Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01 Ran by CHRISTINE at 2015-07-03 20:05:24 Running from C:\Users\CHRISTINE\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-2452889437-1437254312-1585164590-500 - Administrator - Disabled) CHRISTINE (S-1-5-21-2452889437-1437254312-1585164590-1001 - Administrator - Enabled) => C:\Users\CHRISTINE HomeGroupUser$ (S-1-5-21-2452889437-1437254312-1585164590-1005 - Limited - Enabled) Invité (S-1-5-21-2452889437-1437254312-1585164590-501 - Limited - Disabled) UpdatusUser (S-1-5-21-2452889437-1437254312-1585164590-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) A Wizard's Curse (x32 Version: 3.0.2.51 - WildTangent) Hidden Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated) Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden Amazing Adventures: The Forgotten Dynasty (x32 Version: 2.2.0.98 - WildTangent) Hidden Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software) Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden Behind The Reflection 2: Witch's Revenge (x32 Version: 3.0.2.32 - WildTangent) Hidden Brink of Consciousness Dorian Gray Syndrome Standard Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Brink of Consciousness: Dorian Gray Syndrome Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden Brink of Consciousness: Lonely Hearts Murders (x32 Version: 3.0.2.48 - WildTangent) Hidden Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation) Canaux de jeu (x32 Version: 6.1.0.5 - WildTangent, Inc.) Hidden Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.) Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.) Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dark Arcana: The Carnival Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden Dark Strokes: Sins of the Fathers (x32 Version: 3.0.2.32 - WildTangent) Hidden Dracula: Love Kills (x32 Version: 2.2.0.110 - WildTangent) Hidden Dream Chronicles (x32 Version: 2.2.0.95 - WildTangent) Hidden Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Enregistrement utilisateur de Canon MG2500 series (HKLM-x32\...\Enregistrement utilisateur de Canon MG2500 series) (Version: - ‭Canon Inc.) Escape the Emerald Star (x32 Version: 2.2.0.98 - WildTangent) Hidden ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.) Forbidden Secrets Alien Town (x32 Version: 3.0.2.48 - WildTangent) Hidden Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Ghost Encounters: Deadwood (x32 Version: 3.0.2.32 - WildTangent) Hidden Golden Trails 2 - The Lost Legacy (HKLM-x32\...\4d5655e4f4e9700a108fc5ff82993406) (Version: - Zylom) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Haunted Past: Realm of Ghosts (x32 Version: 2.2.0.110 - WildTangent) Hidden Hello Venice 2: New York Adventure (x32 Version: 3.0.2.59 - WildTangent) Hidden Hidden Memories of a Bright Summer (x32 Version: 3.0.2.59 - WildTangent) Hidden House of 1000 Doors: The Palm of Zoroaster (x32 Version: 3.0.2.32 - WildTangent) Hidden Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation) Jeux WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) Jewel Legends: Magical Kingdom (x32 Version: 3.0.2.59 - WildTangent) Hidden Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden Jewel Quest Mysteries (x32 Version: 2.2.0.95 - WildTangent) Hidden Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Packard Bell) Letters from Nowhere (x32 Version: 2.2.0.98 - WildTangent) Hidden Lost Souls - Enchanted Paintings Premium Edition (HKLM-x32\...\30e14137d0b8878d9b418835e8e4811d) (Version: - Zylom) Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Famille et Étudiant 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Midnight Mysteries: Devil on the Mississippi (x32 Version: 2.2.0.110 - WildTangent) Hidden Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Motor Town: Soul of the Machine (x32 Version: 3.0.2.59 - WildTangent) Hidden Mozilla Firefox 38.0.5 (x86 fr) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 fr)) (Version: 38.0.5 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden Mystery Stories: Mountains of Madness (x32 Version: 3.0.2.32 - WildTangent) Hidden Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG) Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG) Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG) Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) Nightmare on the Pacific (x32 Version: 2.2.0.97 - WildTangent) Hidden NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation) NVIDIA Pilote graphique 285.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.64 - NVIDIA Corporation) Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.) Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent) Packard Bell MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems) Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3009 - Packard Bell) Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3500 - Packard Bell) Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3504 - Packard Bell) Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2011 - Packard Bell ) Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.) Packard Bell Social Networks (x32 Version: 3.0.3106 - CyberLink Corp.) Hidden Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Packard Bell) Panneau de configuration NVIDIA 285.64 (Version: 285.64 - NVIDIA Corporation) Hidden Phantasmat (x32 Version: 2.2.0.97 - WildTangent) Hidden PhotoFiltre 7 (HKU\S-1-5-21-2452889437-1437254312-1585164590-1001\...\PhotoFiltre 7) (Version: - ) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Princess Isabella: Return of the Curse -- Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.) Robin's Quest (x32 Version: 2.2.0.97 - WildTangent) Hidden Sacra Terra: Angelic Night (x32 Version: 2.2.0.98 - WildTangent) Hidden Sacra Terra: Kiss of Death Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden Sea Legends: Phantasmal Light Collector's Edition (x32 Version: 3.0.2.51 - WildTangent) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Sisters Secrecy: Arcanum Bloodlines Premium Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden Tearstone (x32 Version: 3.0.2.32 - WildTangent) Hidden The Book of Desires (x32 Version: 3.0.2.48 - WildTangent) Hidden The Lake House: Children of Silence (x32 Version: 3.0.2.48 - WildTangent) Hidden The Secret Legacy: A Kate Brooks Adventure (x32 Version: 2.2.0.97 - WildTangent) Hidden Titanic's Keys to the Past (x32 Version: 3.0.2.32 - WildTangent) Hidden Tornado (x32 Version: 2.2.0.110 - WildTangent) Hidden Twisted: A Haunted Carol (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vampire Saga 3: Break Out (x32 Version: 3.0.2.32 - WildTangent) Hidden Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Video Web Camera (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden Voodoo Whisperer: Curse of a Legend - Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3504 - Packard Bell) WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden Windows Live Temel Parçalar (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 26-02-2015 04:00:13 Windows Update 04-03-2015 03:53:30 Windows Update 10-03-2015 12:06:06 Windows Update 12-03-2015 04:01:33 Windows Update 17-03-2015 16:12:19 Windows Update 24-03-2015 11:12:24 Windows Update 27-03-2015 03:42:07 avast! antivirus system restore point 27-03-2015 03:49:01 Installation du package de pilotes : Avast Service réseau 27-03-2015 14:10:59 Windows Update 31-03-2015 12:01:49 Windows Update 03-04-2015 13:42:41 Windows Update 05-04-2015 03:00:16 Windows Update 10-04-2015 10:55:52 Windows Update 14-04-2015 20:57:24 avast! antivirus system restore point 14-04-2015 21:41:27 Windows Update 15-04-2015 03:01:06 Windows Update 21-04-2015 10:54:23 Windows Update 27-04-2015 21:42:47 avast! antivirus system restore point 28-04-2015 11:47:20 Windows Update 01-05-2015 14:58:37 Windows Update 05-05-2015 09:14:25 Windows Update 09-05-2015 06:25:33 Windows Update 12-05-2015 12:48:47 Windows Update 14-05-2015 03:01:39 Windows Update 19-05-2015 11:11:09 Windows Update 21-05-2015 11:30:40 Windows Update 26-05-2015 12:05:34 Windows Update 29-05-2015 12:10:23 Windows Update 02-06-2015 23:09:46 Windows Update 09-06-2015 09:38:58 Windows Update 11-06-2015 11:21:16 Windows Update 16-06-2015 11:41:50 Windows Update 23-06-2015 11:21:01 Windows Update 30-06-2015 11:25:25 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0709C56B-090B-4446-9E17-EBB6DC56D863} - System32\Tasks\{72A74C04-2021-470C-B7FA-E9C24510885E} => Firefox.exe http://ui.skype.com/ui/0/6.1.0.129.272/fr/abandoninstall?page=tsProgressBar Task: {23BFD3A9-1DD6-4D20-AD57-3C6D8648CE8B} - System32\Tasks\{657CEBB7-B311-4767-A402-A5DFF4EB9652} => Firefox.exe http://ui.skype.com/ui/0/6.1.0.129.272/fr/abandoninstall?page=tsProgressBar Task: {52FE1B93-38A8-43E7-80A3-9D433E130AA8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-28] (Google Inc.) Task: {77FCA761-BB04-4D9C-8034-8FC3E6A5B904} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-28] (Google Inc.) Task: {7FBAE5A5-C15F-4D2A-BC9A-3C815F655267} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-19] (Avast Software s.r.o.) Task: {D5C9FA1E-696C-4AA6-964B-99DA3AACFF6B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {D64781F3-64B1-4710-BAC9-B1273B6D1402} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated) Task: {EEB42485-699A-4C26-BC5C-F18FE86D9738} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2014-07-18 18:17 - 2013-05-14 18:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2013-07-30 00:01 - 2015-06-25 12:35 - 00532784 _____ () C:\Users\CHRISTINE\AppData\Roaming\cacaoweb\cacaoweb.exe 2015-04-27 21:44 - 2015-04-27 21:44 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-04-27 21:44 - 2015-04-27 21:44 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-07-02 10:04 - 2015-07-02 10:04 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15070200\algo.dll 2015-07-03 12:57 - 2015-07-03 12:57 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070300\algo.dll 2010-06-29 00:20 - 2010-06-29 00:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll 2010-06-29 00:12 - 2010-06-29 00:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\ACE.dll 2011-10-28 15:42 - 2009-05-20 08:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll 2015-03-27 03:48 - 2015-03-27 03:48 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-10-20 04:33 - 2014-10-20 04:33 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\89753abff3827095ec7f3d3fb79f744a\IsdiInterop.ni.dll 2011-10-28 15:00 - 2010-04-13 18:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2452889437-1437254312-1585164590-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\CHRISTINE\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{B37FEF9A-C14D-4587-A077-9D1AF6157068}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{B3ACB790-1E3E-4D92-BC82-B2E4A4E2622C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{13B7F354-6CA9-4100-8B16-EF5FC1D32760}] => (Allow) LPort=2869 FirewallRules: [{868DDF0A-428E-4D27-833C-E0F534756D80}] => (Allow) LPort=1900 FirewallRules: [{FAE2CA47-3481-46F2-A4F5-A24CCBA0F7B7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{5E463D59-1CFB-4291-9237-BA96A4F8CA12}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{4E484BA5-3C34-4B27-A9A7-09CD481CC0DE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{73951FF8-6882-4CB9-A1C0-E8839D812EF1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [TCP Query User{30A0DBA6-95A8-45D1-A736-1A270C975256}C:\users\christine\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\christine\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [UDP Query User{AB7716EE-2427-4C37-9B36-8C047CD46B3F}C:\users\christine\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\christine\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [TCP Query User{BA6003FF-565D-423E-807E-4A8AC175529E}C:\users\christine\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\christine\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [UDP Query User{B88BBC0F-ACA1-4E57-B6EC-FCB2D913F579}C:\users\christine\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\christine\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [{4AC527AE-7A03-41CD-A68B-754C08280ACE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{929EB4DA-D742-4EAD-B4E8-C7CE1027718B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{A2BFB735-A82E-49C2-876D-25082E687816}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{D06A95EC-2E3F-442C-BB7E-11CFA5D95BE7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{2495F8B0-DF11-4EC2-ABD4-E51452F60A74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/02/2015 01:52:16 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/02/2015 11:06:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante msnmsgr.exe, version : 15.4.3538.513, horodatage : 0x4dcdb2b3 Nom du module défaillant : ole32.dll, version : 6.1.7601.17514, horodatage : 0x4ce7b96f Code d’exception : 0xc0000005 Décalage d’erreur : 0x0003bc24 ID du processus défaillant : 0xce8 Heure de début de l’application défaillante : 0xmsnmsgr.exe0 Chemin d’accès de l’application défaillante : msnmsgr.exe1 Chemin d’accès du module défaillant: msnmsgr.exe2 ID de rapport : msnmsgr.exe3 Error: (07/02/2015 10:04:16 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/30/2015 11:16:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2015 11:33:25 PM) (Source: ESENT) (EventID: 439) (User: ) Description: taskhost (3216) WebCacheLocal: Impossible d'écrire un en-tête en mémoire cache pour le fichier C:\Users\CHRISTINE\AppData\Local\Microsoft\Windows\WebCache\V01.chk. Erreur -1032. Error: (06/29/2015 11:33:25 PM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhost (3216) WebCacheLocal: Une tentative d'ouverture du fichier "C:\Users\CHRISTINE\AppData\Local\Microsoft\Windows\WebCache\V01.chk" pour accès en lecture/écriture a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). Error: (06/29/2015 11:32:57 PM) (Source: ESENT) (EventID: 439) (User: ) Description: taskhost (3216) WebCacheLocal: Impossible d'écrire un en-tête en mémoire cache pour le fichier C:\Users\CHRISTINE\AppData\Local\Microsoft\Windows\WebCache\V01.chk. Erreur -1032. Error: (06/29/2015 11:32:56 PM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhost (3216) WebCacheLocal: Une tentative d'ouverture du fichier "C:\Users\CHRISTINE\AppData\Local\Microsoft\Windows\WebCache\V01.chk" pour accès en lecture/écriture a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). Error: (06/29/2015 11:32:36 PM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhost (3216) WebCacheLocal: Une tentative d'ouverture du fichier "C:\Users\CHRISTINE\AppData\Local\Microsoft\Windows\WebCache\V01.chk" pour accès en lecture/écriture a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). Error: (06/29/2015 11:31:51 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (07/02/2015 01:51:38 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 11:27:15 le ‎02/‎07/‎2015 n’était pas prévu. Error: (06/29/2015 11:31:20 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x00000101 (0x0000000000000031, 0x0000000000000000, 0xfffff880031d3180, 0x0000000000000003)C:\Windows\MEMORY.DMP062915-36083-01 Error: (06/29/2015 11:31:15 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 23:23:28 le ‎29/‎06/‎2015 n’était pas prévu. Error: (06/28/2015 11:34:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service MBAMScheduler. Error: (06/28/2015 09:53:02 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 02:17:01 le ‎28/‎06/‎2015 n’était pas prévu. Error: (06/24/2015 07:52:28 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service MBAMScheduler. Error: (06/24/2015 07:51:57 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service MBAMScheduler. Error: (06/22/2015 02:52:03 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x00000101 (0x0000000000000031, 0x0000000000000000, 0xfffff880009e9180, 0x0000000000000001)C:\Windows\MEMORY.DMP062215-26582-01 Error: (06/22/2015 02:51:55 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 14:48:51 le ‎22/‎06/‎2015 n’était pas prévu. Error: (06/22/2015 02:45:03 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 14:42:20 le ‎22/‎06/‎2015 n’était pas prévu. Microsoft Office: ========================= Error: (07/02/2015 01:52:16 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/02/2015 11:06:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: msnmsgr.exe15.4.3538.5134dcdb2b3ole32.dll6.1.7601.175144ce7b96fc00000050003bc24ce801d0b49dc2ce0f27C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Windows\syswow64\ole32.dll93bac586-2099-11e5-9545-dc0ea1982928 Error: (07/02/2015 10:04:16 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/30/2015 11:16:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2015 11:33:25 PM) (Source: ESENT) (EventID: 439) (User: ) Description: taskhost3216WebCacheLocal: C:\Users\CHRISTINE\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 Error: (06/29/2015 11:33:25 PM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhost3216WebCacheLocal: C:\Users\CHRISTINE\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 (0xfffffbf8)32 (0x00000020)Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. Error: (06/29/2015 11:32:57 PM) (Source: ESENT) (EventID: 439) (User: ) Description: taskhost3216WebCacheLocal: C:\Users\CHRISTINE\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 Error: (06/29/2015 11:32:56 PM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhost3216WebCacheLocal: C:\Users\CHRISTINE\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 (0xfffffbf8)32 (0x00000020)Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. Error: (06/29/2015 11:32:36 PM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhost3216WebCacheLocal: C:\Users\CHRISTINE\AppData\Local\Microsoft\Windows\WebCache\V01.chk-1032 (0xfffffbf8)32 (0x00000020)Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. Error: (06/29/2015 11:31:51 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz Percentage of memory in use: 48% Total physical RAM: 3766.71 MB Available physical RAM: 1925.11 MB Total Pagefile: 7531.62 MB Available Pagefile: 4923.7 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (Packard Bell) (Fixed) (Total:447.66 GB) (Free:256.6 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 22C203FC) Partition 1: (Not Active) - (Size=18 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=447.7 GB) - (Type=07 NTFS) ==================== End of log ============================