Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015 Ran by stephane at 2015-07-12 15:14:32 Running from C:\Users\stephane\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-3767297936-2895314001-1491492588-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-3767297936-2895314001-1491492588-1012 - Limited - Enabled) Invité (S-1-5-21-3767297936-2895314001-1491492588-501 - Limited - Enabled) => C:\Users\Invité postgres (S-1-5-21-3767297936-2895314001-1491492588-1005 - Limited - Enabled) => C:\Users\postgres stephane (S-1-5-21-3767297936-2895314001-1491492588-1001 - Administrator - Enabled) => C:\Users\stephane Yanis (S-1-5-21-3767297936-2895314001-1491492588-1010 - Limited - Enabled) => C:\Users\Yanis ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Antispyware (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09} FW: Bitdefender Pare-feu (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7 Wonders II (x32 Version: 2.2.0.98 - WildTangent) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-3767297936-2895314001-1491492588-501\...\Akamai) (Version: - Akamai Technologies, Inc) Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.) Alcor Micro USB Card Reader Driver (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden AMD Catalyst Install Manager (HKLM\...\{CC6CCF1E-F361-910A-E41D-EB5176F1255C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Ask Toolbar Updater (HKU\S-1-5-21-3767297936-2895314001-1491492588-501\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.36191 - Ask.com) <==== ATTENTION Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden BetclicPoker.fr (HKU\S-1-5-21-3767297936-2895314001-1491492588-1001\...\BetclicPoker.fr) (Version: - ) Bitdefender Internet Security 2013 (HKLM\...\Bitdefender) (Version: 16.25.0.1710 - Bitdefender) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation) Centre Souris et Claviers Microsoft (Version: 2.0.162.0 - Microsoft Corporation) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite) Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Crazy Chicken Soccer (x32 Version: 2.2.0.98 - WildTangent) Hidden CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.) CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKU\S-1-5-21-3767297936-2895314001-1491492588-1001\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.) Everest Poker.fr (HKU\S-1-5-21-3767297936-2895314001-1491492588-1001\...\EverestPoker.fr) (Version: - ) Explor@ Park (HKLM-x32\...\VTechDownloadManager) (Version: - VTech) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - ) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd) HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent) HP Quick Start (HKLM-x32\...\{B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3}) (Version: 1.0.4660.30220 - Hewlett-Packard) HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard) HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT) IMVU Avatar Chat Software (HKU\S-1-5-21-3767297936-2895314001-1491492588-501\...\IMVU Avatar chat client software BETA) (Version: - ) Infragistics Developer Tools 2015.1 (HKLM-x32\...\{0DC0971A-6929-4721-B4FD-E84FE725DB04}) (Version: 15.1.20151.72 - Infragistics, Inc.) Infragistics WPF 2015.1 (HKLM-x32\...\{F542DD7C-19CF-4338-A05A-0F1FE2148CF0}) (Version: 15.1.2055 - Infragistics, Inc.) Infragistics WPF 2015.1 Samples (HKLM-x32\...\{8F0846DF-5D4B-43AA-8BE5-DB523D74DE5D}) (Version: 15.1.144 - Infragistics, Inc.) Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle) Java(TM) 6 Update 38 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216038FF}) (Version: 6.0.380 - Oracle) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Office Famille et Étudiant 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 fr)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla) MyFreeCodec (HKU\S-1-5-21-3767297936-2895314001-1491492588-1001\...\MyFreeCodec) (Version: - ) Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden OpenOffice 4.1.0 (HKLM-x32\...\{B3B009FC-6909-4E00-9F43-FFB5CA93D606}) (Version: 4.10.9764 - Apache Software Foundation) PDF Pro 10 (HKLM-x32\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 10.8.0000 - PDF Pro Software) PKR (HKLM-x32\...\PKR) (Version: - PKR Ltd) PokerOffice (remove only) (HKU\S-1-5-21-3767297936-2895314001-1491492588-1001\...\PokerOffice5) (Version: - ) PokerStars.fr (HKLM-x32\...\PokerStars.fr) (Version: - PokerStars.fr) PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - ) Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group) Power Challenge Game Plugin (HKU\S-1-5-21-3767297936-2895314001-1491492588-501\...\Power Loader) (Version: - ) Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Tomb Raider: Legend 1.2 (HKLM-x32\...\Tomb Raider: Legend) (Version: - ) Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden TubeMaster++ 2.7 (HKLM-x32\...\TubeMaster++) (Version: 2.7 - GgSofts) Turbopoker.fr (HKU\S-1-5-21-3767297936-2895314001-1491492588-1001\...\Turbopoker.fr) (Version: - ) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden Winamax (HKU\S-1-5-21-3767297936-2895314001-1491492588-1001\...\Winamax 3.9.0) (Version: 3.9.0 - Winamax) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3767297936-2895314001-1491492588-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\stephane\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3767297936-2895314001-1491492588-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\stephane\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3767297936-2895314001-1491492588-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\stephane\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3767297936-2895314001-1491492588-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\stephane\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3767297936-2895314001-1491492588-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\stephane\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3767297936-2895314001-1491492588-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\stephane\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3767297936-2895314001-1491492588-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\stephane\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3767297936-2895314001-1491492588-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\stephane\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3767297936-2895314001-1491492588-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\stephane\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3767297936-2895314001-1491492588-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\stephane\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) ==================== Restore Points ========================= 24-06-2015 12:31:55 Windows Update 03-07-2015 12:10:15 Point de contrôle planifié 07-07-2015 16:50:41 HPSF Restore Point 11-07-2015 17:21:05 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2015-07-11 11:42 - 00000698 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {28E46B03-9182-4667-B349-01C71D4556CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-06] (Google Inc.) Task: {2DC7C6E6-0775-48FF-A3FF-D66D3F70E002} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard) Task: {2E147532-38FB-4397-9578-8C7E60C5D0C1} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3767297936-2895314001-1491492588-1001Core => C:\Users\stephane\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.) Task: {388BE21F-1D19-403A-8C80-8D5F3A7BDDBC} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-08] (Adobe Systems Incorporated) Task: {468C3766-3FEB-4AA1-ABCC-72BB3207D2D1} - System32\Tasks\{F73CAE24-D2A4-4E0F-9699-DE4A209A6B80} => pcalua.exe -a C:\Users\stephane\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=air Task: {4DC931E2-0B97-4E10-8017-FDFE094218BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {5B282DFA-E91C-4854-8E3E-C524FE322BBD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2013-11-04] (Hewlett-Packard Company) Task: {615D5E51-4174-467A-AFF6-B8A5DF889F0C} - System32\Tasks\Bitdefender Auto Scan => C:\Program Files\Bitdefender\Bitdefender 2013\mtasklaunch.exe [2013-09-17] (Bitdefender) Task: {65956C13-A641-4E53-8A9D-ED177DF2E910} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation) Task: {67DE384E-2825-4901-9E4B-925B0FE63845} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation) Task: {6AA33377-F414-426A-8D4F-4845E63D1424} - System32\Tasks\GoogleUpdateTaskMachineCore1ce4e79d1bc5c14 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-06] (Google Inc.) Task: {768EA739-C2C2-436F-BEC0-3ACF9ECDD541} - System32\Tasks\HPCeeScheduleForstephane => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {80D1FCEE-2A0C-4076-A499-DD2EC8CA345B} - System32\Tasks\GoogleUpdateTaskMachineUA1ce82507934c3d1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-06] (Google Inc.) Task: {827B5824-ED87-474F-8D59-440415886A0B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation) Task: {936D7618-B5E6-407A-8BD1-120232D811A6} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION Task: {93DDCBCE-DA50-47FC-96A7-609A89FC4C6A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3767297936-2895314001-1491492588-1001UA => C:\Users\stephane\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.) Task: {9E4E9932-7A07-4A04-83EA-C8529A81BB8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {A89D5056-3B3D-4C62-A941-E10FA852ACE7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft) Task: {A8DE1AA3-A39C-4398-9B6F-E472B66A172E} - System32\Tasks\GoogleUpdateTaskMachineCore1ce825075ae660e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-06] (Google Inc.) Task: {CABD2D6F-EAA5-4F44-B084-579648336A16} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {D5503BDE-0B21-4084-AFAB-CED5DB0F627F} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION Task: {D605DBDD-3CBF-4A5B-AADE-DE7444CD640F} - System32\Tasks\{A0662699-554C-4F23-8038-020C30455FC1} => pcalua.exe -a E:\autorun.exe -d E:\ Task: {E08117A5-67BE-4D27-BB14-F2975C91AAAB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard) Task: {E540D19B-231B-453D-8A8F-77E3D2395E8F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {E5883AF2-572F-4D58-9BB7-C5C36540148B} - System32\Tasks\GoogleUpdateTaskMachineUA1ce4e79d4f6932b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-06] (Google Inc.) Task: {E6BCA29B-8B30-4640-B133-EF115E12FDE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-06] (Google Inc.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3767297936-2895314001-1491492588-1001Core.job => C:\Users\stephane\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3767297936-2895314001-1491492588-1001UA.job => C:\Users\stephane\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce4e79d1bc5c14.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce825075ae660e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1ce4e79d4f6932b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1ce82507934c3d1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForstephane.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (Whitelisted) ============== 2013-04-08 13:38 - 2013-09-17 17:48 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll 2013-04-08 13:38 - 2013-09-17 17:48 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\accessl.ui 2013-01-03 14:11 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdfwcore.dll 2013-04-08 13:38 - 2013-09-17 17:49 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\IMSecurityAL.ui 2015-05-06 13:36 - 2015-05-06 13:36 - 00790368 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00350_035\ashttpbr.mdl 2015-05-06 13:36 - 2015-05-06 13:36 - 00711064 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00350_035\ashttpdsp.mdl 2015-05-06 13:36 - 2015-05-06 13:36 - 02683520 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00350_035\ashttpph.mdl 2015-05-06 13:36 - 2015-05-06 13:36 - 01326504 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00350_035\ashttprbl.mdl 2012-08-29 11:02 - 2012-08-29 11:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll 2012-08-29 11:02 - 2012-08-29 11:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll 2012-08-29 11:02 - 2012-08-29 11:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll 2013-06-20 12:59 - 2013-06-20 09:58 - 00391040 ____N () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe 2015-04-19 00:50 - 2014-01-07 11:24 - 07215616 _____ () C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe 2013-06-05 15:51 - 2013-06-05 15:51 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll 2013-01-26 18:50 - 2011-01-28 07:15 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll 2013-01-26 18:50 - 2009-02-12 21:01 - 00976384 _____ () c:\postgreSQL\bin\libxml2.dll 2013-01-26 18:50 - 2005-07-20 12:48 - 00059904 _____ () c:\postgreSQL\bin\zlib1.dll 2015-07-08 17:19 - 2015-07-07 05:49 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll 2015-07-08 17:19 - 2015-07-07 05:49 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll 2013-06-20 12:59 - 2010-06-24 03:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll 2013-06-20 12:59 - 2010-07-13 15:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll 2013-06-20 12:59 - 2010-06-02 04:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll 2013-06-20 12:59 - 2010-06-02 04:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll 2013-06-20 12:59 - 2012-08-06 11:54 - 09843640 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll 2013-06-20 12:59 - 2010-07-05 11:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll 2013-06-20 12:59 - 2010-11-11 11:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll 2013-06-20 12:59 - 2010-06-02 04:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll 2013-06-20 12:59 - 2010-06-02 04:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll 2013-06-20 12:59 - 2010-06-02 07:05 - 00025600 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qgif4.dll 2013-06-20 12:59 - 2010-06-02 07:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll 2015-04-19 00:50 - 2014-01-07 11:24 - 01200128 _____ () C:\Program Files (x86)\PDF Pro 10\TMSlite170.bpl 2015-04-19 00:50 - 2013-12-16 18:14 - 00090112 _____ () C:\Program Files (x86)\PDF Pro 10\vspropsaver170.bpl 2015-04-19 00:50 - 2014-01-07 11:24 - 05164544 _____ () C:\Program Files (x86)\PDF Pro 10\vspdfcore170.bpl 2015-04-19 00:50 - 2014-01-07 11:24 - 00078848 _____ () C:\Program Files (x86)\PDF Pro 10\expertpdfcore170.bpl 2015-04-19 00:50 - 2013-12-16 18:14 - 02544640 _____ () C:\Program Files (x86)\PDF Pro 10\vsvector170.bpl 2015-04-19 00:50 - 2014-01-07 11:24 - 02974720 _____ () C:\Program Files (x86)\PDF Pro 10\BBlite170.bpl 2015-04-19 00:50 - 2014-01-07 11:24 - 00066560 _____ () C:\Program Files (x86)\PDF Pro 10\vsprinters170.bpl 2015-04-19 00:50 - 2013-12-16 18:14 - 00064512 _____ () C:\Program Files (x86)\PDF Pro 10\vspdfprinter170.bpl 2015-04-19 00:50 - 2013-12-16 18:14 - 01951288 _____ () C:\Program Files (x86)\PDF Pro 10\js32.dll 2015-04-19 00:50 - 2014-01-07 11:24 - 00572928 _____ () C:\Program Files (x86)\PDF Pro 10\vspdfeditor170.bpl 2015-04-19 00:50 - 2014-01-07 11:24 - 00025600 _____ () C:\Program Files (x86)\PDF Pro 10\vstrees170.bpl 2015-07-12 15:01 - 2015-07-12 15:01 - 00043008 _____ () c:\users\stephane\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptvd2xl.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\stephane\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\stephane\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\stephane\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\stephane\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\stephane\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\stephane\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\stephane\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\Users\Invité\Downloads\Battle.net-Setup-frFR (1).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\Battle.net-Setup-frFR (2).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\Battle.net-Setup-frFR (3).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\Battle.net-Setup-frFR.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\DofusInstaller.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\geotortue-3.14.02.19 (1).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\geotortue-3.14.02.19 (2).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\geotortue-3.14.02.19.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\Heroes-of-the-Storm-Setup-frFR.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\PokerStarsInstallFR.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\powersetup (1).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\powersetup (2).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\powersetup (3).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\powersetup (4).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\powersetup.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\SetupPoker_44e4eb (1).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\SetupPoker_44e4eb.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\SkypeSetupFull (1).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\SkypeSetupFull.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\super-mario-forever4.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\wolfteam_fr_downloader (1).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\wolfteam_fr_downloader (2).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\wolfteam_fr_downloader (3).exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\wolfteam_fr_downloader.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\World-of-Warcraft-Setup-enGB.exe:BDU AlternateDataStreams: C:\Users\Invité\Downloads\World-of-Warcraft-Setup-frFR.exe:BDU AlternateDataStreams: C:\Users\stephane\OneDrive:ms-properties AlternateDataStreams: C:\Users\stephane\Downloads\7683_HoldemManager2Setup.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\7697_HoldemManager2Setup (1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\7697_HoldemManager2Setup.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\AdwCleaner-4.207 (1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\AdwCleaner-4.207 (2).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\AdwCleaner-4.207.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_fr (1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_fr.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_fr.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\bitdefender_pc_2013_v195_64b (1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\ChromeSetup.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\d95adec22c0a406cb179519e4d71320c_Pod14_fr-FR (1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\d95adec22c0a406cb179519e4d71320c_Pod14_fr-FR (2).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\d95adec22c0a406cb179519e4d71320c_Pod14_fr-FR (3).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\d95adec22c0a406cb179519e4d71320c_Pod14_fr-FR (4).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\d95adec22c0a406cb179519e4d71320c_Pod14_fr-FR.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\DropboxInstaller.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\Firefox Setup Stub 39.0 (1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\Firefox Setup Stub 39.0.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\flashplayer18_ga_install.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\FRST64.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\HmUpdate_Release_1.12.11_10Sep2012 (1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\HmUpdate_Release_1.12.11_10Sep2012.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\install_flash_player.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\install_reader11_fr_gtba_chra_dy_aaa_aih.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\jre-8u45-windows-i586-iftw(1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\jre-8u45-windows-i586-iftw.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\KiesSetup (1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\KiesSetup.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\kis15.0.1.415en_es_pt_fr_de_it_ru_6887.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\mbam-setup-1.75.0.1300.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\mbam-setup-2.1.8.1057.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\MobiGo_FR_fre_Setup.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\OpenOffice.org.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\pdf-creator_setup.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\PDFPro10tf_8871696.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\pkrinstall.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\PokerOffice5.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\PokerStarsInstallFR (1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\PokerStarsInstallFR.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\PT-Install-v4.06.3.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\Setup.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\SetupPoker_346aeb.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\SetupPoker_61064c.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\SetupPoker_c63c57.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\setup_tm++.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\Shockwave_Installer_Slim.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\skype (1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\skype (2).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\skype.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\SkypeSetup.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\WinamaxInstall.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\ZHPCleaner-2015.7.7.291.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\ZHPDiag3 (1).exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\ZHPDiag3-2015.7.7.85.exe:BDU AlternateDataStreams: C:\Users\stephane\Downloads\ZHPDiag3.exe:BDU ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3767297936-2895314001-1491492588-1001\...\adultfriendfinder.com -> hxxps://secure.adultfriendfinder.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3767297936-2895314001-1491492588-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stephane\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.jpg HKU\S-1-5-21-3767297936-2895314001-1491492588-1005\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-3767297936-2895314001-1491492588-501\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP\HP_Svinoya_Norway_Sunset.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "ApnUpdater" HKLM\...\StartupApproved\Run32: => "IminentMessenger" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "SweetIM" HKU\S-1-5-21-3767297936-2895314001-1491492588-1001\...\StartupApproved\Run: => "KiesPreload" HKU\S-1-5-21-3767297936-2895314001-1491492588-1001\...\StartupApproved\Run: => "" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{F0559670-6ACC-4088-87A7-45C8A667CA4C}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{2BE3F0A2-4949-4E9D-B4CC-299E4C80782F}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{9B4D2B87-9967-4820-BA83-F7D7C5E5A960}] => (Allow) LPort=1900 FirewallRules: [{CB1157A0-174C-4919-963F-2F117C621EED}] => (Allow) LPort=2869 FirewallRules: [{49E8F0E5-C015-4F0F-A9E0-9F4ED4551C2E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{2AAA91E4-DE50-4581-8FEB-BAF1DB23E6A8}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{D342D01B-71E5-4BA8-8B55-A1F87CDD759C}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{B5358A22-38EF-4172-8B5D-58EBF52477C8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5677177A-E5DD-4D0E-AC02-C2BBCC9E6D89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E37F722B-1512-42F2-A86C-0E398D157385}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2E6453C1-812B-421F-B11E-2C63FA524DCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4D867210-B0D5-4445-859B-2E1ADA2F9BFB}] => (Allow) C:\Users\stephane\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{91E38E36-2184-47E7-AB4C-051F721E045B}] => (Allow) C:\Users\stephane\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{B2A7CFBC-95E9-49B0-B1BC-DEA865F5097C}] => (Allow) c:\WINDOWS\Prey\versions\1.3.9\bin\node.exe FirewallRules: [TCP Query User{5FA557A0-9BE3-4028-8465-3330C7A49256}C:\users\invité\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\invité\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{CEA53102-4BF1-417B-B1EF-2107B1DAE798}C:\users\invité\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\invité\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{E2B20977-1ABE-474B-84DC-7701DCF48301}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{006271B1-DC19-4114-83FD-42173551207C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{A6D54E30-4D09-4CA3-9FA5-4D6118463D69}C:\users\stephane\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\stephane\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{F223B945-AB63-41A4-8E42-2CC50DF9E976}C:\users\stephane\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\stephane\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{5F53737D-A14B-4BE1-A1BB-4DA0BA6C1590}] => (Allow) C:\postgreSQL\bin\stackbuilder.exe FirewallRules: [{D2C8DCF2-46F9-47F7-A3CA-50FE86F2B740}] => (Allow) C:\postgreSQL\bin\stackbuilder.exe FirewallRules: [{9966255C-156C-42B3-95FE-ACE69CCBD46A}] => (Allow) C:\postgreSQL\bin\stackbuilder.exe FirewallRules: [{B1192468-C195-4ABB-AECA-B5EA8199AB05}] => (Allow) C:\postgreSQL\bin\stackbuilder.exe FirewallRules: [{F7C3927C-2E33-47F6-BF68-80095EBF9113}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{A7A3D270-1179-41DE-93A9-3A656EF80747}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{ED85D541-7F4E-4478-98EB-BDEFB2D66DAA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{22AB5D33-162B-4C33-801D-2194D23D181B}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{A1C5E5DA-6FFA-4BFF-A343-09639ED3E956}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{91947A7E-4239-419D-9F8F-7E1ABDDD8DDB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [{63B7B62D-FFD9-4F20-BAEE-25CDA353B222}] => (Allow) LPort=53000 FirewallRules: [{A1D2D6A9-EECD-4882-83B2-B8077ABAFA6A}] => (Allow) LPort=52000 ==================== Faulty Device Manager Devices ============= Name: USB camera Description: USB camera Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/12/2015 03:03:00 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme LiveComm.exe version 17.5.9600.20911 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 14f4 Heure de début : 01d0bca25655d755 Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe ID de rapport : 51b020b6-2896-11e5-bf95-78e3b5b1f3c7 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (07/12/2015 03:02:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme LiveComm.exe version 17.5.9600.20911 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 14f4 Heure de début : 01d0bca25655d755 Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe ID de rapport : 4ed445e2-2896-11e5-bf95-78e3b5b1f3c7 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (07/12/2015 01:18:35 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme Explorer.EXE version 6.3.9600.17667 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : e84 Heure de début : 01d0bc93ebe90c2c Heure de fin : 0 Chemin d’accès de l’application : C:\WINDOWS\Explorer.EXE ID de rapport : 4fe0f894-2887-11e5-bf95-78e3b5b1f3c7 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (07/12/2015 12:04:29 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme LiveComm.exe version 17.5.9600.20911 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : bf0 Heure de début : 01d0bc24d7df9536 Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe ID de rapport : cba1cfb2-2818-11e5-bf95-78e3b5b1f3c7 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (07/11/2015 11:59:21 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme LiveComm.exe version 17.5.9600.20911 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1de8 Heure de début : 01d0bc24215f981d Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe ID de rapport : 14cbc306-2818-11e5-bf95-78e3b5b1f3c7 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (07/11/2015 10:23:41 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme LiveComm.exe version 17.5.9600.20911 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : a64 Heure de début : 01d0bc16c3d13a35 Heure de fin : 4294967295 Chemin d’accès de l’application : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe ID de rapport : b74ca778-280a-11e5-bf95-78e3b5b1f3c7 Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : ppleae38af2e007f4358a809ac99a64a67c1 Error: (07/11/2015 10:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4766 Error: (07/11/2015 10:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4766 Error: (07/11/2015 10:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/11/2015 10:10:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3359 System errors: ============= Error: (07/12/2015 01:26:13 PM) (Source: DCOM) (EventID: 10016) (User: pcchambre) Description: propres à l’applicationLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}pcchambreInvitéS-1-5-21-3767297936-2895314001-1491492588-501LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/12/2015 01:16:05 PM) (Source: DCOM) (EventID: 10016) (User: pcchambre) Description: propres à l’applicationLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}pcchambreInvitéS-1-5-21-3767297936-2895314001-1491492588-501LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/12/2015 01:14:39 PM) (Source: Schannel) (EventID: 4102) (User: AUTORITE NT) Description: Une erreur irrécupérable s’est produite lors de l’accès à la clé privée d’informations d’identification serveur SSL. Code d’erreur retourné à partir du module de chiffrement : 0x8009030d. État d’erreur interne : 10001. Error: (07/12/2015 12:22:36 AM) (Source: Schannel) (EventID: 4102) (User: AUTORITE NT) Description: Une erreur irrécupérable s’est produite lors de l’accès à la clé privée d’informations d’identification serveur SSL. Code d’erreur retourné à partir du module de chiffrement : 0x8009030d. État d’erreur interne : 10001. Error: (07/11/2015 08:44:30 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Le maître explorateur a reçu une annonce de serveur de l’ordinateur LIVEBOX qui pense qu’il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{16CABF74-7886-4D40-9CAD-B52713666747}. Le maître explorateur s’arrête ou une élection est provoquée. Error: (07/11/2015 04:47:24 PM) (Source: Schannel) (EventID: 4102) (User: AUTORITE NT) Description: Une erreur irrécupérable s’est produite lors de l’accès à la clé privée d’informations d’identification serveur SSL. Code d’erreur retourné à partir du module de chiffrement : 0x8009030d. État d’erreur interne : 10001. Error: (07/11/2015 04:47:22 PM) (Source: Schannel) (EventID: 4102) (User: AUTORITE NT) Description: Une erreur irrécupérable s’est produite lors de l’accès à la clé privée d’informations d’identification serveur SSL. Code d’erreur retourné à partir du module de chiffrement : 0x8009030d. État d’erreur interne : 10001. Error: (07/11/2015 04:45:14 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Le maître explorateur a reçu une annonce de serveur de l’ordinateur LIVEBOX qui pense qu’il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{16CABF74-7886-4D40-9CAD-B52713666747}. Le maître explorateur s’arrête ou une élection est provoquée. Error: (07/11/2015 04:44:55 PM) (Source: DCOM) (EventID: 10016) (User: PCCHAMBRE) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}pcchambrestephaneS-1-5-21-3767297936-2895314001-1491492588-1001LocalHost (avec LRPC)Non disponibleNon disponible Error: (07/11/2015 04:44:55 PM) (Source: DCOM) (EventID: 10016) (User: PCCHAMBRE) Description: propres à l’applicationLocalExécution{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}pcchambrestephaneS-1-5-21-3767297936-2895314001-1491492588-1001LocalHost (avec LRPC)Non disponibleNon disponible Microsoft Office: ========================= Error: (07/12/2015 03:03:00 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.2091114f401d0bca25655d7554294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe51b020b6-2896-11e5-bf95-78e3b5b1f3c7microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (07/12/2015 03:02:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.2091114f401d0bca25655d7554294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe4ed445e2-2896-11e5-bf95-78e3b5b1f3c7microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (07/12/2015 01:18:35 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Explorer.EXE6.3.9600.17667e8401d0bc93ebe90c2c0C:\WINDOWS\Explorer.EXE4fe0f894-2887-11e5-bf95-78e3b5b1f3c7 Error: (07/12/2015 12:04:29 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20911bf001d0bc24d7df95364294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.execba1cfb2-2818-11e5-bf95-78e3b5b1f3c7microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (07/11/2015 11:59:21 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.209111de801d0bc24215f981d4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe14cbc306-2818-11e5-bf95-78e3b5b1f3c7microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (07/11/2015 10:23:41 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20911a6401d0bc16c3d13a354294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exeb74ca778-280a-11e5-bf95-78e3b5b1f3c7microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (07/11/2015 10:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4766 Error: (07/11/2015 10:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4766 Error: (07/11/2015 10:10:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/11/2015 10:10:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3359 CodeIntegrity Errors: =================================== Date: 2013-02-04 15:47:34.871 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-02-04 15:05:32.846 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-02-04 14:06:04.872 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-02-04 12:44:38.109 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-02-04 12:29:32.161 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-02-03 18:59:58.344 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-02-03 18:54:13.730 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-02-03 17:39:59.059 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-02-03 16:38:21.183 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. Date: 2013-02-03 16:36:35.404 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_006\avcuf64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD A4-5300 APU with Radeon(tm) HD Graphics Percentage of memory in use: 71% Total physical RAM: 3479.52 MB Available physical RAM: 984.35 MB Total Virtual: 5911.52 MB Available Virtual: 1965.53 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:914.63 GB) (Free:810.99 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (Recovery Image) (Fixed) (Total:14.96 GB) (Free:1.81 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 96215511) Partition: GPT Partition Type. ==================== End of log ============================