Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-11-2017 Ran by chapot (16-11-2017 19:22:23) Running from C:\Users\chapot\Desktop Windows 7 Professional Service Pack 1 (X64) (2016-11-11 01:05:31) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2325129518-629193617-3776929264-500 - Administrator - Disabled) ASPNET (S-1-5-21-2325129518-629193617-3776929264-1002 - Limited - Enabled) chapot (S-1-5-21-2325129518-629193617-3776929264-1000 - Administrator - Enabled) => C:\Users\chapot Guest (S-1-5-21-2325129518-629193617-3776929264-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 1D6 XVM ModPack version 0.9.19l (HKLM-x32\...\{7313F684-7847-4D11-A237-1034666BAB86}_is1) (Version: 0.9.19l - panteror) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated) Aimersoft Video Converter Ultimate(Build 5.7.0.1) (HKLM-x32\...\Aimersoft Video Converter Ultimate_is1) (Version: 5.7.0.1 - Aimersoft Software) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 387.92 - NVIDIA Corporation) Hidden Apple Application Support (32 bits) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) Application Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.) Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.51.22728 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) BitTorrent (HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\BitTorrent) (Version: 7.10.0.43581 - BitTorrent Inc.) BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.7.307.8213 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) Dofus (HKLM-x32\...\2744A393-554C-4E35-A24F-DEF0392B4484-2) (Version: - Ankama) EaseUS Todo Backup Free 10.0 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.0 - CHENGDU YIWO Tech Development Co., Ltd) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) FileZilla Client 3.28.0 (HKLM-x32\...\FileZilla Client) (Version: 3.28.0 - Tim Kosse) ForHonorTT (HKLM-x32\...\Uplay Install 2184) (Version: - Ubisoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden GrabIt 1.7.4 Beta 2 (build 1014) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes) HandBrake 1.0.1 (HKLM-x32\...\HandBrake) (Version: 1.0.1 - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.12.1498 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) iTunes (HKLM\...\{27F29B96-1914-4F48-BD76-07E98D7832C6}) (Version: 12.7.1.14 - Apple Inc.) League of Legends (HKLM-x32\...\{11B73856-A062-4E6B-A80E-A3F380BBAB65}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) Logitech - Assistant pour jeux vidéo 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.) Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 4.7 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mises à jour NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden Mozilla Firefox 56.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 56.0.2 (x64 fr)) (Version: 56.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla) NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 387.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 387.92 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Pilote graphique 387.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 387.92 - NVIDIA Corporation) OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 10.5.4.63358 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Panneau de configuration NVIDIA 387.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 387.92 - NVIDIA Corporation) Hidden Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements) SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft) Tom Clancy's The Division PTS (HKLM-x32\...\Uplay Install 3502) (Version: - Ubisoft) UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x86) (HKLM-x32\...\{6EAAE1C0-6000-45FA-B46D-D206144925BF}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x86) (HKLM-x32\...\{f1203e43-4ddb-4280-974e-73f14d793dbd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 42.0 - Ubisoft) VIA Gestionnaire de périphériques de plate-forme (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Wondershare Filmora(Build 6.7.0) (HKLM-x32\...\Wondershare Filmora_is1) (Version: - Wondershare Software) XVM version 6.7.2 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.7.2 - XVM team) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-12] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-12] (AVAST Software) ContextMenuHandlers1: [AimersoftVideoConverterFileOpreation] -> {1AACB93E-AA97-47F1-BD02-8D2AF2815436} => C:\Windows\SysWOW64\AiCM64.dll [2013-08-23] () ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-12] (AVAST Software) ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2016-12-08] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2016-12-08] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-12] (AVAST Software) ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2016-12-08] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-06] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-12] (AVAST Software) ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {20E9F2E4-91A4-4979-9F8F-4E94D43ECB71} - System32\Tasks\{BDE4EE8D-43A3-4C5E-8C4F-55D3D5F0A8D4} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\m4ng_v5\m4ng_v4_Uninstal.exe" Task: {3BCA539B-CB25-4FF2-9217-8C8469F7820E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.) Task: {414F67E3-2C1C-4A18-9615-D7893D4E28E7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {420B683C-5D58-41A5-9B65-4AE36B08ED2A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation) Task: {44C3EA35-9552-415B-8808-1F81FBEB6549} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.) Task: {52F287D7-E2C0-47B8-A14A-E651D1AC0747} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) Task: {6F6AE029-4E09-444A-9084-E4BDCC07394A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-11] (Google Inc.) Task: {81E38338-FD54-4D5E-B9C7-E261EAD5AE7D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {8AF9936B-9BF5-45EC-90B2-5A09AE7EE557} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) Task: {8D248A7B-3BA4-4D2A-B77F-38AD983D1551} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-11] (Google Inc.) Task: {8D24C1E4-DE1D-4D71-AA7F-CB86363FFBF8} - \Yahoo! Powered folaf -> No File <==== ATTENTION Task: {8DA622C2-9855-4693-B205-DE3B92CEF1EB} - System32\Tasks\{1E124216-3EDB-4CAC-AD9A-948D6D4CAEDE} => C:\Windows\system32\pcalua.exe -a C:\Users\chapot\Downloads\sp47845.exe -d C:\Users\chapot\Downloads Task: {A3CF0AAB-7F72-4FF7-8BBD-77AB3C77BE39} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.) Task: {A774438F-1662-44FC-BFB2-61F24772195C} - System32\Tasks\SafeZone scheduled Autoupdate 1478856791 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software) Task: {AEDB728A-5472-47E8-B47C-EE8FDEDDA15D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation) Task: {B391970D-F8DC-485F-9510-B2AF4F458EC0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-12] (AVAST Software) Task: {B7B9157F-7588-40BA-93D6-04CFF620C0E1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) Task: {C72E0588-26CA-4825-AB1D-F09CFBDC3C04} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation) Task: {DE702BA0-D688-4636-B9D6-4A38E81EAF61} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation) Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION Task: {EC656A11-8CD8-4C12-B4C0-DD59A5D6BB54} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.) Task: {F6C35FC9-1F61-45AA-9975-B029B3B89191} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-16] (Adobe Systems Incorporated) Task: {F8EF0C0F-DB66-43C4-B398-9B44157B229F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Yahoo! Powered folaf.job => Wscript.exe C:\ProgramData\{6C7FA91C-E63D-23DA-60FB-BD98FAB93656}\moni.txt <==== ATTENTION ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-09-29 11:32 - 2017-09-29 11:32 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2017-04-16 22:33 - 2013-08-23 12:36 - 000721263 _____ () C:\Windows\SysWOW64\AiCM64.dll 2016-11-11 11:41 - 2012-05-23 08:01 - 000078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2016-11-11 11:41 - 2012-05-23 08:01 - 000386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2016-11-11 09:41 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-04-10 17:58 - 2016-12-06 01:46 - 000259264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 2017-07-29 08:00 - 2017-07-29 08:00 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe 2017-11-12 19:08 - 2017-11-12 19:08 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll 2017-11-12 19:08 - 2017-11-12 19:08 - 000169832 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll 2017-11-12 19:08 - 2017-11-12 19:08 - 000859216 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll 2017-11-12 19:08 - 2017-11-12 19:08 - 000292408 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-05-08 23:44 - 2017-05-08 23:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-10-20 15:22 - 2017-10-20 15:22 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll 2017-10-20 15:22 - 2017-10-20 15:22 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll 2017-11-12 19:08 - 2017-11-12 19:08 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2017-11-12 19:08 - 2017-11-12 19:08 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-11-12 19:08 - 2017-11-12 19:08 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-11-12 19:08 - 2017-11-12 19:08 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-11-12 19:08 - 2017-11-12 19:08 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll 2017-11-16 18:56 - 2017-11-16 18:56 - 005881408 _____ () C:\Program Files\AVAST Software\Avast\defs\17111610\algo.dll 2017-11-12 19:08 - 2017-11-12 19:08 - 000710056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-11-12 19:08 - 2017-11-12 19:08 - 000245608 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2017-10-14 22:34 - 2016-09-13 13:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2017-10-14 22:34 - 2016-09-13 13:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2017-10-14 22:34 - 2016-09-13 13:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2017-04-10 17:58 - 2016-03-01 13:00 - 000080936 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll 2017-04-10 17:58 - 2016-03-07 17:08 - 001291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2017-04-10 17:58 - 2004-10-05 02:08 - 000055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000019648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000090816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000024768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000188608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000182976 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000163520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt_RTTO.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000056000 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000018112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll 2017-04-10 17:58 - 2017-03-01 16:44 - 000123584 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000085696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000032960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000070336 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000160448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000296640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000078528 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll 2017-04-10 17:58 - 2016-12-09 08:09 - 000305856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSUtil.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000026304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CallbackOperator.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000074432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000142016 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000040128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000737984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000195776 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000414400 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000162496 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000029376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000114368 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000022720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000034496 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000054464 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000066240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000074944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000221376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000079040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000020672 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000138432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll 2017-04-10 17:58 - 2016-12-06 01:43 - 000021696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000045248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll 2017-07-03 19:38 - 2017-07-03 19:38 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-11-12 19:08 - 2017-11-12 19:08 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2016-11-11 09:41 - 2017-10-11 02:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-04-10 17:58 - 2016-12-06 01:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll 2016-11-11 09:41 - 2017-10-11 02:05 - 070805952 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2017-10-14 22:34 - 2017-05-12 10:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2016-11-11 09:34 - 2012-05-10 15:03 - 001198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7936 more sites. IE trusted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\webcompanion.com -> hxxp://webcompanion.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-2325129518-629193617-3776929264-1000\...\123simsen.com -> www.123simsen.com There are 7936 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2017-11-14 21:47 - 000454378 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com There are 15596 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2325129518-629193617-3776929264-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\chapot\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe MSCONFIG\startupreg: BitTorrent => "C:\Users\chapot\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe MSCONFIG\startupreg: BrowserPlugInHelper => C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: Gaijin.Net Agent => "C:\Users\chapot\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe MSCONFIG\startupreg: World of Tanks => "F:\World_of_Tanks\WargamingGameUpdater.exe" MSCONFIG\startupreg: World of Warships => "F:\Games\World_of_Warships\WargamingGameUpdater.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{76161838-FEFF-46A9-9A1A-55B0CC95080C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3C81BBAA-7CEA-4E3E-B913-0DDA7802EAA2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{81075F4F-76BA-45F0-A3B2-CAA1B7B8333C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C3D3637A-8387-46E6-86B0-04FF09D315AE}] => (Allow) F:\steam\Steam.exe FirewallRules: [{8ADCDFEC-CBED-463D-A074-3F25C42FA0DF}] => (Allow) F:\steam\Steam.exe FirewallRules: [TCP Query User{F68000C4-FC56-4009-8185-92D1BD88B4D9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{C2AC6138-956A-4E24-9B7D-357B30E9C1E4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{A5A4ADD9-27CF-47F9-A5EC-DFDF0A6A43E4}] => (Allow) F:\steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{AB10F62B-22CD-4611-8619-F22ECA29D906}] => (Allow) F:\steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{7DA4027A-5BC7-46C6-8B28-8143AB9FECF9}] => (Allow) F:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{073AE621-7A0B-4942-B574-B3FB85510210}] => (Allow) F:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{D54FD9E1-CF06-41EB-9F47-254F8F129415}] => (Allow) F:\steam\steamapps\common\EVERSPACE\RSG\Binaries\Win64\RSG-Win64-Shipping.exe FirewallRules: [{6CD54F8E-FB93-4F14-AE08-38450FD73B61}] => (Allow) F:\steam\steamapps\common\EVERSPACE\RSG\Binaries\Win64\RSG-Win64-Shipping.exe FirewallRules: [{7F3B00EA-8E52-4C13-9AD6-8A2352D844F6}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [{3E4073F3-8250-40B7-9473-B369FD4B7E79}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [TCP Query User{47722D11-9205-410A-8F11-674A19F605AD}E:\jeux uplay\forhonortt\forhonor.exe] => (Allow) E:\jeux uplay\forhonortt\forhonor.exe FirewallRules: [UDP Query User{86BAE923-9B29-4E23-B549-D556734E181E}E:\jeux uplay\forhonortt\forhonor.exe] => (Allow) E:\jeux uplay\forhonortt\forhonor.exe FirewallRules: [{42F57E23-91C9-4379-B1DE-55F58E99F509}] => (Allow) E:\jeux uplay\Assassin's Creed III\AC3SP.exe FirewallRules: [{B22BB514-8AA7-436C-8CD1-BCC49A193B45}] => (Allow) E:\jeux uplay\Assassin's Creed III\AC3SP.exe FirewallRules: [{6A5AFF1F-82A3-4936-8857-2B4EE8E2A1C9}] => (Allow) E:\jeux uplay\Assassin's Creed III\AC3MP.exe FirewallRules: [{2DCD4517-9A1F-4046-8511-D5616A10801D}] => (Allow) E:\jeux uplay\Assassin's Creed III\AC3MP.exe FirewallRules: [{DA6F6B78-A29B-4743-94AF-57A074FA2053}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{45323F5F-0D9E-40DF-9D96-44B9376DEDFE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{FF4D5691-1330-43E2-BE57-386351ABC9FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{9059E696-8185-4979-B387-2FB955209B6A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{25AC02DB-3B77-4537-A4E8-BEC27F1BBA1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{3BAFEF9E-F903-4176-B3EF-E30BCA610A20}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{4293127A-8DB1-49DB-A410-AE00F85EFAA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{9FE7CFA5-9860-458B-B011-DB818232C1EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2223E76E-0281-4C3F-BA4C-DDE972272D7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{531F9FB1-34CF-4843-B1C3-1244FF904765}F:\world_of_tanks\wotlauncher.exe] => (Allow) F:\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{0F05CF5E-C972-447D-B8BB-C0076F536958}F:\world_of_tanks\wotlauncher.exe] => (Allow) F:\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{21894380-F478-42A5-B9A8-1F20245A117D}F:\world_of_tanks\worldoftanks.exe] => (Allow) F:\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{C161DFBC-903E-4878-B21E-36C25932BC2F}F:\world_of_tanks\worldoftanks.exe] => (Allow) F:\world_of_tanks\worldoftanks.exe FirewallRules: [TCP Query User{B034E924-8941-49F9-85C4-A0FF7B16D38F}F:\war thunder\launcher.exe] => (Allow) F:\war thunder\launcher.exe FirewallRules: [UDP Query User{F3C0284A-1D27-45CA-AE9E-5F3F4767FED7}F:\war thunder\launcher.exe] => (Allow) F:\war thunder\launcher.exe FirewallRules: [TCP Query User{FA167DF4-99F2-4A04-94EB-F59319D57AD3}F:\war thunder\win64\aces.exe] => (Allow) F:\war thunder\win64\aces.exe FirewallRules: [UDP Query User{9361035B-071C-48B5-9489-8CACB4A557CD}F:\war thunder\win64\aces.exe] => (Allow) F:\war thunder\win64\aces.exe FirewallRules: [{1213F01D-ED2E-491E-AD74-301BEE047699}] => (Allow) F:\steam\steamapps\common\Wakfu\transition\transition.exe FirewallRules: [{51DA36EB-C246-4882-9A31-1A42A7B50658}] => (Allow) F:\steam\steamapps\common\Wakfu\transition\transition.exe FirewallRules: [TCP Query User{693030DC-F5B7-4911-A010-9F5724AA8987}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe FirewallRules: [UDP Query User{0282D6A7-1364-48E2-8C38-45934C4C2942}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe FirewallRules: [{0B8084CA-A57B-43DC-A16A-42569881B775}] => (Block) C:\program files\filezilla ftp client\filezilla.exe FirewallRules: [{8A2A13E1-1B2E-4330-B6B3-C62ECFA9FCF1}] => (Block) C:\program files\filezilla ftp client\filezilla.exe FirewallRules: [TCP Query User{8D70EDA0-9783-4990-845C-F27FE0F4FA2B}F:\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) F:\steam\steamapps\common\lord of the rings online\lotroclient.exe FirewallRules: [UDP Query User{D62EBA95-9CFB-40E9-80C9-5C10A959BC3C}F:\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) F:\steam\steamapps\common\lord of the rings online\lotroclient.exe FirewallRules: [{8EAF1C1A-25BF-4A6F-B365-ED0D492D6D71}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{E2B22CF0-69C2-40D0-ACD5-C4CEA952CE83}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{3850C44D-A46F-4985-84DF-6B7B981FC71E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{835CBF9D-BEC8-44A5-A449-235F4FEED669}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{D35AA8CC-9C4E-412B-9D91-D4A0C8F7478D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{498EA868-248A-4465-B702-272304B473EB}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [TCP Query User{95CDA805-A1C8-4120-B465-3EFCD58B9FAD}C:\program files (x86)\aimersoft\video converter ultimate\urlreqservice.exe] => (Allow) C:\program files (x86)\aimersoft\video converter ultimate\urlreqservice.exe FirewallRules: [UDP Query User{DE745D66-107C-40FE-B7D0-F2997AE2F9EE}C:\program files (x86)\aimersoft\video converter ultimate\urlreqservice.exe] => (Allow) C:\program files (x86)\aimersoft\video converter ultimate\urlreqservice.exe FirewallRules: [TCP Query User{FB6ABF91-908B-48A1-8020-A5F8B04AD7D3}F:\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) F:\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe FirewallRules: [UDP Query User{F8BCEA99-0C9E-40EE-AE45-C3BDEA5E6C40}F:\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) F:\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe FirewallRules: [{307E5A0E-BB35-4EA1-AAE1-7D78EA8D7EFE}] => (Allow) C:\Users\chapot\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{62E799EA-4FCB-44B3-B312-9BD61CD80CB4}] => (Allow) C:\Users\chapot\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{28FFE96B-54CC-42C3-B739-3F04A0D44E92}] => (Allow) C:\Users\chapot\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{81BF3E5A-1BA9-41CF-9336-889EBF91616C}] => (Allow) C:\Users\chapot\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{280C450C-58AD-4151-ACFF-3E181E768DBA}] => (Allow) C:\Users\chapot\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{9D89B572-1DD9-4823-B0B7-65488FB6E22E}] => (Allow) C:\Users\chapot\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{B571CE07-8999-40A8-A466-9100F75C99B0}] => (Allow) E:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{6485AE44-3B28-4F60-9B5B-2121BC1FF957}] => (Allow) E:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [TCP Query User{1D4BA815-5603-4E6A-8E2C-E6B16338ED92}F:\games\world_of_warships\wowslauncher.exe] => (Allow) F:\games\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{F57623FA-BFF0-4500-8151-2814E5CF0E9C}F:\games\world_of_warships\wowslauncher.exe] => (Allow) F:\games\world_of_warships\wowslauncher.exe FirewallRules: [{46336398-E3CA-4E41-BC1C-7BC7646D41B9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe FirewallRules: [{1863419F-D54B-4580-B05B-A516E5231EDC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe FirewallRules: [{E17C414C-3A67-4603-8E36-AB131493333D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe FirewallRules: [{400FC748-01F8-45DA-943A-9B8AA182F107}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe FirewallRules: [{E2221691-E26D-405C-9661-313ABB570420}] => (Allow) E:\SteamLibrary\steamapps\common\firstassault\Shipping\GAME.exe FirewallRules: [{9F21E3DB-26EA-4DB0-8066-370753423A37}] => (Allow) E:\SteamLibrary\steamapps\common\firstassault\Shipping\GAME.exe FirewallRules: [{4B3C65F0-37AC-4ED0-BEDC-AD27ED232986}] => (Allow) F:\jeux origin\Battlefield 1\bf1Trial.exe FirewallRules: [{71064ED8-3851-4CC1-87C5-C7D77FC09CA7}] => (Allow) F:\jeux origin\Battlefield 1\bf1Trial.exe FirewallRules: [{C0A9E001-F2E9-4FEF-AB4E-84B877A7CFE0}] => (Allow) F:\jeux origin\Battlefield 1\bf1.exe FirewallRules: [{727DC0F6-CD4F-4AD1-AF8C-C994FE076CBD}] => (Allow) F:\jeux origin\Battlefield 1\bf1.exe FirewallRules: [{2DD3E597-6FDA-49FC-879D-259829B858AD}] => (Allow) E:\SteamLibrary\steamapps\common\firstassault\Shipping\nxsteam.exe FirewallRules: [{13BA92AC-08B4-46E9-8F82-2552C1D6EB1B}] => (Allow) E:\SteamLibrary\steamapps\common\firstassault\Shipping\nxsteam.exe FirewallRules: [{F9A92D55-7F98-4DDE-A641-8CFB28995105}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{D1A310AC-64F9-48C3-899B-927F03D316B3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{404B65DC-DCFD-4D27-9668-522C7E90676E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{FE1F3DAA-7C7A-4F72-9723-6241569007CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2741240E-9401-4173-8B35-A3D639F8154F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B1D4127B-ADA3-4D93-9E8B-686FBA12698A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FCD1CEB7-AD5D-4FFB-89DA-9959CFEB251B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{C17F0CFC-57FD-4369-83ED-A6A811000CDB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{7FBB767D-2D17-4962-8205-CD1048AF779F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{6AB1DD24-8E4D-4E45-BFE8-1FB90B135AEC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{F79D1B6C-0FCA-4771-81E8-E764321665FD}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{54E7364A-D91A-41F6-B0FC-62EAD8C1445C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{482A6CDE-2EF5-4D2D-BEEA-2BCFD947CAFE}] => (Allow) F:\jeux origin\Battlefield 4\BFLauncher.exe FirewallRules: [{60009FC4-5B77-4F66-8628-727632AD3BA0}] => (Allow) F:\jeux origin\Battlefield 4\BFLauncher.exe FirewallRules: [{7FF71C3C-F39C-432C-B5EF-1AF76D87BB89}] => (Allow) F:\jeux origin\Battlefield 4\BFLauncher_x86.exe FirewallRules: [{16FD9CCB-3DBB-446E-B5C1-88E1842754A1}] => (Allow) F:\jeux origin\Battlefield 4\BFLauncher_x86.exe FirewallRules: [{15C3D2D8-6CA2-4FA0-BB81-37AB0A1472E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{8997881C-C276-49C7-8B70-7C7004BC2B4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{FD6AC7F4-2EB5-4918-A681-670D991BC1C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0ACDD1FC-9E02-4054-876B-79BF7C234E8A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{FB26C9D8-4E7A-4A59-BC67-0022C63A9E47}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe FirewallRules: [{8A61BBA5-EF24-405E-90BE-8F78E18EB107}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe FirewallRules: [{F2FBC8B4-ECBB-4205-AE56-58C68E48FD23}] => (Allow) E:\SteamLibrary\steamapps\common\firstassault\Shipping\nxsteam.exe FirewallRules: [{B12A60EC-8FCC-4803-B7F2-D902AE1437D6}] => (Allow) E:\SteamLibrary\steamapps\common\firstassault\Shipping\nxsteam.exe FirewallRules: [{DAA17ED3-6357-4713-A4BC-AE6C780085B0}] => (Allow) E:\SteamLibrary\steamapps\common\firstassault\Shipping\GAME.exe FirewallRules: [{78072758-4F6B-4919-A0B8-84F7A3AA9D21}] => (Allow) E:\SteamLibrary\steamapps\common\firstassault\Shipping\GAME.exe FirewallRules: [{4ACB83BD-2026-4751-869B-8E5BA3888F63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{5E2020E3-B7C8-4B72-886E-8AB79E4A3BA1}] => (Allow) F:\jeux origin\Battlefield 1\bf1Trial.exe FirewallRules: [{79E85FEE-39E1-4DC6-954F-DFB7CC8D96E9}] => (Allow) F:\jeux origin\Battlefield 1\bf1Trial.exe FirewallRules: [{C312DD39-732E-4E8D-BC92-4510DD779080}] => (Allow) F:\jeux origin\Battlefield 1\bf1.exe FirewallRules: [{B7B4FEF7-CD34-4604-9C9D-1B0A01E8B48E}] => (Allow) F:\jeux origin\Battlefield 1\bf1.exe FirewallRules: [{EDEAE4CC-D3B7-4428-AE32-8CDEEBB4FE07}] => (Allow) F:\jeux Uplay\Tom Clancy's The Division\TheDivision.exe FirewallRules: [{C461D7A7-F2DA-44CA-974C-411D437A6017}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4BB510E7-803B-4160-B038-D5F85951E920}] => (Allow) C:\Program Files\iTunes\iTunes.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 16-11-2017 00:29:44 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/16/2017 07:03:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. Error: (11/16/2017 06:56:51 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. Error: (11/16/2017 06:54:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. Error: (11/15/2017 10:56:55 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\Tools.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\Tools.dll » à la ligne 2. L’élément racine du fichier manifeste doit être assembly. Error: (11/15/2017 10:56:55 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dll » à la ligne 2. L’élément racine du fichier manifeste doit être assembly. Error: (11/15/2017 10:56:55 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDTasks.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDTasks.dll » à la ligne 2. L’élément racine du fichier manifeste doit être assembly. Error: (11/15/2017 10:56:55 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDResources.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDResources.dll » à la ligne 2. L’élément racine du fichier manifeste doit être assembly. Error: (11/15/2017 10:56:54 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDLists.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDLists.dll » à la ligne 2. L’élément racine du fichier manifeste doit être assembly. Error: (11/15/2017 10:56:54 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDLicense.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDLicense.dll » à la ligne 2. L’élément racine du fichier manifeste doit être assembly. Error: (11/15/2017 10:56:54 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: La création du contexte d’activation a échoué pour « c:\program files (x86)\spybot - search & destroy 2\SDImmunizeLibrary.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\spybot - search & destroy 2\SDImmunizeLibrary.dll » à la ligne 2. L’élément racine du fichier manifeste doit être assembly. System errors: ============= Error: (11/16/2017 07:03:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Origin Web Helper Service n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (11/16/2017 07:03:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Origin Web Helper Service. Error: (11/16/2017 06:56:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Origin Web Helper Service n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (11/16/2017 06:56:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Origin Web Helper Service. Error: (11/16/2017 06:54:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Origin Web Helper Service n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (11/16/2017 06:54:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Origin Web Helper Service. Error: (11/15/2017 10:55:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070643 : Mise à jour pour Windows 7 pour ordinateurs à processeur x64 (KB2952664). Error: (11/15/2017 10:55:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070643 : 2017-11 Correctif cumulatif mensuel de qualité pour Windows 7 pour les systèmes basés sur x64 (KB4048957). Error: (11/15/2017 10:51:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Origin Web Helper Service n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (11/15/2017 10:51:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Origin Web Helper Service. CodeIntegrity: =================================== Date: 2016-11-24 20:54:14.293 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2016-11-24 20:54:14.266 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2016-11-24 20:54:14.240 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2016-11-24 20:54:14.216 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2016-11-24 20:54:13.470 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_d3c9923ab016e8cf\Win32_Tpm.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2016-11-24 20:54:13.445 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_d3c9923ab016e8cf\Win32_Tpm.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2016-11-24 20:54:13.420 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_d3c9923ab016e8cf\Win32_Tpm.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2016-11-24 20:54:13.398 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6000.16386_none_d3c9923ab016e8cf\Win32_Tpm.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2016-11-24 20:46:58.743 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2016-11-24 20:46:58.713 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Percentage of memory in use: 23% Total physical RAM: 16342.34 MB Available physical RAM: 12543.46 MB Total Virtual: 32682.86 MB Available Virtual: 28919.6 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:1.61 GB) NTFS Drive d: (Nouveau nom) (Fixed) (Total:119.24 GB) (Free:23.95 GB) NTFS Drive e: (stockage2) (Fixed) (Total:488.24 GB) (Free:39.04 GB) NTFS ==>[system with boot components (obtained from drive)] Drive f: (stockage) (Fixed) (Total:443.28 GB) (Free:44.25 GB) NTFS Drive h: (WAR_FOR_PLANET_OF_THE_APES) (CDROM) (Total:4.38 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 36B5F3FC) Partition 1: (Active) - (Size=488.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=443.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 58EBBAAC) Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 1AE77121) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================