19 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-07-25 20:08 - 2015-07-25 20:08 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072501\algo.dll 2015-07-24 23:08 - 2015-07-24 23:08 - 00161792 _____ () C:\Program Files\5B2216A0-1437772043-11D9-A2AD-001636FB3EC0\hnsaFFD5.tmp 2015-07-24 23:08 - 2015-07-26 19:45 - 00209920 _____ () C:\Program Files\5B2216A0-1437772043-11D9-A2AD-001636FB3EC0\jnszE4E8.tmp 2015-07-25 00:43 - 2015-07-26 18:13 - 00457464 _____ () C:\Program Files\Product Deals\updateProductDeals.exe 2009-10-18 15:20 - 2009-10-18 15:20 - 07980344 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll 2009-11-03 13:26 - 2009-11-03 13:26 - 00058680 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll 2009-03-12 19:08 - 2009-03-12 19:08 - 00049152 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll 2015-07-25 02:20 - 2015-07-25 02:20 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-07-21 23:02 - 2015-07-21 23:02 - 01291256 _____ () C:\Program Files\RapidMediaConverter\RapidMediaConverterApp.exe 2015-07-25 10:30 - 2015-07-25 20:06 - 00461560 _____ () C:\Program Files\Product Deals\bin\utilProductDeals.exe 2015-07-25 01:39 - 2015-07-25 01:39 - 00337920 _____ () C:\Program Files\Product Deals\bin\sqlite3.DLL 2015-07-25 17:26 - 2015-07-25 16:39 - 00296696 _____ () C:\Program Files\Product Deals\bin\ProductDeals.PurBrowse.exe 2015-07-25 01:08 - 2015-07-26 01:38 - 00108280 _____ () C:\Program Files\Product Deals\bin\ProductDeals.BrowserAdapter.exe 2015-07-15 10:37 - 2015-07-15 10:37 - 17448624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-668859941-3776755467-2018057237-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\sophie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 82.163.143.152 - 82.163.142.154 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{542183FE-5DD6-47BC-A2ED-A8798A29D708}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{4CD26C29-2F0A-445E-BC53-3991B8A4FA21}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{C78606F3-9645-412E-85AF-BB00E9907A05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{1DC832B1-6C83-42E2-9853-A62EC2C62CA3}] => (Allow) C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe FirewallRules: [{06CDEE89-A183-4E9F-A8D7-F85D79148D84}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: qsafd_vt_1_10_0_20 Description: qsafd_vt_1_10_0_20 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: qsafd_vt_1_10_0_20 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/26/2015 07:47:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante plugin-container.exe, version : 39.0.0.5659, horodatage : 0x55934d06 Nom du module défaillant : mozalloc.dll, version : 39.0.0.5659, horodatage : 0x55933a83 Code d’exception : 0x80000003 Décalage d’erreur : 0x00001aa1 ID du processus défaillant : 0x8f4 Heure de début de l’application défaillante : 0xplugin-container.exe0 Chemin d’accès de l’application défaillante : plugin-container.exe1 Chemin d’accès du module défaillant: plugin-container.exe2 ID de rapport : plugin-container.exe3 Error: (07/26/2015 07:21:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante plugin-container.exe, version : 39.0.0.5659, horodatage : 0x55934d06 Nom du module défaillant : mozalloc.dll, version : 39.0.0.5659, horodatage : 0x55933a83 Code d’exception : 0x80000003 Décalage d’erreur : 0x00001aa1 ID du processus défaillant : 0xa60 Heure de début de l’application défaillante : 0xplugin-container.exe0 Chemin d’accès de l’application défaillante : plugin-container.exe1 Chemin d’accès du module défaillant: plugin-container.exe2 ID de rapport : plugin-container.exe3 Error: (07/26/2015 07:21:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme firefox.exe version 39.0.0.5659 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 358 Heure de début : 01d0c7bf9aec3137 Heure de fin : 6610 Chemin d’accès de l’application : C:\Program Files\Mozilla Firefox\firefox.exe ID de rapport : a26c7ea6-33ba-11e5-be1f-001636fb3ec0 Error: (07/26/2015 06:27:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante 09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-6.exe, version : 1.0.0.1, horodatage : 0x55b23864 Nom du module défaillant : mshtml.dll, version : 11.0.9600.17041, horodatage : 0x53183d45 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0019c1b5 ID du processus défaillant : 0x978 Heure de début de l’application défaillante : 0x09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-6.exe0 Chemin d’accès de l’application défaillante : 09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-6.exe1 Chemin d’accès du module défaillant: 09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-6.exe2 ID de rapport : 09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-6.exe3 Error: (07/26/2015 06:20:46 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme firefox.exe version 39.0.0.5659 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 15b8 Heure de début : 01d0c7be0745dad2 Heure de fin : 969 Chemin d’accès de l’application : C:\Program Files\Mozilla Firefox\firefox.exe ID de rapport : 25a095d4-33b2-11e5-be1f-001636fb3ec0 Error: (07/25/2015 09:39:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: ) Description: Le service Services de chiffrement n’a pas pu initialiser l’objet sauvegarde VSS « System Writer ». Details: Could not query the status of the EventSystem service. System Error: Un arrêt système est en cours. . Error: (07/25/2015 09:27:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Uninstall.exe_unknown, version : 0.0.0.0, horodatage : 0x55b18139 Nom du module défaillant : Uninstall.exe, version : 0.0.0.0, horodatage : 0x55b18139 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00006c8c ID du processus défaillant : 0x400 Heure de début de l’application défaillante : 0xUninstall.exe_unknown0 Chemin d’accès de l’application défaillante : Uninstall.exe_unknown1 Chemin d’accès du module défaillant: Uninstall.exe_unknown2 ID de rapport : Uninstall.exe_unknown3 Error: (07/25/2015 08:17:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Short-range Radio Plug since QueryServiceConfig API failed System Error: Le fichier spécifié est introuvable. . Error: (07/25/2015 08:12:04 PM) (Source: YSearchUtilSvc) (EventID: 0) (User: ) Description: YSearchUtilSvc error: L’opération a réussi. (0x0)Could not open service (1060) Error: (07/25/2015 08:11:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante Uninstall.exe_unknown, version : 0.0.0.0, horodatage : 0x55b18139 Nom du module défaillant : Uninstall.exe, version : 0.0.0.0, horodatage : 0x55b18139 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00006c8c ID du processus défaillant : 0x1574 Heure de début de l’application défaillante : 0xUninstall.exe_unknown0 Chemin d’accès de l’application défaillante : Uninstall.exe_unknown1 Chemin d’accès du module défaillant: Uninstall.exe_unknown2 ID de rapport : Uninstall.exe_unknown3 System errors: ============= Error: (07/26/2015 06:57:57 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: L’appel ScRegSetValueExW a échoué pour FailureCommand avec l’erreur : %%5 Error: (07/26/2015 06:52:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070308 : Mise à jour de sécurité pour Windows 7 (KB2957509). Error: (07/26/2015 06:52:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070308 : Mise à jour de sécurité pour Windows 7 (KB2912390). Error: (07/26/2015 06:52:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070308 : Mise à jour de sécurité pour Windows 7 (KB2965788). Error: (07/26/2015 06:52:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070308 : Mise à jour de sécurité pour Windows 7 (KB2973351). Error: (07/26/2015 06:22:38 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: L’appel ScRegSetValueExW a échoué pour Start avec l’erreur : %%5 Error: (07/26/2015 06:22:10 PM) (Source: Disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error: (07/26/2015 06:22:08 PM) (Source: Disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error: (07/26/2015 06:22:04 PM) (Source: Disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error: (07/26/2015 06:22:02 PM) (Source: Disk) (EventID: 7) (User: ) Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Microsoft Office: ========================= Error: (07/26/2015 07:47:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa18f401d0c7c828e2c08eC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll6332e991-33be-11e5-be1f-001636fb3ec0 Error: (07/26/2015 07:21:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa1a6001d0c7c2f699f9a1C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dllbc7dd4ab-33ba-11e5-be1f-001636fb3ec0 Error: (07/26/2015 07:21:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: firefox.exe39.0.0.565935801d0c7bf9aec31376610C:\Program Files\Mozilla Firefox\firefox.exea26c7ea6-33ba-11e5-be1f-001636fb3ec0 Error: (07/26/2015 06:27:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: 09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-6.exe1.0.0.155b23864mshtml.dll11.0.9600.1704153183d45c00000050019c1b597801d0c7bd916700dcC:\Program Files\CinemaPlus-4.2vV24.07\09cc8bd5-b88a-4c42-9479-0edd6657bb72-1-6.exeC:\Windows\System32\mshtml.dll28431055-33b3-11e5-be1f-001636fb3ec0 Error: (07/26/2015 06:20:46 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: firefox.exe39.0.0.565915b801d0c7be0745dad2969C:\Program Files\Mozilla Firefox\firefox.exe25a095d4-33b2-11e5-be1f-001636fb3ec0 Error: (07/25/2015 09:39:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: ) Description: Details: Could not query the status of the EventSystem service. System Error: Un arrêt système est en cours. Error: (07/25/2015 09:27:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Uninstall.exe_unknown0.0.0.055b18139Uninstall.exe0.0.0.055b18139c000000500006c8c40001d0c70fe8d25b22C:\Program Files\SmartSaver+ 3\Uninstall.exeC:\Program Files\SmartSaver+ 3\Uninstall.exe2f95de1c-3303-11e5-a7bc-91c5243c1e59 Error: (07/25/2015 08:17:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service Short-range Radio Plug since QueryServiceConfig API failed System Error: Le fichier spécifié est introuvable. Error: (07/25/2015 08:12:04 PM) (Source: YSearchUtilSvc) (EventID: 0) (User: ) Description: YSearchUtilSvc error: L’opération a réussi. (0x0)Could not open service (1060) Error: (07/25/2015 08:11:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Uninstall.exe_unknown0.0.0.055b18139Uninstall.exe0.0.0.055b18139c000000500006c8c157401d0c7054bca1458C:\Program Files\SmartSaver+ 3\Uninstall.exeC:\Program Files\SmartSaver+ 3\Uninstall.exe90ff6e9c-32f8-11e5-b6f2-001636fb3ec0 ==================== Memory info =========================== Processor: Genuine Intel(R) CPU T2080 @ 1.73GHz Percentage of memory in use: 95% Total physical RAM: 894.11 MB Available physical RAM: 40.98 MB Total Virtual: 2240.11 MB Available Virtual: 556.02 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.79 GB) (Free:200.98 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 807B9D2B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ==================== End of log ============================