Jump to content

matheo

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Sorry for the delay in providing further info. In the meantime, I tried various cleaning options, deactivated additional services,... I noticed that the computer is now slightly faster/smoother, but the fan keeps on running. I watched a video on youtube on how to disassemble my laptop (asus n55) and I am afraid I would not be able to re-assemble it. So the next task for me is to take the laptop to a computer shop and find out whether they could clean the fan. Thanks again for your assistance. Matheo
  2. Sorry, my mistake. I will try and get back to you. Thanks.
  3. Your explanations are clear. On my laptop, the ventilation slots are located on the left side only. So there is no possibility to "see through". But I will have a look at the slots with a torch anyway. Regarding the clean boot procedure, is there any way to restore the settings (start up and processes) to the situation before disabling all non-microsoft services (like a restore point)? Otherwise, I have to note down all the changes done in the start-up and process tabs. Could you please advise? Thanks again.
  4. Well, I am not sure to understand what you mean by "through from inlet grill to outlet". On my laptop, the ventilation grids are on the left side only, near the connection for the power cable. I do not have grid on the opposite side. Clean boot state: I understand the procedure described in the link. But once all non-Microsoft services and startup items are disabled, can I still use my laptop? I mean: can I run my computer normally using Firefox, Adobe Pro, autoCAD and browse safely on internet? For instance, how the antivirus software will be launched if it is disabled in the startup menu? Thanks for the clarification.
  5. Well, I would like to avoid opening the laptop case unless you tell me this is a safe operation. Is it just a matter of removing the five or six tiny screws on the bottom surface of the laptop or is it a more complicated task? For your information: I deliberately shut down the laptop during lunch time and I have just restarted it (five minutes ago). The fan is already running and the temperature of the CPU and motherboard given by Speccy is over 55°C. Is there any process or scheduled tasks or something else I could desactivate or clean without affecting the working of the laptop? Thanks.
  6. Hello, The log file was too long and could not be pasted; so you will find it in attachment. Note that several applications were open at the time the scan of Speccy was launched (Word, Excel, firefox, autoCAD, etc.). After closing most applications, the temperature of the motherboard and CPU went down to 50°C - 55°C. I cannot interpret the results of the log, but my attention was drawn to the following: why the core speed of Core 0 and Core 2 are much lower than Core 1 and Core 3? Cores Core 0 Core Speed 798,1 MHz Multiplier x 8,0 Bus Speed 99,8 MHz Temperature 59 °C Threads APIC ID: 0, 1 Core 1 Core Speed 2793,3 MHz Multiplier x 28,0 Bus Speed 99,8 MHz Temperature 56 °C Threads APIC ID: 2, 3 Core 2 Core Speed 1995,2 MHz Multiplier x 20,0 Bus Speed 99,8 MHz Temperature 58 °C Threads APIC ID: 4, 5 Core 3 Core Speed 2793,3 MHz Multiplier x 28,0 Bus Speed 99,8 MHz Temperature 59 °C Threads APIC ID: 6, 7 Thanks for your assistance. *** Speccy log file.txt
  7. Hello Kevin, Sorry for the delay. Here is the scan with ESET (two scans actually because I initially forgot to select the scan of archives). A few viruses were found, but I have not noticed any significant change with my computer since I started the cleaning process (although I have to admit that the boot time is much faster). For your info, the fan still runs a lot. Thanks. ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=498e906d349fa64fbecce83e076a60af # engine=23091 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2015-03-26 10:41:57 # local_time=2015-03-26 11:41:57 (+0100, Paris, Madrid) # country="France" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 78484 178996367 0 0 # scanned=632244 # found=3 # cleaned=3 # scan_time=8870 sh=D739CDF2C2C88B4A5D2C8A408847DCEC17B4D3E2 ft=0 fh=0000000000000000 vn="JS/Runner.NAD trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\Common Files\Centare\data.js" sh=83D9638EA113DCACECA6EB56667873E5B0EF404B ft=0 fh=0000000000000000 vn="VBS/AutoRun.EC worm (cleaned by deleting - quarantined)" ac=C fn="D:\01. Tu\00. Admin\Disque amovible\Thumbss.db" sh=40991E7C0C05832698AA14F94A6B2EFE89B8E8CD ft=0 fh=0000000000000000 vn="Win32/AutoRun.Agent.ABU worm (cleaned by deleting - quarantined)" ac=C fn="D:\02. Ma\10 (E)\J_Y.Jpg" ESETSmartInstaller@High as downloader log: all ok ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=498e906d349fa64fbecce83e076a60af # engine=23094 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2015-03-26 04:14:38 # local_time=2015-03-26 05:14:38 (+0100, Paris, Madrid) # country="France" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 98445 179016328 0 0 # scanned=632810 # found=6 # cleaned=6 # scan_time=16239 sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll" sh=FFA8B6510D624A55F3EB7FFD6D5221A44944681C ft=1 fh=3386eb0d6ed0e5e1 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnstub.exe" sh=1A3F14C0A66F9AF050D1F34FBACBAADC31751A07 ft=1 fh=2704a03a0f47b728 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe" sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe" sh=B289C53DBB01232884364F964E8A5BCCDFBCE00A ft=1 fh=20604ce9407285e3 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\FST\Documents\Divers à classer\Downloads\ccsetup310.exe" sh=99C2BC9BE86421B40A1CFCCF1E415D4566EB846C ft=1 fh=1b7e64734e70d22b vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\FST\Documents\Divers à classer\Downloads\gusetup.exe"
  8. I completed all tasks, but ESET online scanner (this will be done tomorrow). 1) Post Fixlog.txt Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by FST at 2015-03-25 23:25:43 Run:1 Running from C:\Users\FST\Desktop Loaded Profiles: UpdatusUser & FST & (Available profiles: UpdatusUser & FST) Boot Mode: Normal ============================================== Content of fixlist: ***************** start GroupPolicyUsers\S-1-5-21-1396719998-274977801-2340671913-1000\User: Group Policy restriction detected <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1396719998-274977801-2340671913-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1396719998-274977801-2340671913-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKU\.DEFAULT -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] C:\Users\FST\autoruns.exe C:\Users\FST\AppData\Local\Temp\avgnt.exe C:\Users\FST\AppData\Local\Temp\MaConfigSetupTemp.exe AlternateDataStreams: C:\ProgramData\Temp:3AE22B1A AlternateDataStreams: C:\ProgramData\Temp:3E7393FC AlternateDataStreams: C:\ProgramData\Temp:81F83028 AlternateDataStreams: C:\ProgramData\Temp:981884E7 AlternateDataStreams: C:\ProgramData\Temp:B804E799 EmptyTemp: end ***************** C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1396719998-274977801-2340671913-1000\User => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\S-1-5-21-1396719998-274977801-2340671913-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-21-1396719998-274977801-2340671913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully. HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found. cpuz136 => Service deleted successfully. ewusbmbb => Service deleted successfully. ew_hwusbdev => Service deleted successfully. ew_usbenumfilter => Service deleted successfully. huawei_cdcacm => Service deleted successfully. huawei_enumerator => Service deleted successfully. hwdatacard => Service deleted successfully. "C:\Users\FST\autoruns.exe" => File/Directory not found. "C:\Users\FST\AppData\Local\Temp\avgnt.exe" => File/Directory not found. "C:\Users\FST\AppData\Local\Temp\MaConfigSetupTemp.exe" => File/Directory not found. C:\ProgramData\Temp => ":3AE22B1A" ADS removed successfully. C:\ProgramData\Temp => ":3E7393FC" ADS removed successfully. C:\ProgramData\Temp => ":81F83028" ADS removed successfully. C:\ProgramData\Temp => ":981884E7" ADS removed successfully. C:\ProgramData\Temp => ":B804E799" ADS removed successfully. EmptyTemp: => Removed 619.6 MB temporary data. The system needed a reboot. ==== End of Fixlog 23:25:51 ==== 2) Post of Adwcleaner # AdwCleaner v4.113 - Rapport créé le 25/03/2015 à 23:40:49 # Mis à jour le 22/03/2015 par Xplode # Base de données : 2015-03-23.1 [serveur] # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (x64) # Nom d'utilisateur : fst - fst-PC # Exécuté depuis : C:\Users\fst\Desktop\AdwCleaner.exe # Option : Nettoyer ***** [ Services ] ***** ***** [ Fichiers / Dossiers ] ***** ***** [ Tâches planifiées ] ***** ***** [ Raccourcis ] ***** ***** [ Registre ] ***** Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd ***** [ Navigateurs ] ***** -\\ Internet Explorer v11.0.9600.17631 -\\ Mozilla Firefox v36.0.4 (x86 fr) -\\ Google Chrome v37.0.2062.124 ************************* AdwCleaner[R0].txt - [2434 octets] - [21/09/2014 11:13:09] AdwCleaner[R1].txt - [2338 octets] - [21/09/2014 16:59:17] AdwCleaner[s0].txt - [2566 octets] - [21/09/2014 17:01:58] AdwCleaner[s1].txt - [965 octets] - [25/03/2015 23:40:49] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1024 octets] ########## 3) Post of JRT Here, there was a problem. The scan deleted the "flexnet" files which are related to the activation of AutoCAD license. Hopefully, the problem was not difficult to solve and AutoCAD is now functioning well. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.4.6 (03.22.2015:1) OS: Windows 7 Home Premium x64 Ran by FST on 25/03/2015 at 23:52:40,16 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\flexnet" Successfully deleted: [Folder] "C:\Users\FST\AppData\Roaming\flexnet" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 25/03/2015 at 23:55:53,54 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  9. Finally, I am posting the addition.txt log: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015 Ran by FST at 2015-03-25 20:54:35 Running from C:\Users\FST\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7000E809a (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden 7000E809a_eDocs (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden 7000E809a_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated) Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) Akamai NetSession Interface (HKU\S-1-5-21-1396719998-274977801-2340671913-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Akamai NetSession Interface (HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version: - Akamai Technologies, Inc) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden Apple Application Support (32 bits) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AsMakeLink (HKLM\...\AsMakeLink) (Version: - ) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology) ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS) ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS Music Maker (HKLM-x32\...\MAGIX_MSI_mm17_silver_asus) (Version: 17.0.2.22 - MAGIX AG) ASUS Music Maker (x32 Version: 17.0.2.22 - MAGIX AG) Hidden ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{AECA3622-E634-4A55-A696-70A511CBE06E}) (Version: 2.0.3 - AsusTek Computer Inc.) ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4710 - CyberLink Corp.) ASUS Video Magic (x32 Version: 6.0.4710 - CyberLink Corp.) Hidden ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.) AsusScr_N5_En (HKLM-x32\...\AsusScr_N5_En) (Version: 1.0.0001 - ASUS) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS) AutoCAD LT 2009 - English (HKLM\...\AutoCAD LT 2009 - English) (Version: 17.2.56.0 - Autodesk) AutoCAD LT 2009 - English (Version: 17.2.56.0 - Autodesk) Hidden AutoCAD LT 2012 - English (HKLM\...\{5783F2D7-A009-0409-0102-0060B0CE6BBA}) (Version: - ) AutoCAD LT 2012 - English (HKLM\...\AutoCAD LT 2012 - English) (Version: 18.2.205.0 - Autodesk) AutoCAD LT 2012 - English SP2 (HKLM\...\AutoCAD LT 2012 - English SP2) (Version: 1 - Autodesk) AutoCAD LT 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk) Hidden AutoCAD LT 2014 - English (Version: 19.1.108.0 - Autodesk) Hidden AutoCAD LT 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD LT 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD LT 2015 - English (Version: 20.0.104.0 - Autodesk) Hidden AutoCAD LT 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden AutoCAD LT 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.2.3.1000 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.155.0 - Autodesk) Autodesk AutoCAD LT 2014 - English (HKLM\...\AutoCAD LT 2014 - English) (Version: 19.1.18.0 - Autodesk) Autodesk AutoCAD LT 2014 - English SP1 (HKLM\...\AutoCAD LT 2014 - English SP1) (Version: 1 - Autodesk) Autodesk AutoCAD LT 2015 - English (HKLM\...\AutoCAD LT 2015 - English) (Version: 20.0.51.0 - Autodesk) Autodesk AutoCAD LT 2015 - English SP1 (HKLM\...\AutoCAD LT 2015 - English SP1) (Version: 20.0.104.0 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Download Manager (HKLM-x32\...\{2F48C80C-3A76-495A-A4B5-C0CC946FEEBD}) (Version: 2.0.6.0 - Autodesk, Inc.) Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk) Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk) Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG) Avira (x32 Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira) AZprocede (uninstall all models) (HKLM-x32\...\AZprocede_is1) (Version: - AZprocede) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Canon MF8200C Series (HKLM\...\{C2938963-3BB0-41cd-9769-E28814C59075}) (Version: 4.2.0.0 - CANON INC.) CCAD (HKLM-x32\...\CCAD) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP) Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Centre Souris et Claviers Microsoft (Version: 2.3.188.0 - Microsoft Corporation) Hidden CLIMWAT 2.0 for CROPWAT (HKLM-x32\...\CLIMWAT 2.0 for CROPWAT) (Version: 2.0 - FAO of the UN) Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation) Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation) Copernic Agent Personal (HKLM-x32\...\Copernic Agent Personal) (Version: - Copernic) CROPWAT 8.0 for Windows (HKLM-x32\...\CROPWAT_is1) (Version: - FAO) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.) CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.0.1123_32710 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3327 - CyberLink Corp.) CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3122.52 - CyberLink Corp.) diarpa (C:\Program Files (x86)\diarpa\) (HKLM-x32\...\ST6UNST #2) (Version: - ) diarpa (HKLM-x32\...\ST6UNST #1) (Version: - ) Dropbox (HKU\S-1-5-21-1396719998-274977801-2340671913-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.) Dropbox (HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.) DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS) FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{0E1FE502-7536-4155-BBC6-7BE8E465DE08}) (Version: 2.1.29.0 - MAGIX AG) Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.) Garmin MapSource (HKLM-x32\...\{58FA5D40-E35A-47ED-8AFA-68CCC758559E}) (Version: 6.15.11 - Garmin Ltd or its subsidiaries) Garmin Trip and Waypoint Manager v5 (HKLM-x32\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries) Google Books Downloader version 2.3 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google) Google Earth (HKLM-x32\...\{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}) (Version: 7.0.2.8415 - Google) HEC-RAS 4.1.0 (HKLM-x32\...\{692F1402-6F45-42F3-9D82-9AAEFBFAD4A1}) (Version: 4.1.0 - Hydrologic Engineering Center) HELPS PumpSelection (HKLM-x32\...\KsbSpaixV2) (Version: - ) HP Deskjet 3050A J611 series Aide (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard) HP FWUpdateEDO3 (HKLM-x32\...\{A82D0C46-EBDF-4B27-A731-D06EF2056E81}) (Version: 1.0.0.0 - Hewlett-Packard Company) hppLaserJetService (x32 Version: 002.015.00599 - Hewlett-Packard) Hidden ICID-MTD (HKLM-x32\...\ICID-MTD) (Version: - ICID) ICID-MTD (x32 Version: 2.0 - GSPL) Hidden InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.2 - ASUS) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (HKLM\...\{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}) (Version: 1.1.0.0157 - Intel Corporation) Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation) Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel) Intel® WiDi (HKLM-x32\...\{25680C01-6753-4FE9-A891-7857F26457C1}) (Version: 2.1.35.0 - Intel Corporation) Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Java 6 Update 30 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416030FF}) (Version: 6.0.300 - Oracle) Java 6 Update 32 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle) Ma-Config.com (64 bits) (HKLM\...\{E1322B8A-6F66-44ED-95D5-7FEBC50AC814}) (Version: 7.1.5.0 - Cybelsoft) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Marketsplash Shortcuts (HKLM-x32\...\{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}) (Version: 1.0.0.9 - Hewlett-Packard) MATLAB Compiler Runtime 8.0 (32-bit) (HKLM-x32\...\MATLAB Compiler Runtime R2012b) (Version: 8.0 - The MathWorks, Inc.) Media Player Classic fr (HKLM-x32\...\Media Player Classic) (Version: 6.4.9.0 - ) Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 365 ProPlus - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 15.0.4701.1002 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{7C39E0D1-E138-42B1-B083-213EC2CF7692}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ Redist - ENU (HKLM-x32\...\{5E09E82C-004D-4F08-B051-46DE6D79F71A}) (Version: 8.0.50215.44 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation) Mises à jour NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) Module de compatibilité pour Microsoft Office System 2007 (HKLM-x32\...\{90120000-0020-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Mozilla Firefox 36.0.4 (x86 fr) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 fr)) (Version: 36.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Music Now! (HKLM-x32\...\InstallShield_{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}) (Version: 1.0.5.0 - Splashtop Inc.) Music Now! (x32 Version: 1.0.5.0 - Splashtop Inc.) Hidden Nero 11 InfoTool (HKLM-x32\...\{64BEF779-5053-48AF-A3D8-B70EBC1C70E7}) (Version: 11.0.00500 - Nero AG) NetafimCalc v2.21 (HKLM-x32\...\NetafimCalc_is1) (Version: - One Software Technologies Ltd) Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden New_LocClim (HKLM-x32\...\New_LocClim) (Version: 1.10 - FAO of the UN and GPCC at DWD) NVIDIA HD Audio Driver 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation) NVIDIA Pilote 3D Vision 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation) NVIDIA Pilote graphique 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - ) Panneau de configuration NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden Progr. désin. pilote d'impr. UFR II (HKLM\...\Canon UFR II Printer Driver) (Version: 5, 4, 0, 0 - Canon Inc.) Python 3.4.2 (HKLM-x32\...\{2583CDBA-8A53-4622-BB67-1D163714C1B4}) (Version: 3.4.16349 - Python Software Foundation) QGIS Dufour 2.0.1 Dufour (HKLM\...\QGIS Dufour) (Version: - QGIS Development Team) R for Windows 3.0.3 (HKLM\...\R for Windows 3.0.3_is1) (Version: 3.0.3 - R Core Team) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.) Sauvegarde des Dossiers personnels Microsoft Outlook (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation) Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP) Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.) SoftPerfect WiFi Guard version 1.0.4 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.4 - SoftPerfect Research) SonicMaster (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Surfer 7 (HKLM-x32\...\Surfer 7) (Version: - ) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated) syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables) SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 7.3.0.5 - 2BrightSparks) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation) Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN) WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden WinDirStat 1.1.2 (HKU\S-1-5-21-1396719998-274977801-2340671913-1001\...\WinDirStat) (Version: - ) WinDirStat 1.1.2 (HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version: - ) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1396719998-274977801-2340671913-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\FST\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1396719998-274977801-2340671913-1001_Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1396719998-274977801-2340671913-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2012 - English\acadltficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1396719998-274977801-2340671913-1001_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD LT 2009\acadlt.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1396719998-274977801-2340671913-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2012 - English\acadlt.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1396719998-274977801-2340671913-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FST\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File CustomCLSID: HKU\S-1-5-21-1396719998-274977801-2340671913-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FST\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File CustomCLSID: HKU\S-1-5-21-1396719998-274977801-2340671913-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FST\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File CustomCLSID: HKU\S-1-5-21-1396719998-274977801-2340671913-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FST\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File ==================== Restore Points ========================= 05-03-2015 11:44:54 Today 05-03-2015 11:47:38 Revo Uninstaller's restore point - SyncBackSE 13-03-2015 14:51:04 Installed iTunes 20-03-2015 20:19:51 Windows Update 23-03-2015 08:24:28 Removed Adobe Acrobat 8 Professional - English, Français, Deutsch 23-03-2015 16:35:03 Installed Adobe Acrobat 8 Professional - English, Français, Deutsch 23-03-2015 23:57:26 Removed Adobe Acrobat 8 Professional - English, Français, Deutsch 24-03-2015 00:08:22 Installed Adobe Acrobat 8 Professional - English, Français, Deutsch 24-03-2015 09:45:47 Removed Java 8 Update 40 24-03-2015 10:01:36 Removed Java 7 Update 51 (64-bit) 24-03-2015 18:26:05 Installed Ma-Config.com (64 bits) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2014-09-22 13:21 - 00000768 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0A62C694-47CD-4344-A43A-6D5B1D233C55} - System32\Tasks\{95A97A6A-F170-46CB-8B8E-964DA54BA4E3} => pcalua.exe -a E:\HPZstub.exe Task: {0AF39A9D-9D29-4198-B77D-9219B62C5CCA} - System32\Tasks\{226DC36E-3EBA-4255-84B9-99867223D7C7} => pcalua.exe -a "C:\Users\FST\Documents\Divers à classer\Verbatim\Memento (D)\Bib\Diarpa\DIARPA\setup.exe" -d "C:\Users\FST\Documents\Divers à classer\Verbatim\Memento (D)\Bib\Diarpa\DIARPA" Task: {1A7A617C-BE58-4D37-8E08-18132B83EE3B} - System32\Tasks\ASC7_SkipUac_FST => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-05-23] (IObit) Task: {284E5358-38BC-4BB3-B737-9231F678CD5F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1396719998-274977801-2340671913-1001UA => C:\Users\FST\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-08] (Google Inc.) Task: {335CE5AE-5CBD-4502-9059-BAD975989CBB} - System32\Tasks\{0C6330EB-385B-4BC4-9EA9-143B1D28B61C} => C:\Program Files (x86)\asus\VirtualCamera\VirCam.exe Task: {36BE612D-4D40-4C5B-B390-50342B55B72C} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS) Task: {3B5BE5E1-1DFC-48BB-B091-77DB047DD83E} - System32\Tasks\Driver Booster SkipUAC (FST) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {4A7182AD-3E9E-40C6-91AF-CC14687F5435} - System32\Tasks\{FF025594-E829-4079-AC1B-C9D83D61C9D5} => C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe [2012-12-19] (ASUSTek Computer Inc. All rights reserved.) Task: {530DDA6F-A8F7-40CC-AF0F-D418F1E49E41} - System32\Tasks\Microsoft Office 15 Sync Maintenance for FST-PC-FST FST-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation) Task: {55690EA4-2566-4F9B-8185-B5B06FB4DAFC} - System32\Tasks\{8505C41C-0840-40E8-B80E-659A8D62D345} => C:\Program Files (x86)\asus\VirtualCamera\VirCam.exe Task: {5B254563-AD70-4203-8D28-9E427095CAE6} - System32\Tasks\{B2C3B9F1-5947-447A-8EAC-BD1A63F4496D} => C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe [2012-12-19] (ASUSTek Computer Inc. All rights reserved.) Task: {5F1E70B7-AB59-4CA3-9EB5-894DDE254AD3} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {5F661FCF-57EC-47AC-A372-3338B58EA974} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe Task: {60F398C6-F009-4FEB-B4EF-955537F134F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.) Task: {6C0EA71A-2288-4489-8E72-F4B266FE8535} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2011-06-30] (ASUSTek Computer Inc.) Task: {708061F9-302C-4691-BF8F-90653E17DDDD} - System32\Tasks\{75E73431-AB9D-4CD9-BBFD-D2EBBE89543E} => pcalua.exe -a "C:\Program Files\ZTEMT UI\bin\Installer.exe" -d "C:\Program Files\ZTEMT UI\bin" Task: {70902EC1-4EF7-414D-AE3D-41A5CE79E2FA} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS) Task: {70B4C873-05BD-4E27-A514-3B6DC93A493E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {71E6568B-B607-4F9F-8178-EFB3223EDDC7} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS) Task: {73169088-96A5-4835-AE5B-65E7C31F73CD} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS) Task: {749960C8-EEEE-435B-BBE9-78E1820D351A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {823A37DA-3BFA-4D0E-8CC5-A5CE5B5293A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {84A77F86-B445-48DE-B57F-B89B693CD5C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.) Task: {878938C6-563A-480A-AF50-A21B7EA9737D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {88F7A924-C8FE-47AA-99A7-F9B3C6FD4429} - System32\Tasks\{ED73052F-B1E7-41CB-B32C-6DEC1C141137} => C:\Program Files (x86)\asus\VirtualCamera\VirCam.exe Task: {A652CE27-D01C-4E36-8248-A2B33A96E506} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2010-11-24] (CyberLink) Task: {AA40ABC4-A2D6-49F0-BDDF-400A14957473} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation) Task: {B5598100-0489-4E27-95DD-809E9BAA4989} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation) Task: {B76FA117-686E-432A-8B6D-09B85011D07F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation) Task: {B788EB81-5A05-4ADD-B7D8-F0AB236E9D98} - System32\Tasks\{E76938DE-05F6-445C-9482-5BEEFC919B38} => pcalua.exe -a F:\bib_virt\Diarpa\DIARPA\Support\SETUP.EXE -d F:\bib_virt\Diarpa\DIARPA\Support Task: {B98E7631-8960-4F20-9310-40230D5D2A49} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe Task: {BB62E224-CE1F-4A4D-B721-FF6048C756E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-13] (Adobe Systems Incorporated) Task: {C6D89A29-6158-4BCC-9012-AEC84EDDA9B6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1396719998-274977801-2340671913-1001Core => C:\Users\FST\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-08] (Google Inc.) Task: {D7D73AEF-9BA1-4BC8-BF4E-BFF38A078A96} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {D9C0420A-0CAE-489E-B492-48DAAC9ED74C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation) Task: {DB1BEE33-4DCB-4C11-9FAE-58A21B5C8526} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {E1AA000B-4A11-4B48-8B8E-C6821B7C644B} - System32\Tasks\{58FC2B6B-3804-4799-A7DB-600CDBD351BD} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE Task: {F0722E4D-7468-48E8-B5F2-CC044E28875A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation) Task: {F19077EC-7294-4D04-9242-9FA84635C3D5} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1396719998-274977801-2340671913-1001 Task: {FAEB0FF3-C533-464F-B56A-377DAEAF0C4A} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ASUS SmartLogon Console Sensor.job => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1396719998-274977801-2340671913-1001Core.job => C:\Users\FST\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1396719998-274977801-2340671913-1001UA.job => C:\Users\FST\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2013-05-05 11:19 - 2013-08-29 23:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2013-05-31 16:37 - 2013-04-15 10:50 - 00198144 _____ () C:\Windows\System32\HP1006LM.DLL 2014-07-04 17:12 - 2012-08-31 14:03 - 00288768 _____ () C:\Windows\System32\HP1100LM.DLL 2013-05-31 16:37 - 2013-04-15 10:50 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1006PP.dll 2014-07-04 17:12 - 2012-08-31 14:02 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL 2013-10-13 20:59 - 2010-03-31 09:51 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.DLL 2014-07-04 17:12 - 2012-08-31 14:02 - 01038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1100GC.dll 2014-07-04 17:12 - 2012-08-31 14:03 - 03034112 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hp1100su.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2010-07-15 00:11 - 2010-07-15 00:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll 2010-04-03 03:21 - 2008-10-01 07:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2011-09-23 09:29 - 2007-11-30 19:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe 2011-08-19 03:32 - 2011-05-24 01:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll 2011-08-19 03:33 - 2011-05-05 13:30 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll 2014-05-01 19:05 - 2014-05-01 19:05 - 00232328 _____ () C:\Program Files\Autodesk\Autodesk Sync\qjson_Ad_0.dll 2014-05-01 19:05 - 2014-05-01 19:05 - 00059784 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll 2014-05-01 19:05 - 2014-05-01 19:05 - 00922504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll 2014-05-01 19:05 - 2014-05-01 19:05 - 00048520 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll 2011-09-23 09:36 - 2011-02-15 06:35 - 00249856 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2014-03-23 10:23 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-08-10 09:46 - 2014-06-21 07:19 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2014-08-10 09:46 - 2014-06-21 07:19 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2014-06-20 07:23 - 2014-11-14 09:26 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll 2014-06-20 07:23 - 2014-11-14 09:26 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2015-03-04 23:26 - 2015-02-10 10:59 - 01032352 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:3AE22B1A AlternateDataStreams: C:\ProgramData\Temp:3E7393FC AlternateDataStreams: C:\ProgramData\Temp:81F83028 AlternateDataStreams: C:\ProgramData\Temp:981884E7 AlternateDataStreams: C:\ProgramData\Temp:B804E799 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1396719998-274977801-2340671913-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\FST\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\FST\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 3 MSCONFIG\Services: Apple Mobile Device => 3 MSCONFIG\Services: Bluetooth Device Monitor => 3 MSCONFIG\Services: Bluetooth Media Service => 3 MSCONFIG\Services: Bluetooth OBEX Service => 3 MSCONFIG\Services: CLKMSVC10_38F51D56 => 2 MSCONFIG\Services: FLEXnet Licensing Service 64 => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HP LaserJet Service => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: MaConfigAgent => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: rpcapd => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk => C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Acrobat.lnk => C:\Windows\pss\Lancement rapide d'Adobe Acrobat.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^FST^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Envoyer à OneNote.lnk => C:\Windows\pss\Envoyer à OneNote.lnk.Startup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" MSCONFIG\startupreg: Google Update => "C:\Users\FST\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: HP LaserJet Professional CM1410 Series Fax => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet Professional CM1410 Series Fax" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey MSCONFIG\startupreg: Nuance PDF Reader-reminder => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SonicMasterTray => C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" MSCONFIG\startupreg: Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ==================== Accounts: ============================= Administrateur (S-1-5-21-1396719998-274977801-2340671913-500 - Administrator - Disabled) FST (S-1-5-21-1396719998-274977801-2340671913-1001 - Administrator - Enabled) => C:\Users\FST Invité (S-1-5-21-1396719998-274977801-2340671913-501 - Limited - Disabled) UpdatusUser (S-1-5-21-1396719998-274977801-2340671913-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= Name: Officejet 7500 E910 Description: Officejet 7500 E910 Class Guid: Manufacturer: Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: HP LaserJet Professional P1102w Description: HP LaserJet Professional P1102w Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: Hewlett-Packard Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: HP LaserJet CM1415fnw Description: HP LaserJet CM1415fnw Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: Hewlett-Packard Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Officejet 7500 E910 Description: Officejet 7500 E910 Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: ASUS USB2.0 Webcam Description: Périphérique vidéo USB Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (03/25/2015 00:35:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7005 Error: (03/25/2015 00:35:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7005 Error: (03/25/2015 00:35:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/25/2015 00:35:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6006 Error: (03/25/2015 00:35:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6006 Error: (03/25/2015 00:35:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/25/2015 00:35:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5008 Error: (03/25/2015 00:35:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5008 Error: (03/25/2015 00:35:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/25/2015 00:35:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4010 System errors: ============= Error: (03/24/2015 06:55:53 PM) (Source: iaStor) (EventID: 9) (User: ) Description: Le périphérique \Device\Ide\iaStor0 n'a pas répondu dans le délai imparti. Error: (03/24/2015 10:02:19 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (03/24/2015 00:20:36 AM) (Source: Disk) (EventID: 11) (User: ) Description: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1. Error: (03/23/2015 11:06:42 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: La structure du système de fichiers sur le disque est endommagée et inutilisable. Exécutez l’utilitaire chkdsk sur le volume OS. Error: (03/23/2015 11:06:39 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: La structure du système de fichiers sur le disque est endommagée et inutilisable. Exécutez l’utilitaire chkdsk sur le volume OS. Error: (03/23/2015 11:06:36 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: La structure du système de fichiers sur le disque est endommagée et inutilisable. Exécutez l’utilitaire chkdsk sur le volume OS. Error: (03/23/2015 11:06:35 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: La structure du système de fichiers sur le disque est endommagée et inutilisable. Exécutez l’utilitaire chkdsk sur le volume OS. Error: (03/23/2015 11:06:32 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: La structure du système de fichiers sur le disque est endommagée et inutilisable. Exécutez l’utilitaire chkdsk sur le volume OS. Error: (03/23/2015 11:06:29 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: La structure du système de fichiers sur le disque est endommagée et inutilisable. Exécutez l’utilitaire chkdsk sur le volume OS. Error: (03/23/2015 11:06:28 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: La structure du système de fichiers sur le disque est endommagée et inutilisable. Exécutez l’utilitaire chkdsk sur le volume OS. Microsoft Office Sessions: ========================= Error: (03/25/2015 00:35:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7005 Error: (03/25/2015 00:35:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7005 Error: (03/25/2015 00:35:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/25/2015 00:35:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6006 Error: (03/25/2015 00:35:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6006 Error: (03/25/2015 00:35:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/25/2015 00:35:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5008 Error: (03/25/2015 00:35:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5008 Error: (03/25/2015 00:35:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/25/2015 00:35:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4010 CodeIntegrity Errors: =================================== Date: 2013-05-04 23:09:48.748 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\ComboFix\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2013-05-04 23:09:48.685 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\ComboFix\catchme.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2012-01-06 18:00:13.710 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Users\FST\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2012-01-06 18:00:13.367 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Users\FST\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2012-01-06 18:00:13.008 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Users\FST\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2012-01-06 18:00:12.633 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Users\FST\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2012-01-06 17:55:12.614 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Users\FST\Documents\boot\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2012-01-06 17:55:12.302 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Users\FST\Documents\boot\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2012-01-06 17:55:11.880 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Users\FST\Documents\boot\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. Date: 2012-01-06 17:55:11.584 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Users\FST\Documents\boot\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. ==================== Memory info =========================== Processor: Intel® Core i7-2670QM CPU @ 2.20GHz Percentage of memory in use: 42% Total physical RAM: 8096.05 MB Available physical RAM: 4629 MB Total Pagefile: 16190.3 MB Available Pagefile: 12838.93 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:305.67 GB) (Free:45.19 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:367.96 GB) (Free:140.2 GB) NTFS Drive e: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:346.89 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: F3C6F6A7) Partition 1: (Not Active) - (Size=25 GB) - (Type=1C) Partition 2: (Active) - (Size=305.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=368 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: E045BAB6) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  10. I am posting below the FRST log (this file is too long, so the addition log will be posted in the next message)? Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by FST (administrator) on FST-PC on 25-03-2015 20:54:15 Running from C:\Users\FST\Desktop Loaded Profiles: UpdatusUser & FST & (Available profiles: UpdatusUser & FST) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Microsoft Corporation) C:\Windows\System32\CISVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Splashtop Inc.) C:\ASUS.SYS\SIONExportService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS) C:\Program Files\P4G\BatteryLife.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Farbar) C:\Users\FST\Desktop\FRST64(1).exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" HKLM\...\Run: [intelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated) HKLM\...\Run: [synAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-06-21] (Autodesk Inc.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc.) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc.) HKU\S-1-5-21-1396719998-274977801-2340671913-1000\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler HKU\S-1-5-21-1396719998-274977801-2340671913-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc.) HKU\S-1-5-21-1396719998-274977801-2340671913-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung) HKU\S-1-5-21-1396719998-274977801-2340671913-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1396719998-274977801-2340671913-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1396719998-274977801-2340671913-1001\...\Policies\Explorer: [] HKU\S-1-5-21-1396719998-274977801-2340671913-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc.) HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung) HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [] HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc.) AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation) AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk ShortcutTarget: Lancement rapide d'Adobe Acrobat.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe () Startup: C:\Users\FST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () Startup: C:\Users\FST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FST\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FST\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FST\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FST\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) BootExecute: autocheck autochk * ᔃ߾뼰ψ GroupPolicyUsers\S-1-5-21-1396719998-274977801-2340671913-1000\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1396719998-274977801-2340671913-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com HKU\S-1-5-21-1396719998-274977801-2340671913-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com HKU\S-1-5-21-1396719998-274977801-2340671913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1396719998-274977801-2340671913-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1396719998-274977801-2340671913-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT SearchScopes: HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT SearchScopes: HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1396719998-274977801-2340671913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-24] (Oracle Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-24] (Oracle Corporation) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated) Toolbar: HKU\.DEFAULT -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\FST\AppData\Roaming\Mozilla\Firefox\Profiles\g3khe9fu.default-1426173051740 FF Homepage: https://login.yahoo.com/config/mail?&.src=ym&.intl=fr FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-13] () FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-24] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-24] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-13] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-24] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-27] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-27] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-09-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-09-21] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1396719998-274977801-2340671913-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\FST\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google) FF Plugin HKU\S-1-5-21-1396719998-274977801-2340671913-1001: @talk.google.com/O1DPlugin -> C:\Users\FST\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google) FF Plugin HKU\S-1-5-21-1396719998-274977801-2340671913-1001: @tools.google.com/Google Update;version=3 -> C:\Users\FST\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin HKU\S-1-5-21-1396719998-274977801-2340671913-1001: @tools.google.com/Google Update;version=9 -> C:\Users\FST\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\FST\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google) FF Plugin HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\FST\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google) FF Plugin HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\FST\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\FST\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2006-10-22] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\FST\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\FST\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google) FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\FST\AppData\Roaming\Mozilla\Firefox\Profiles\g3khe9fu.default-1426173051740\Extensions\donottrackplus@abine.com [2015-03-12] FF Extension: WOT - C:\Users\FST\AppData\Roaming\Mozilla\Firefox\Profiles\g3khe9fu.default-1426173051740\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-03-12] FF Extension: Flash and Video Download - C:\Users\FST\AppData\Roaming\Mozilla\Firefox\Profiles\g3khe9fu.default-1426173051740\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-03-13] FF Extension: YouTube Caption Downloader - C:\Users\FST\AppData\Roaming\Mozilla\Firefox\Profiles\g3khe9fu.default-1426173051740\Extensions\captiondownloader@hiephm.com.xpi [2015-03-15] FF Extension: Video DownloadHelper - C:\Users\FST\AppData\Roaming\Mozilla\Firefox\Profiles\g3khe9fu.default-1426173051740\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-15] FF Extension: Adblock Plus - C:\Users\FST\AppData\Roaming\Mozilla\Firefox\Profiles\g3khe9fu.default-1426173051740\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-12] FF Extension: DownThemAll! - C:\Users\FST\AppData\Roaming\Mozilla\Firefox\Profiles\g3khe9fu.default-1426173051740\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-03-13] Chrome: ======= CHR Profile: C:\Users\FST\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\FST\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-13] CHR Extension: (Avira Browser Safety) - C:\Users\FST\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-13] CHR Extension: (Google Wallet) - C:\Users\FST\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-15] CHR HKU\S-1-5-21-1396719998-274977801-2340671913-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1396719998-274977801-2340671913-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4784144 2014-09-21] (Emsisoft GmbH) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [596360 2014-06-21] (Autodesk Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2012-03-03] (Autodesk) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG) R3 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation) S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink) S3 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1839616 2011-01-14] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed] R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-03-24] (Macrovision Europe Ltd.) [File not signed] S4 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] S3 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit) R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2820424 2014-10-15] (CybelSoft) R2 MSSQL$WINPACCSSUITE; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] () S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S4 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [249856 2011-02-15] () [File not signed] S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) R2 Splashtop MDES; C:\ASUS.SYS\SIONExportService.exe [338208 2011-05-10] (Splashtop Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH) R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG) S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH) U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation) S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16384 2011-04-15] () R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2011-04-15] (Marvell Semiconductor, Inc.) S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-09-05] (NVIDIA Corporation) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-03-23] () R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] () S3 ztemtusbser; C:\Windows\System32\DRIVERS\CT_ZTEMT_U_USBSER.sys [120704 2010-05-11] (ZTEMT Incorporated) S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-25 17:54 - 2015-03-25 20:54 - 00033626 _____ () C:\Users\FST\Desktop\FRST.txt 2015-03-25 17:54 - 2015-03-25 19:43 - 00058284 _____ () C:\Users\FST\Desktop\Addition.txt 2015-03-25 17:51 - 2015-03-25 17:51 - 02095616 _____ (Farbar) C:\Users\FST\Desktop\FRST64(1).exe 2015-03-25 17:37 - 2015-03-25 17:37 - 00194144 _____ () C:\Users\FST\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-24 18:26 - 2015-03-24 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com 2015-03-24 14:10 - 2015-03-24 14:10 - 00000000 ____D () C:\extensions 2015-03-24 14:01 - 2015-03-24 14:01 - 00000000 ____D () C:\Users\FST\Documents\Fichiers Outlook 2015-03-24 13:57 - 2015-03-24 13:57 - 00000000 ____D () C:\Users\Public\Documents\CrashDump 2015-03-24 09:59 - 2015-03-24 09:59 - 00464924 _____ () C:\Users\FST\Desktop\JavaRa.def 2015-03-24 09:57 - 2015-03-24 09:59 - 00057981 _____ () C:\Users\FST\Desktop\JavaRa-24-03-2015.log 2015-03-24 09:57 - 2014-04-20 07:44 - 00277504 _____ (SingularLabs) C:\Users\FST\Desktop\JavaRa.exe 2015-03-24 09:52 - 2015-03-24 09:52 - 00159578 _____ () C:\Users\FST\Downloads\JavaRa-2.6.zip 2015-03-24 09:47 - 2015-03-24 09:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-03-24 09:46 - 2015-03-24 09:46 - 00000000 _____ () C:\Windows\SysWOW64\RENC293.tmp 2015-03-24 09:45 - 2015-03-24 09:45 - 00561064 _____ (Oracle Corporation) C:\Users\FST\Downloads\jxpiinstall(4).exe 2015-03-24 09:36 - 2015-03-24 09:36 - 00443208 _____ (Bleeping Computer, LLC) C:\Users\FST\Downloads\sc-cleaner.exe 2015-03-24 09:36 - 2015-03-24 09:36 - 00001802 _____ () C:\sc-cleaner.txt 2015-03-24 00:10 - 2015-03-24 00:10 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk 2015-03-24 00:10 - 2015-03-24 00:10 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk 2015-03-24 00:10 - 2015-03-24 00:10 - 00002133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk 2015-03-24 00:10 - 2015-03-24 00:10 - 00001983 _____ () C:\Users\Public\Desktop\Adobe Acrobat 8 Professional.lnk 2015-03-24 00:10 - 2006-09-29 13:48 - 00033368 ____R (Adobe Systems Incorporated.) C:\Windows\SysWOW64\AdobePDF.dll 2015-03-24 00:09 - 2015-03-24 00:09 - 00000000 ____D () C:\Windows\SysWOW64\spool 2015-03-23 23:28 - 2015-03-23 23:28 - 02168320 _____ () C:\Users\FST\Downloads\adwcleaner_4.113.exe 2015-03-23 23:03 - 2015-03-23 23:04 - 20411480 _____ () C:\Users\FST\Downloads\RogueKillerX64(1).exe 2015-03-23 22:30 - 2015-03-25 20:54 - 00000000 ____D () C:\FRST 2015-03-23 22:30 - 2015-03-23 22:30 - 02095616 _____ (Farbar) C:\Users\FST\Downloads\FRST64.exe 2015-03-23 22:23 - 2015-03-23 22:23 - 00000000 __SHD () C:\Windows\ftpcache 2015-03-23 22:07 - 2015-03-23 22:07 - 00005762 _____ () C:\Users\FST\Documents\cc_20150323_220700.reg 2015-03-23 22:07 - 2015-03-23 22:07 - 00000082 _____ () C:\Users\FST\Documents\cc_20150323_220717.reg 2015-03-23 22:06 - 2015-03-23 22:06 - 00082554 _____ () C:\Users\FST\Documents\cc_20150323_220644.reg 2015-03-23 07:34 - 2015-03-23 07:34 - 00160430 _____ () C:\Users\FST\Downloads\OTL_fst.txt 2015-03-23 07:30 - 2015-03-24 00:30 - 00152122 _____ () C:\Users\FST\Downloads\OTL.Txt 2015-03-23 07:09 - 2015-03-23 07:12 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2015-03-23 07:09 - 2015-03-23 07:09 - 00000969 _____ () C:\Users\UpdatusUser\Desktop\SpeedFan.lnk 2015-03-23 07:09 - 2015-03-23 07:09 - 00000969 _____ () C:\Users\FST\Desktop\SpeedFan.lnk 2015-03-23 07:09 - 2015-03-23 07:09 - 00000000 ____D () C:\Users\FST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2015-03-21 23:05 - 2015-03-21 23:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-18 17:30 - 2015-03-18 17:30 - 00000000 ____D () C:\Users\FST\AppData\OICE_15_974FA576_32C1D314_3ADE 2015-03-18 08:44 - 2015-03-18 08:44 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin 2015-03-18 08:37 - 2015-03-23 22:09 - 00000000 ____D () C:\Users\FST\AppData\Roaming\ZHP 2015-03-17 16:46 - 2015-03-17 16:49 - 00000000 ____D () C:\Users\FST\Downloads\Delft Pumps 2015-03-17 11:57 - 2015-03-23 22:46 - 00000000 ____D () C:\Users\FST\Downloads\3. Pumps and pumping stations 2015-03-16 11:38 - 2015-03-17 11:58 - 00000000 ____D () C:\Users\FST\Downloads\2. Theoretical background hydraulics 2015-03-16 10:19 - 2015-03-16 11:28 - 00000000 ____D () C:\Users\FST\Downloads\1. Introduction 2015-03-15 16:03 - 2015-03-15 16:10 - 122413124 _____ () C:\Users\FST\Downloads\Mod-1 Lec-6 Conservation Principles & ioioGoverning Equation.mp4 2015-03-15 16:03 - 2015-03-15 16:10 - 120781415 _____ () C:\Users\FST\Downloads\Mod-1 Lec-5 Practical use of velocity co-efficient in channe.mp4 2015-03-15 16:02 - 2015-03-15 16:09 - 118323131 _____ () C:\Users\FST\Downloads\Mod-1 Lec-4 Velocity and Pressure Distribution.mp4 2015-03-13 15:39 - 2015-03-25 20:50 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-13 15:39 - 2015-03-13 16:05 - 00003940 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-03-13 14:53 - 2015-03-13 14:53 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk 2015-03-13 14:53 - 2015-03-13 14:53 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-03-13 14:53 - 2015-03-13 14:53 - 00000000 ____D () C:\Program Files\iTunes 2015-03-13 14:53 - 2015-03-13 14:53 - 00000000 ____D () C:\Program Files\iPod 2015-03-13 14:53 - 2015-03-13 14:53 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-03-12 16:10 - 2015-03-12 16:10 - 00000000 ____D () C:\Users\FST\Desktop\Anciennes données de Firefox 2015-03-12 16:03 - 2015-03-25 16:08 - 00005078 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for FST-PC-FST FST-PC 2015-03-08 10:43 - 2015-03-13 14:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2015-03-05 11:58 - 2015-03-05 11:58 - 00001183 _____ () C:\Users\FST\Desktop\SyncBackFree.lnk 2015-03-05 11:24 - 2015-03-05 11:24 - 00002010 _____ () C:\Users\FST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk 2015-03-05 11:24 - 2015-03-05 11:24 - 00001980 _____ () C:\Users\FST\Desktop\FileHippo App Manager.lnk 2015-03-05 11:24 - 2015-03-05 11:24 - 00000000 ____D () C:\ProgramData\IsolatedStorage 2015-03-03 17:02 - 2015-03-03 17:02 - 00000000 ___HD () C:\ProgramData\UZC 2015-03-03 16:47 - 2015-03-03 16:54 - 21679244 _____ () C:\Users\FST\Downloads\Livre#002638.rar 2015-03-03 10:29 - 2015-03-03 10:29 - 00000000 ____D () C:\Users\FST\Tracing 2015-03-02 22:48 - 2015-03-02 22:48 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} 2015-02-28 13:48 - 2015-02-28 13:54 - 166307845 _____ () C:\Users\FST\Downloads\Pilates pour renforcer son dos et ses abdos, renforcement de.mp4 2015-02-26 15:55 - 2015-03-04 22:18 - 00000000 ____D () C:\Users\FST\Downloads\EURL_SAS_Salarié_fichiers ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-25 20:50 - 2014-01-27 00:04 - 01754040 _____ () C:\Windows\WindowsUpdate.log 2015-03-25 19:39 - 2012-01-07 19:23 - 00000000 ____D () C:\Users\FST\AppData\Roaming\vlc 2015-03-25 19:05 - 2014-05-10 19:57 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-25 14:22 - 2014-02-02 06:16 - 00000000 ____D () C:\Users\FST\AppData\Local\CrashDumps 2015-03-25 14:08 - 2009-07-14 05:45 - 00018736 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-25 14:08 - 2009-07-14 05:45 - 00018736 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-25 12:26 - 2011-09-23 09:31 - 00000012 ____H () C:\dvmexp.idx 2015-03-25 12:25 - 2011-09-23 09:17 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-03-25 12:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-24 18:31 - 2014-09-25 18:01 - 00000000 ____D () C:\Users\FST\AppData\Roaming\Skype 2015-03-24 18:26 - 2014-09-21 17:17 - 00000951 _____ () C:\Users\Public\Desktop\Ma-Config.com - Démarrer la détection.lnk 2015-03-24 18:26 - 2014-09-21 17:17 - 00000000 ____D () C:\ProgramData\ma-config.com 2015-03-24 18:26 - 2014-09-21 17:17 - 00000000 ____D () C:\Program Files\ma-config.com 2015-03-24 14:10 - 2014-09-30 15:56 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-03-24 14:10 - 2014-09-25 18:01 - 00000000 ____D () C:\ProgramData\Skype 2015-03-24 10:15 - 2012-01-14 22:50 - 00007614 _____ () C:\Users\FST\AppData\Local\Resmon.ResmonCfg 2015-03-24 09:58 - 2014-01-30 09:37 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2015-03-24 09:58 - 2012-02-13 16:30 - 00000000 ____D () C:\Program Files\Java 2015-03-24 09:48 - 2014-02-07 19:35 - 00000000 ____D () C:\ProgramData\Oracle 2015-03-24 09:47 - 2012-05-03 22:59 - 00000000 ____D () C:\Program Files (x86)\Java 2015-03-24 00:24 - 2014-07-06 09:11 - 00002986 _____ () C:\Windows\System32\Tasks\{FF025594-E829-4079-AC1B-C9D83D61C9D5} 2015-03-24 00:09 - 2012-01-09 21:32 - 00000000 ____D () C:\ProgramData\Adobe 2015-03-24 00:09 - 2012-01-09 21:32 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-03-23 23:58 - 2014-06-15 15:11 - 00000000 ____D () C:\Users\FST\AppData\Local\Adobe 2015-03-23 23:46 - 2011-02-19 05:29 - 00799098 _____ () C:\Windows\system32\perfh00C.dat 2015-03-23 23:46 - 2011-02-19 05:29 - 00171026 _____ () C:\Windows\system32\perfc00C.dat 2015-03-23 23:46 - 2009-07-14 06:13 - 01852276 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-23 23:41 - 2012-01-06 17:02 - 00001431 _____ () C:\Users\FST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-23 23:41 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-03-23 23:38 - 2014-02-01 19:54 - 00000000 ____D () C:\AdwCleaner 2015-03-23 23:05 - 2014-09-21 17:42 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2015-03-23 22:21 - 2014-08-10 09:42 - 00002111 _____ () C:\Users\Public\Desktop\AutoCAD LT 2015 - English.lnk 2015-03-23 22:20 - 2014-09-10 15:54 - 00002111 _____ () C:\Users\Public\Desktop\AutoCAD LT 2014 - English.lnk 2015-03-23 16:31 - 2014-09-10 06:47 - 00001101 _____ () C:\Users\Public\Desktop\Avira.lnk 2015-03-23 16:31 - 2014-08-10 09:35 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-23 16:31 - 2013-02-23 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-03-23 16:31 - 2013-02-23 11:42 - 00000000 ____D () C:\Program Files (x86)\Avira 2015-03-23 08:08 - 2012-03-03 21:23 - 00000000 ____D () C:\Users\FST\AppData\Local\cache 2015-03-23 07:09 - 2014-09-21 16:55 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo 2015-03-23 07:09 - 2014-09-21 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2015-03-18 19:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-03-18 09:05 - 2014-10-08 15:19 - 00001082 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1396719998-274977801-2340671913-1001UA.job 2015-03-18 09:05 - 2014-10-08 15:19 - 00001030 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1396719998-274977801-2340671913-1001Core.job 2015-03-18 08:59 - 2014-07-06 09:10 - 00002986 _____ () C:\Windows\System32\Tasks\{B2C3B9F1-5947-447A-8EAC-BD1A63F4496D} 2015-03-18 08:58 - 2014-10-08 15:19 - 00004066 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1396719998-274977801-2340671913-1001UA 2015-03-18 08:58 - 2014-10-08 15:19 - 00003670 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1396719998-274977801-2340671913-1001Core 2015-03-18 08:58 - 2014-09-23 20:23 - 00002858 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (FST) 2015-03-18 08:58 - 2014-09-23 20:17 - 00003098 _____ () C:\Windows\System32\Tasks\ASC7_PerformanceMonitor 2015-03-18 08:58 - 2014-09-23 20:17 - 00002858 _____ () C:\Windows\System32\Tasks\ASC7_SkipUac_FST 2015-03-18 08:58 - 2014-07-06 09:13 - 00002976 _____ () C:\Windows\System32\Tasks\{8505C41C-0840-40E8-B80E-659A8D62D345} 2015-03-18 08:58 - 2014-07-06 09:11 - 00002976 _____ () C:\Windows\System32\Tasks\{ED73052F-B1E7-41CB-B32C-6DEC1C141137} 2015-03-18 08:58 - 2014-07-06 09:09 - 00002976 _____ () C:\Windows\System32\Tasks\{0C6330EB-385B-4BC4-9EA9-143B1D28B61C} 2015-03-18 08:58 - 2012-07-29 09:14 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-03-18 08:57 - 2012-01-10 07:11 - 00000000 ____D () C:\Windows\pss 2015-03-17 21:18 - 2014-01-27 14:27 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-03-15 14:59 - 2012-01-25 22:57 - 00000000 ____D () C:\Users\FST\dwhelper 2015-03-14 10:25 - 2011-09-23 09:30 - 00002178 _____ () C:\Windows\system32\ServiceFilter.ini 2015-03-13 16:05 - 2012-04-08 01:24 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-03-13 16:05 - 2012-04-08 01:24 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-13 14:53 - 2014-06-24 10:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-03-13 14:53 - 2014-02-23 17:37 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-03-10 14:14 - 2013-05-13 14:09 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-03-10 14:14 - 2013-04-11 00:06 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-03-10 14:14 - 2013-04-11 00:06 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-03-09 11:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-03-07 09:08 - 2014-08-12 16:43 - 00000000 ____D () C:\Program Files (x86)\epson 2015-03-05 11:58 - 2014-09-27 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks 2015-03-05 11:53 - 2014-09-27 21:44 - 00000000 ____D () C:\Program Files (x86)\2BrightSparks 2015-03-05 11:36 - 2014-04-08 22:03 - 00000000 ____D () C:\Users\FST\Documents\!!Macedonia 2015-03-05 11:28 - 2014-04-12 12:55 - 00000873 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-03-05 11:24 - 2012-12-27 23:11 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com 2015-03-04 23:12 - 2012-01-06 17:01 - 00000000 ____D () C:\Users\FST 2015-03-04 23:09 - 2015-02-15 13:47 - 00000000 ____D () C:\Windows\system32\appraiser 2015-03-04 23:09 - 2014-09-23 20:18 - 00000000 ____D () C:\Users\FST\AppData\Roaming\ProductData 2015-03-04 23:09 - 2014-09-23 20:17 - 00000000 ____D () C:\ProgramData\ProductData 2015-03-04 23:09 - 2014-09-23 20:17 - 00000000 ____D () C:\ProgramData\IObit 2015-03-04 23:09 - 2014-05-04 08:59 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-03-04 23:09 - 2014-04-12 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-03-04 23:09 - 2014-04-12 13:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-03-04 23:09 - 2012-01-27 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCAD 2015-03-04 23:09 - 2012-01-27 22:41 - 00000000 ____D () C:\Program Files (x86)\CCAD 2015-03-04 23:09 - 2012-01-07 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-03-04 23:09 - 2012-01-06 21:12 - 00000000 ____D () C:\Users\FST\AppData\Roaming\Autodesk 2015-03-04 23:09 - 2011-09-23 09:29 - 00000000 ____D () C:\ProgramData\P4G 2015-03-04 23:09 - 2011-04-13 03:33 - 00000000 ____D () C:\ProgramData\FLEXnet 2015-03-04 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-03-04 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-03-04 23:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2015-03-04 23:01 - 2014-09-23 20:14 - 00000000 ____D () C:\Users\FST\AppData\Roaming\IObit 2015-03-04 23:01 - 2012-01-08 20:16 - 00000000 ____D () C:\Users\FST\AppData\Local\2BrightSparks 2015-03-04 23:01 - 2012-01-07 08:24 - 00000000 ____D () C:\Users\FST\AppData\Local\Mozilla 2015-03-04 23:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2015-03-04 22:59 - 2014-09-23 20:17 - 00000000 ____D () C:\Program Files (x86)\IObit 2015-03-02 19:08 - 2012-01-08 20:19 - 00000000 ____D () C:\Windows\System32\Tasks\2BrightSparks 2015-03-02 19:08 - 2012-01-08 20:16 - 00000000 ____D () C:\Users\FST\AppData\Roaming\2BrightSparks 2015-02-24 04:17 - 2012-01-06 17:22 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Files in the root of some directories ======= 2012-01-15 20:23 - 2012-03-06 16:03 - 0018944 _____ () C:\Users\FST\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-02-25 21:34 - 2013-12-12 14:11 - 0004096 _____ () C:\Users\FST\AppData\Local\keyfile3.drm 2012-01-06 18:42 - 2012-01-06 18:42 - 0001549 _____ () C:\Users\FST\AppData\Local\PDLSetup.20120106.184226.txt 2012-10-13 14:15 - 2012-10-13 14:16 - 0001549 _____ () C:\Users\FST\AppData\Local\PDLSetup.20121013.131558.txt 2014-01-22 19:26 - 2014-01-22 19:26 - 0001549 _____ () C:\Users\FST\AppData\Local\PDLSetup.20140122.192601.txt 2012-01-14 22:50 - 2015-03-24 10:15 - 0007614 _____ () C:\Users\FST\AppData\Local\Resmon.ResmonCfg 2012-05-20 16:53 - 2012-05-20 16:53 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-01-16 17:21 - 2014-09-25 20:04 - 0002993 _____ () C:\ProgramData\hpzinstall.log 2012-03-03 21:20 - 2012-03-03 21:20 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2014-03-22 10:34 - 2014-09-21 17:11 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2011-09-23 09:37 - 2011-09-23 09:37 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2011-09-23 09:42 - 2011-09-23 09:43 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2011-09-23 09:42 - 2011-09-23 09:42 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2011-09-23 09:33 - 2011-09-23 09:36 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2011-09-23 09:36 - 2011-09-23 09:37 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log 2011-09-23 09:32 - 2011-09-23 09:33 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log Files to move or delete: ==================== C:\Users\FST\autoruns.exe Some content of TEMP: ==================== C:\Users\FST\AppData\Local\Temp\avgnt.exe C:\Users\FST\AppData\Local\Temp\MaConfigSetupTemp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-18 19:36 ==================== End Of Log ============================
  11. Thank you for your help. 1) Regarding your first remark (P2P/Piracy warning), the softwares installed on my computer are all licensed (Windows, Microsoft Office, AutoCAD,...). I rececently faced a number of problems with Adobe Professional (particularly when uninstalling the games pre-installed with windows), but it is also licensed. If you notice anything malicious, please advise me. 2) Malwarebytes did not find any malware. The log (in French) is pasted below. I will proceed with Farbar Recovery Scan Tool in the next message. Thanks. Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 25/03/2015 Heure de l'examen: 17:13:31 Fichier journal: Administrateur: Oui Version: 2.00.4.1028 Base de données Malveillants: v2015.03.25.04 Base de données Rootkits: v2015.02.25.01 Licence: Gratuit Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Auto-protection: Désactivé(e) Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Fahide Type d'examen: Examen "Menaces" Résultat: Terminé Objets analysés: 449620 Temps écoulé: 27 min, 43 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Activé(e) Heuristique: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (Aucun élément malicieux detecté) Modules: 0 (Aucun élément malicieux detecté) Clés du Registre: 0 (Aucun élément malicieux detecté) Valeurs du Registre: 0 (Aucun élément malicieux detecté) Données du Registre: 0 (Aucun élément malicieux detecté) Dossiers: 0 (Aucun élément malicieux detecté) Fichiers: 0 (Aucun élément malicieux detecté) Secteurs physiques: 0 (Aucun élément malicieux detecté) (end)
  12. Hello, I have been facing a few issues with my laptop since a few weeks: the computer is slow and and the fan is almost always functioning (particularly when streaming). I have done a scan with OTL and the result is posted here:http://pjjoint.malekal.com/files.php?id ... 1f10u13e15 Could anyone have a look at it and assist me in solving the problems? Many thanks. Matheo
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.