Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please help Diagnose


  • Please log in to reply
7 replies to this topic

#1 champdore

champdore

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 28 September 2013 - 05:39 AM

hello all, i m french and my english is so bad, but google traduction is my friend ;-)

Thanks for your answers for my probleme


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:29:48, on 28/09/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16506)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\utilisateur\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Sony\VAIO Care\listener.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/?ocid=UP74DHP&pc=UP74&dt=090313
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, enhanced for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion au compte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe"  /DoAction
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - Startup: Outil de notification de cadeaux MSN.lnk = C:\Users\utilisateur\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe
O8 - Extra context menu item: Rechercher sur le Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: LMIGuardianSvc - Unknown owner - (no file)
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Unknown owner - (no file)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
 
--
End of file - 27232 bytes

BC AdBot (Login to Remove)

 


#2 champdore

champdore
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 29 September 2013 - 04:27 AM

!up



#3 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:07:13 AM

Posted 29 September 2013 - 11:20 AM

Hi champdore
 

i m french and my english is so bad, but google traduction is my friend

Let's see how we get on then.

Please take note of the following:

1. Please do not run any other tools unless instructed.
2. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.
3. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
4. Please reply to this thread. Do not start a new topic.


P2P Warning
Please note that as long as you're using any form of Peer-to-Peer networking ( Frostwire, Ares, Bit Torrent etc.) and downloading files from non-documented sources, you can expect infestations of malware to occur.
Once upon a time, P2P file sharing was fairly safe. That is no longer true.
P2P programmes form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P programme is not configured correctly you may be sharing more files than you realise. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured programme.

Many of the programmes come bundled with other unwanted programmes, but even the ones free of any bundled software are not safe to use.
When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.

You may decide to continue P2P sharing, but keep in mind that this practice may be the source of future malware infestation.
If we clean your computer of infection, and you return to us a short time later with an infection contracted by the use of P2P programmes, we may refuse to help you.

If do you do decide (unwisely) to keep these programs, please refrain from using them until we have finished cleaning your system.


Step 1
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Step 2
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.
  • Double-click the downloaded icon to run the tool.

    frsticon_zpsdc3cbdc3.png
  • When the tool opens click Yes to disclaimer.

    frstdis_zps7f598f12.png
  • Press Scan button.

    frst_zps6548371f.png
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.
In your next reply, please submit:
JRT.txt
AdwCleaner report
and both reports from FRST


Thanks.

Edited by Starbuck, 29 September 2013 - 11:20 AM.

BBPP6nz.png


#4 champdore

champdore
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 01 October 2013 - 12:22 PM

ok, nice post,

 

Big thanks for your answer.

 

I keep work



#5 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:07:13 AM

Posted 02 October 2013 - 07:05 AM

Hi champdore

Let me have the reports when you have them.

Thanks

BBPP6nz.png


#6 champdore

champdore
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 02 October 2013 - 07:17 AM

# AdwCleaner v3.006 - Rapport créé le 01/10/2013 à 19:31:28
# Mis à jour le 01/10/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : utilisateur - UTILISATEUR-PC
# Exécuté depuis : E:\AdwCleaner.exe
# Option : Nettoyer
 
***** [ Services ] *****
 
 
***** [ Fichiers / Dossiers ] *****
 
Dossier Supprimé : C:\ProgramData\Tarma Installer
Dossier Supprimé : C:\Program Files (x86)\OApps
Dossier Supprimé : C:\Program Files (x86)\Yontoo
Dossier Supprimé : C:\Users\UTILIS~1\AppData\Local\Temp\Iminent
Dossier Supprimé : C:\Users\utilisateur\AppData\LocalLow\BabylonToolbar
Dossier Supprimé : C:\Users\utilisateur\AppData\LocalLow\SweetIM
Dossier Supprimé : C:\Users\utilisateur\AppData\Roaming\OfferBox
Dossier Supprimé : C:\Users\Cynthia_\AppData\Roaming\OfferBox
Dossier Supprimé : C:\Program Files (x86)\Software
Dossier Supprimé : C:\Program Files (x86)\Mozilla Firefox\Extensions\toolbar@iadah.com
Fichier Supprimé : C:\END
Fichier Supprimé : C:\Users\UTILIS~1\AppData\Local\Temp\Uninstall.exe
Fichier Supprimé : C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\xok4rz70.default\searchplugins\iadah.xml
Fichier Supprimé : C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\xok4rz70.default\user.js
Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
 
***** [ Raccourcis ] *****
 
 
***** [ Registre ] *****
 
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Rechercher sur le Web
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Clé Supprimée : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.software.oneclickctrl.8
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\sim-packages
Clé Supprimée : HKLM\SOFTWARE\Classes\Software.OneClickCtrl.8
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\speedupmypc
Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxhxxpProxy_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxhxxpProxy_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\toolbar_vit_sweetim_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\toolbar_vit_sweetim_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Tutorials]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_photomania_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_photomania_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{092A2C6B-43EE-4F9F-8F8E-14ED5E11C14B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{257A6158-1416-4B31-9BF8-29FF49F3814F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{63435521-BE15-44D9-A4BE-A5A0000D9662}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AC5C4189-A8A0-4C9D-8910-C9CEF8360077}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63435521-BE15-44D9-A4BE-A5A0000D9662}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63435521-BE15-44D9-A4BE-A5A0000D9662}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F3D17EF2-8118-4FA3-AFEA-BB2E18A69054}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Clé Supprimée : HKCU\Software\Cr_Installer
Clé Supprimée : HKCU\Software\IGearSettings
Clé Supprimée : HKCU\Software\Nosibay
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKLM\Software\DeviceVM
Clé Supprimée : HKLM\Software\Iminent
Clé Supprimée : HKLM\Software\Offerbox
Clé Supprimée : HKLM\Software\Uniblue\DriverScanner
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B58EF61-85F2-4977-97A5-84C19F926579}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Clé Supprimée : [x64] HKLM\SOFTWARE\DeviceVM
Clé Supprimée : [x64] HKLM\SOFTWARE\Tarma Installer
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
 
***** [ Navigateurs ] *****
 
-\\ Internet Explorer v9.0.8112.16506
 
 
-\\ Mozilla Firefox v23.0.1 (fr)
 
[ Fichier : C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\xok4rz70.default\prefs.js ]
 
Ligne Supprimée : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
Ligne Supprimée : user_pref("extentions.y2layers.installId", "e22f2895-c8cf-4193-822f-87a4b4f3d0cf");
 
[ Fichier : C:\Users\Cynthia_\AppData\Roaming\Mozilla\Firefox\Profiles\8vd6s05s.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ Fichier : C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [16334 octets] - [01/10/2013 19:30:37]
AdwCleaner[S0].txt - [15508 octets] - [01/10/2013 19:31:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15569 octets] ##########
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02
Ran by utilisateur at 2013-10-01 19:44:40
Running from E:\
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Panda Cloud Antivirus (Disabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AS: Panda Cloud Antivirus (Disabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Cloud Antivirus Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
 
==================== Installed Programs ======================
 
Adobe AIR (x32 Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Français (x32 Version: 11.0.04)
Alps Pointing-device for VAIO
Apple Application Support (x32 Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.142)
ArcSoft WebCam Companion 4 (x32 Version: 4.0.21.392)
Atheros Driver Installation Program (x32 Version: 8.0.0.171)
Atheros WiFi Driver Installation (x32 Version: 3.0)
Bing Bar (x32 Version: 7.0.850.0)
Bluetooth Win7 Suite (64) (Version: 7.3.0.100)
Bonjour (Version: 3.0.0.10)
Conexant HD Audio (Version: 8.54.0.53)
D3DX10 (x32 Version: 15.4.2368.0902)
Facebook Messenger 2.1.4814.0 (x32 Version: 2.1.4814.0)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Fotogaléria (x32 Version: 16.4.3505.0912)
Fotogalerie (x32 Version: 16.4.3505.0912)
Fotogalleri (x32 Version: 16.4.3505.0912)
Fotogalleriet (x32 Version: 16.4.3505.0912)
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912)
Fotótár (x32 Version: 16.4.3505.0912)
Galeria de Fotografias (x32 Version: 16.4.3505.0912)
Galeria fotografii (x32 Version: 16.4.3505.0912)
Galerie de photos (x32 Version: 16.4.3505.0912)
Galerie foto (x32 Version: 16.4.3505.0912)
Google Chrome (HKCU Version: 4.1.249.1045)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
HiJackThis (x32 Version: 1.0.0)
Intel® Control Center (x32 Version: 1.2.1.1007)
Intel® Management Engine Components (x32 Version: 7.0.0.1144)
Intel® Rapid Storage Technology (x32 Version: 10.0.0.1046)
iTunes (Version: 10.7.0.21)
Java Auto Updater (x32 Version: 2.0.2.4)
Java™ 6 Update 22 (64-bit) (Version: 6.0.220)
Java™ 6 Update 22 (x32 Version: 6.0.220)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
Les Sims™ 2 Double Deluxe (x32)
Les Sims™ Histoires de vie (x32)
Logiciel de base du périphérique HP Deskjet 2050 J510 series (Version: 28.0.1313.0)
LogMeIn (x32 Version: 4.1.3268)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Manuel VAIO (x32 Version: 2.0.0.02250)
Media Gallery (Version: 1.5.0.16020)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile FRA Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended FRA Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Module linguistique Microsoft .NET Framework 4 Client Profile FRA (Version: 4.0.30319)
Module linguistique Microsoft .NET Framework 4 Extended FRA (Version: 4.0.30319)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 23.0.1 (x86 fr) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
NVIDIA Install Application (Version: 2.265.42.0)
NVIDIA Logiciel système PhysX 9.12.0507 (Version: 9.12.0507)
NVIDIA PhysX (x32 Version: 9.12.0507)
NVIDIA Pilote 3D Vision 269.73 (Version: 269.73)
NVIDIA Pilote audio HD : 1.2.24.0 (Version: 1.2.24.0)
NVIDIA Pilote graphique 267.21 (Version: 267.21)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6973)
Outil de notification de cadeaux MSN (HKCU Version: 2.0.0.1)
Outil de restauration de données VAIO (x32 Version: 1.6.0.13140)
Panda Cloud Antivirus (Version: 6.02.00.0000)
Panda Cloud Antivirus (x32 Version: 02.02.00.0000)
Panneau de configuration NVIDIA 267.21 (Version: 267.21)
Photo Common (x32 Version: 16.4.3505.0912)
Photo Gallery (x32 Version: 16.4.3505.0912)
PhotoFiltre Studio X (HKCU)
Photomania Deluxe (x32)
PhotoScape (x32)
PMB (x32 Version: 5.5.02.12220)
PMB VAIO Edition Plug-in (Version: 1.5.10.05300)
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010)
Poczta usługi Windows Live (x32 Version: 16.4.3505.0912)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912)
Prise en charge du transfert VAIO (x32 Version: 1.4.0.14230)
Qualcomm Atheros Direct Connect (x32 Version: 3.0)
Raccolta foto (x32 Version: 16.4.3505.0912)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.92)
Remote Keyboard (x32 Version: 1.1.1.03020)
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070)
Skype™ 6.7 (x32 Version: 6.7.102)
Sony Corporation (Version: 1.0.0)
SSLx64 (Version: 1.0.0)
SSLx86 (x32 Version: 1.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
VAIO - Clavier à distance (x32 Version: 1.0.1.03020)
VAIO - Lecture à distance avec PlayStation®3 (x32 Version: 1.1.0.15070)
VAIO - Media Gallery (x32 Version: 1.5.0.16020)
VAIO - PMB VAIO Edition Guide (x32 Version: 1.6.00.06030)
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140)
VAIO Care (x32 Version: 6.4.2.11150)
VAIO Control Center (x32 Version: 4.5.0.03040)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140)
VAIO Easy Connect (x32 Version: 1.1.1.12200)
VAIO Event Service (x32 Version: 5.5.0.03040)
VAIO Gate (x32 Version: 2.4.2.02200)
VAIO Gate Default (x32 Version: 2.4.0.10090)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280)
VAIO Hero Screensaver - Summer 2011 Screensaver (x32)
VAIO Improvement (x32 Version: 1.0.0.14150)
VAIO Improvement Validation (Version: 1.0.4.01190)
VAIO Quick Web Access (x32 Version: 1.4.5.3)
VAIO Sample Contents (x32 Version: 1.4.2.09010)
VAIO Smart Network (x32 Version: 3.8.0.08120)
VAIO Update (x32 Version: 6.2.1.03260)
Valokuvavalikoima (x32 Version: 16.4.3505.0912)
VCCx86 (x32 Version: 1.0.0)
VESx64 (Version: 1.0.0)
VESx86 (x32 Version: 1.0.0)
VGClientX64 (Version: 1.0.0)
VGClientX86 (x32 Version: 1.0.0)
VideoFileDownload (x32 Version: 1.0)
VIx64 (Version: 1.0.0)
VIx86 (x32 Version: 1.0.0)
VSNx64 (Version: 1.0.0)
VSNx86 (x32 Version: 1.0.0)
VU5x64 (Version: 1.1.0)
VU5x86 (x32 Version: 1.0.0)
VU5x86 (x32 Version: 1.1.0)
VWSTx86 (x32 Version: 1.0.0)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live Family Safety (x32 Version: 16.4.3505.0912)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912)
Windows Liven sähköposti (x32 Version: 16.4.3505.0912)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912)
Основи Windows Live (x32 Version: 16.4.3505.0912)
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912)
Почта Windows Live (x32 Version: 16.4.3505.0912)
Фотоальбом (x32 Version: 16.4.3505.0912)
Фотогалерия (x32 Version: 16.4.3505.0912)
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912)
Фотоколекція (x32 Version: 16.4.3505.0912)
 
==================== Restore Points  =========================
 
06-09-2013 10:32:26 Windows Update
07-09-2013 08:22:21 Windows Update
07-09-2013 21:45:14 Windows Update
09-09-2013 10:54:47 Windows Update
09-09-2013 17:31:56 Windows Update
11-09-2013 11:02:07 Windows Update
11-09-2013 19:00:18 Windows Update
12-09-2013 10:40:41 Programme d’installation pour les modules Windows
13-09-2013 04:35:11 Windows Update
17-09-2013 10:41:51 Windows Update
18-09-2013 10:53:17 Windows Update
18-09-2013 17:11:44 Windows Update
19-09-2013 10:34:45 Windows Update
20-09-2013 10:38:42 Windows Update
20-09-2013 11:44:43 Windows Update
20-09-2013 20:06:17 Windows Update
23-09-2013 05:08:42 Windows Update
23-09-2013 11:22:48 Windows Update
24-09-2013 11:00:50 Windows Update
24-09-2013 16:53:10 Windows Update
25-09-2013 05:08:12 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {14E16314-AF00-4E19-9984-70696FF31E07} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {1667CCBB-262C-4134-A61B-33D724BFCA46} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {16B847BD-D621-4B0F-897E-5D8C3C56E5C4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1000UA => C:\Users\utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-22] (Facebook Inc.)
Task: {1FA6CC48-DCFB-49CD-8A4F-8EA19866C73E} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-13] (Microsoft Corporation)
Task: {28E34BA0-48CE-4EA5-A394-3AC4CC9177EE} - \SoftwareUpdateTaskMachineCore No Task File
Task: {2F91948F-614D-49F6-A69F-07F93487B7A3} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {424B56C8-6419-4B77-9059-DECDD52C9B4D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1001UA => C:\Users\Cynthia_\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28] (Facebook Inc.)
Task: {42D6BE41-02FF-4B53-870B-ECC2250A5BA0} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-03-26] (Sony Corporation)
Task: {498E7742-F232-407E-9D52-83A175899B0D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5E1914F4-40DD-4B64-9C1F-EB5CF7FE5103} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)
Task: {635AAAA1-F689-4714-BD37-3C038D7C1ADD} - System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} => C:\Windows\system32\msfeedssync.exe [2013-06-06] (Microsoft Corporation)
Task: {6585BDD4-2772-4646-8C34-EAB59C87832F} - System32\Tasks\User_Feed_Synchronization-{DB8F8B26-A03E-41BB-A1AA-64257773BFF0} => C:\Windows\system32\msfeedssync.exe [2013-06-06] (Microsoft Corporation)
Task: {715B5A2A-C8A8-4C55-BAD5-30AA09717E8E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {8235D696-4525-4A7E-91F1-172B0FEFF8C2} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {96379FFD-6069-480E-93B5-E115438F0A3A} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {9689E282-E982-4448-A84B-7D6411E7AC0D} - System32\Tasks\{5672B883-2BA3-4F8F-BABC-B15C1CCC5744} => Firefox.exe http://ui.skype.com/ui/0/6.0.0.126/fr/abandoninstall?page=tsProgressBar
Task: {9A670055-58BE-4545-8334-E3C645539C0C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1000Core => C:\Users\utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-22] (Facebook Inc.)
Task: {9D710B54-16AB-49FF-9904-0F2A9785E7F0} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {AEB44EAA-C8E4-4AE1-B7A1-96B0C77A91D3} - \SoftwareUpdateTaskMachineUA No Task File
Task: {B7229796-B625-46C0-B975-6468888E7105} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {B9BD2BED-51B6-4CB2-A086-BF04C09CEFD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-11] (Google Inc.)
Task: {BB3EC79E-E102-4662-9B4D-24991399DE42} - System32\Tasks\{6044ABFC-9655-4A97-8E4B-31B92790C44B} => Iexplore.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsProgressBar
Task: {D0A5791C-9467-48E3-AF20-DD68162FB6D3} - System32\Tasks\{AB232CC0-C5EC-4621-B116-4196C81E84DA} => Iexplore.exe http://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?page=tsProgressBar
Task: {D76470A1-E18B-41B3-9061-D45EC2F2A2C7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-03-26] (Sony Corporation)
Task: {D8AC129C-183A-4918-9D1E-39755D84B8E3} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {F21A30CE-71A8-4A8B-8D86-E01F6DFAD586} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-11] (Google Inc.)
Task: {FBF145F5-ADE2-43EC-B12E-903DD1D83435} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1001Core => C:\Users\Cynthia_\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1000Core.job => C:\Users\utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1000UA.job => C:\Users\utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1001Core.job => C:\Users\Cynthia_\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1001UA.job => C:\Users\Cynthia_\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-06 06:40 - 2011-03-05 17:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2013-09-26 18:57 - 2013-09-26 18:57 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\cd9a4b4dbc1a4b564ebed696e18cadb6\IsdiInterop.ni.dll
2012-02-06 06:28 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
 
==================== Faulty Device Manager Devices =============
 
Name: Atheros AR9285 Wireless Network Adapter
Description: Atheros AR9285 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Miniport WAN (L2TP)
Description: Miniport WAN (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: NNSTlsc
Description: NNSTlsc
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Miniport WAN (Moniteur réseau)
Description: Miniport WAN (Moniteur réseau)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Périphérique Bluetooth (réseau personnel)
Description: Périphérique Bluetooth (réseau personnel)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Miniport WAN (IP)
Description: Miniport WAN (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Miniport WAN (IPv6)
Description: Miniport WAN (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Miniport WAN (PPPOE)
Description: Miniport WAN (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Miniport WAN (PPTP)
Description: Miniport WAN (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: tcpipreg
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Miniport WAN (SSTP)
Description: Miniport WAN (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Carte Microsoft ISATAP #10
Description: Carte Microsoft ISATAP
Class Guid: 
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (10/01/2013 07:43:41 PM) (Source: Service Control Manager) (User: )
Description: Le service Connaissance des emplacements réseau s’est arrêté avec l’erreur service particulière %%-1073741288.
 
Error: (10/01/2013 07:43:40 PM) (Source: Service Control Manager) (User: )
Description: Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : 
%%0
 
Error: (10/01/2013 07:42:55 PM) (Source: Service Control Manager) (User: )
Description: Le service Connaissance des emplacements réseau s’est arrêté avec l’erreur service particulière %%-1073741288.
 
Error: (10/01/2013 07:42:55 PM) (Source: Service Control Manager) (User: )
Description: Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : 
%%0
 
Error: (10/01/2013 07:42:53 PM) (Source: Service Control Manager) (User: )
Description: Le service Connaissance des emplacements réseau s’est arrêté avec l’erreur service particulière %%-1073741288.
 
Error: (10/01/2013 07:42:53 PM) (Source: Service Control Manager) (User: )
Description: Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : 
%%0
 
Error: (10/01/2013 07:42:41 PM) (Source: Service Control Manager) (User: )
Description: Le service Connaissance des emplacements réseau s’est arrêté avec l’erreur service particulière %%-1073741288.
 
Error: (10/01/2013 07:42:40 PM) (Source: Service Control Manager) (User: )
Description: Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : 
%%0
 
Error: (10/01/2013 07:42:26 PM) (Source: Service Control Manager) (User: )
Description: Le service Connaissance des emplacements réseau s’est arrêté avec l’erreur service particulière %%-1073741288.
 
Error: (10/01/2013 07:42:25 PM) (Source: Service Control Manager) (User: )
Description: Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : 
%%0
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Percentage of memory in use: 31%
Total physical RAM: 4077.86 MB
Available physical RAM: 2786.82 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 6729.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:581.96 GB) (Free:491.76 GB) NTFS
Drive e: () (Removable) (Total:0.46 GB) (Free:0.45 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 5C556CF0)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=582 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 471 MB) (Disk ID: 00904DC5)
Partition 1: (Active) - (Size=471 MB) - (Type=06)
 
==================== End Of Log ============================
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by utilisateur (administrator) on UTILISATEUR-PC on 01-10-2013 19:42:32
Running from E:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Microsoft Corporation) C:\Users\utilisateur\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-04-30] (LogMeIn, Inc.)
HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272640 2012-09-12] (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\utilisateur\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-22] (Facebook Inc.)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-11] (Google Inc.)
HKCU\...\Run: [ares] - "C:\Program Files (x86)\Ares\Ares.exe" -h
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [HF_G_Jul] - "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe"  /DoAction
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PSUAMain] - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe [32736 2013-05-28] (Panda Security, S.L.)
HKU\Cynthia_\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-11] (Google Inc.)
HKU\Cynthia_\...\Run: [ares] - "C:\Program Files (x86)\Ares\Ares.exe" -h
HKU\Cynthia_\...\Run: [Facebook Update] - C:\Users\Cynthia_\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-28] (Facebook Inc.)
HKU\Cynthia_\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\Cynthia_\...\Policies\system: [LogonHoursAction] 2
HKU\Cynthia_\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Cynthia_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
ShortcutTarget: IMVU.lnk -> C:\Users\utilisateur\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outil de notification de cadeaux MSN.lnk
ShortcutTarget: Outil de notification de cadeaux MSN.lnk -> C:\Users\utilisateur\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/?ocid=UP74DHP&pc=UP74&dt=090313
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {ADD70B74-BBA3-49FA-895D-AE58A70A99B1} URL = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
 
FireFox:
========
FF ProfilePath: C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\xok4rz70.default
FF Keyword.URL: hxxp://www.iadah.com/web?search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\utilisateur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\utilisateur\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\xok4rz70.default\Extensions\LogMeInClient@logmein.com
FF Extension: Wordpress Toolbar - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\xok4rz70.default\Extensions\{e8754cd5-4214-41ea-8e28-142af83d76b1}
FF Extension: No Name - C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\xok4rz70.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
 
Chrome: 
=======
CHR HomePage: hxxp://www.iadah.com/web
CHR RestoreOnStartup:       "urls_to_restore_on_startup": [  ]
CHR DefaultSearchURL: (Google) - {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
 
==================== Services (Whitelisted) =================
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2013-06-07] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-04-30] (LogMeIn, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)
U2 LMIGuardianSvc; 
S2 NanoServiceMain; 
S2 PSUAService; 
 
==================== Drivers (Whitelisted) ====================
 
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-04-30] (LogMeIn, Inc.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [122088 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109288 2013-05-29] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95464 2013-05-29] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69864 2013-05-29] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [119016 2013-05-29] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [305896 2013-05-29] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [118504 2013-05-29] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106216 2013-05-29] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [168680 2013-05-28] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [122088 2013-05-28] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [205544 2013-05-28] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124648 2013-05-28] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [137448 2013-05-29] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [58808 2013-04-29] (Panda Security, S.L.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S4 LMIRfsClientNP; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-10-01 19:42 - 2013-10-01 19:42 - 00000000 ____D C:\FRST
2013-10-01 19:41 - 2013-10-01 19:41 - 00010819 _____ C:\Users\utilisateur\Desktop\JRT.txt
2013-10-01 19:33 - 2013-10-01 19:33 - 00000000 ____D C:\Windows\ERUNT
2013-10-01 19:32 - 2013-10-01 19:32 - 00000000 ___RD C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-10-01 19:30 - 2013-10-01 19:31 - 00000000 ____D C:\AdwCleaner
2013-09-28 12:29 - 2013-09-28 12:29 - 00027234 _____ C:\Users\utilisateur\Documents\hijackthis.log
2013-09-28 12:26 - 2013-09-28 12:26 - 00003003 _____ C:\Users\utilisateur\Desktop\HiJackThis.lnk
2013-09-28 12:26 - 2013-09-28 12:26 - 00000000 ____D C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-09-28 12:26 - 2013-09-28 12:26 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-09-28 12:16 - 2013-09-28 12:16 - 00000000 ____D C:\Windows\Options
2013-09-28 12:16 - 2013-09-28 12:16 - 00000000 ____D C:\Program Files (x86)\Atheros
2013-09-28 11:52 - 2013-09-28 11:52 - 00002110 _____ C:\Users\utilisateur\Desktop\RKreport[0]_D_09282013_115218.txt
2013-09-28 11:51 - 2013-09-28 11:51 - 00002063 _____ C:\Users\utilisateur\Desktop\RKreport[0]_S_09282013_115130.txt
2013-09-28 11:49 - 2013-09-28 11:52 - 00000000 ____D C:\Users\utilisateur\Desktop\RK_Quarantine
2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Users\utilisateur\AppData\Roaming\Malwarebytes
2013-09-28 10:58 - 2013-09-28 10:58 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-28 10:58 - 2013-09-28 10:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-28 10:58 - 2013-09-28 10:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-28 10:58 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-26 19:09 - 2013-09-26 19:09 - 00000000 __SHD C:\found.002
2013-09-26 18:56 - 2013-09-26 18:56 - 00000000 ____D C:\Windows\B9DB4C7601A446D58910F7AA6376DBAF.TMP
2013-09-26 18:56 - 2013-09-26 18:56 - 00000000 ____D C:\Users\utilisateur\AppData\Roaming\InstallShield
2013-09-26 18:55 - 2011-03-29 11:13 - 20456552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-26 18:55 - 2011-03-29 11:13 - 15039080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-26 18:55 - 2011-03-29 11:13 - 13056488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-26 18:55 - 2011-03-29 11:13 - 07715944 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-26 18:55 - 2011-03-29 11:13 - 05639784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-26 18:55 - 2011-03-29 11:12 - 12840040 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-26 18:55 - 2011-03-29 11:12 - 10059368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-26 18:55 - 2011-03-29 11:12 - 03182184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-26 18:55 - 2011-03-29 11:12 - 02954856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-26 18:55 - 2011-03-29 11:12 - 02871400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-26 18:55 - 2011-03-29 11:12 - 02579560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-26 18:55 - 2011-03-29 11:11 - 18580072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-26 18:55 - 2011-03-29 11:11 - 13011560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-26 18:55 - 2011-03-29 11:11 - 06597736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-26 18:55 - 2011-03-29 11:11 - 04936808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-26 18:55 - 2011-03-29 11:11 - 01969768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-26 18:55 - 2011-03-29 11:11 - 00067176 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-09-26 18:55 - 2011-03-29 11:11 - 00057960 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-09-26 18:55 - 2011-03-29 11:11 - 00011240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd
2013-09-25 18:54 - 2013-09-25 18:54 - 00006824 ____N C:\bootsqm.dat
2013-09-25 18:35 - 2013-04-29 09:17 - 00058808 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2013-09-12 12:52 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 12:52 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 12:52 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 12:52 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 12:52 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 12:52 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 12:52 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 12:52 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 12:52 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 12:52 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 12:52 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 12:52 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 12:52 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 12:52 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 12:52 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 12:52 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 12:52 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 12:52 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 12:52 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 12:52 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 12:52 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 12:52 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 12:52 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 12:48 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 12:48 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 12:48 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 12:48 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-12 12:45 - 2013-09-12 12:45 - 00000000 ____D C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Périphériques Bluetooth
2013-09-03 19:47 - 2013-09-03 19:47 - 00000000 ____D C:\Users\Cynthia_\AppData\Local\Macromedia
2013-09-03 19:45 - 2013-09-03 19:45 - 00000000 ____D C:\Users\Cynthia_\AppData\Roaming\Mozilla
2013-09-03 19:45 - 2013-09-03 19:45 - 00000000 ____D C:\Users\Cynthia_\AppData\Local\Mozilla
2013-09-03 19:42 - 2013-09-03 19:42 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-03 19:36 - 2013-09-03 19:36 - 48717704 _____ (Microsoft Corporation) C:\Users\utilisateur\Downloads\EIE10_FR-FR_WOL_Win764(1).EXE
2013-09-03 19:25 - 2013-09-03 19:25 - 48717704 _____ (Microsoft Corporation) C:\Users\utilisateur\Downloads\EIE10_FR-FR_WOL_Win764.EXE
2013-09-03 19:19 - 2013-09-03 19:28 - 00000000 ____D C:\Users\Invité\Documents\Bluetooth Folder
2013-09-03 19:19 - 2013-09-03 19:19 - 00066104 _____ C:\Users\Invité\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-03 19:19 - 2013-09-03 19:19 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Intel Corporation
2013-09-03 19:19 - 2013-09-03 19:19 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Apple Computer
2013-09-03 19:19 - 2013-09-03 19:19 - 00000000 ____D C:\Users\Invité\AppData\Local\LogMeIn
2013-09-03 19:19 - 2013-09-03 19:19 - 00000000 ____D C:\Users\Invité\AppData\Local\BMExplorer
2013-09-03 19:18 - 2013-09-03 19:18 - 00001429 _____ C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-03 19:18 - 2013-09-03 19:18 - 00000020 ___SH C:\Users\Invité\ntuser.ini
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Voisinage réseau
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Voisinage d'impression
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Modèles
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Menu Démarrer
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Documents\Mes vidéos
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Documents\Mes images
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Documents\Ma musique
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\AppData\Local\Historique
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ___RD C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ___RD C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Sony Corporation
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Atheros
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Adobe
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ____D C:\Users\Invité\AppData\Local\VirtualStore
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ____D C:\Users\Invité
2013-09-03 19:18 - 2012-12-30 19:01 - 00002148 _____ C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-09-03 19:18 - 2012-02-06 06:54 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Macromedia
2013-09-03 19:18 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-03 19:18 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified Files and Folders =======
 
2013-10-01 19:42 - 2013-10-01 19:42 - 00000000 ____D C:\FRST
2013-10-01 19:41 - 2013-10-01 19:41 - 00010819 _____ C:\Users\utilisateur\Desktop\JRT.txt
2013-10-01 19:39 - 2012-02-06 15:14 - 00745504 _____ C:\Windows\system32\perfh00C.dat
2013-10-01 19:39 - 2012-02-06 15:14 - 00148990 _____ C:\Windows\system32\perfc00C.dat
2013-10-01 19:39 - 2009-07-14 07:13 - 01662506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-01 19:39 - 2009-07-14 06:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-01 19:39 - 2009-07-14 06:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-01 19:36 - 2012-07-03 17:06 - 01137612 _____ C:\Windows\WindowsUpdate.log
2013-10-01 19:33 - 2013-10-01 19:33 - 00000000 ____D C:\Windows\ERUNT
2013-10-01 19:32 - 2013-10-01 19:32 - 00000000 ___RD C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-10-01 19:32 - 2012-02-06 06:34 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-01 19:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-01 19:32 - 2009-07-14 06:51 - 00110669 _____ C:\Windows\setupact.log
2013-10-01 19:31 - 2013-10-01 19:30 - 00000000 ____D C:\AdwCleaner
2013-10-01 19:29 - 2013-08-13 19:32 - 00000000 ____D C:\ProgramData\LogMeIn
2013-09-28 12:29 - 2013-09-28 12:29 - 00027234 _____ C:\Users\utilisateur\Documents\hijackthis.log
2013-09-28 12:29 - 2012-08-14 11:41 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-28 12:28 - 2012-07-03 17:11 - 00000000 ____D C:\Users\utilisateur\AppData\Local\VirtualStore
2013-09-28 12:26 - 2013-09-28 12:26 - 00003003 _____ C:\Users\utilisateur\Desktop\HiJackThis.lnk
2013-09-28 12:26 - 2013-09-28 12:26 - 00000000 ____D C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-09-28 12:26 - 2013-09-28 12:26 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-09-28 12:16 - 2013-09-28 12:16 - 00000000 ____D C:\Windows\Options
2013-09-28 12:16 - 2013-09-28 12:16 - 00000000 ____D C:\Program Files (x86)\Atheros
2013-09-28 12:16 - 2012-02-06 06:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-28 12:15 - 2012-07-17 22:38 - 00000000 ____D C:\Users\utilisateur\AppData\Local\CrashDumps
2013-09-28 12:15 - 2012-02-06 07:25 - 00000000 ____D C:\ProgramData\Atheros
2013-09-28 12:03 - 2012-07-14 13:33 - 00000952 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1000UA.job
2013-09-28 11:55 - 2012-02-06 06:32 - 00039334 _____ C:\Windows\DPINST.LOG
2013-09-28 11:52 - 2013-09-28 11:52 - 00002110 _____ C:\Users\utilisateur\Desktop\RKreport[0]_D_09282013_115218.txt
2013-09-28 11:52 - 2013-09-28 11:49 - 00000000 ____D C:\Users\utilisateur\Desktop\RK_Quarantine
2013-09-28 11:51 - 2013-09-28 11:51 - 00002063 _____ C:\Users\utilisateur\Desktop\RKreport[0]_S_09282013_115130.txt
2013-09-28 10:59 - 2013-09-28 10:59 - 00000000 ____D C:\Users\utilisateur\AppData\Roaming\Malwarebytes
2013-09-28 10:58 - 2013-09-28 10:58 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-28 10:58 - 2013-09-28 10:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-28 10:58 - 2013-09-28 10:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-26 19:09 - 2013-09-26 19:09 - 00000000 __SHD C:\found.002
2013-09-26 19:02 - 2012-02-06 06:26 - 00000000 ____D C:\Program Files (x86)\Intel
2013-09-26 18:56 - 2013-09-26 18:56 - 00000000 ____D C:\Windows\B9DB4C7601A446D58910F7AA6376DBAF.TMP
2013-09-26 18:56 - 2013-09-26 18:56 - 00000000 ____D C:\Users\utilisateur\AppData\Roaming\InstallShield
2013-09-26 18:55 - 2012-02-06 06:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-26 18:53 - 2013-05-22 21:06 - 00000000 ____D C:\Users\utilisateur\Documents\Bluetooth Folder
2013-09-25 19:33 - 2013-04-05 12:11 - 00167702 _____ C:\Windows\IE10_main.log
2013-09-25 19:22 - 2012-12-28 23:17 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1001UA.job
2013-09-25 18:54 - 2013-09-25 18:54 - 00006824 ____N C:\bootsqm.dat
2013-09-25 18:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-24 22:22 - 2012-12-28 23:17 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1001Core.job
2013-09-23 00:03 - 2012-07-14 13:33 - 00000930 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3527451823-3196262786-1204036535-1000Core.job
2013-09-22 20:03 - 2012-12-28 14:25 - 00000000 ___HD C:\Users\Cynthia_\Documents\Bluetooth Folder
2013-09-20 21:29 - 2012-08-14 11:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 21:29 - 2012-08-14 11:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 21:29 - 2012-08-14 11:41 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-14 17:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-14 10:12 - 2012-12-28 14:25 - 00000000 ___RD C:\Users\Cynthia_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-14 10:12 - 2012-12-28 14:25 - 00000000 ___RD C:\Users\Cynthia_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 13:38 - 2012-07-03 17:12 - 00000000 ___RD C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 13:38 - 2012-07-03 17:12 - 00000000 ___RD C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 06:51 - 2009-07-14 06:45 - 00345728 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 06:43 - 2013-08-15 03:03 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 06:41 - 2013-01-11 17:29 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 12:45 - 2013-09-12 12:45 - 00000000 ____D C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Périphériques Bluetooth
2013-09-12 12:39 - 2011-02-11 01:03 - 01641052 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-11 12:59 - 2009-07-14 07:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-10 19:23 - 2012-10-14 20:25 - 00722324 _____ C:\test.xml
2013-09-06 22:14 - 2012-12-30 19:00 - 00000000 ____D C:\Users\Cynthia_\AppData\Roaming\Skype
2013-09-03 19:47 - 2013-09-03 19:47 - 00000000 ____D C:\Users\Cynthia_\AppData\Local\Macromedia
2013-09-03 19:45 - 2013-09-03 19:45 - 00000000 ____D C:\Users\Cynthia_\AppData\Roaming\Mozilla
2013-09-03 19:45 - 2013-09-03 19:45 - 00000000 ____D C:\Users\Cynthia_\AppData\Local\Mozilla
2013-09-03 19:43 - 2013-08-21 18:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-03 19:43 - 2012-07-21 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-03 19:42 - 2013-09-03 19:42 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-03 19:41 - 2012-12-28 14:24 - 00001300 __RSH C:\Users\Cynthia_\ntuser.pol
2013-09-03 19:41 - 2012-12-28 14:24 - 00000000 ____D C:\Users\Cynthia_
2013-09-03 19:38 - 2012-07-03 17:09 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-09-03 19:36 - 2013-09-03 19:36 - 48717704 _____ (Microsoft Corporation) C:\Users\utilisateur\Downloads\EIE10_FR-FR_WOL_Win764(1).EXE
2013-09-03 19:28 - 2013-09-03 19:19 - 00000000 ____D C:\Users\Invité\Documents\Bluetooth Folder
2013-09-03 19:25 - 2013-09-03 19:25 - 48717704 _____ (Microsoft Corporation) C:\Users\utilisateur\Downloads\EIE10_FR-FR_WOL_Win764.EXE
2013-09-03 19:19 - 2013-09-03 19:19 - 00066104 _____ C:\Users\Invité\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-03 19:19 - 2013-09-03 19:19 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Intel Corporation
2013-09-03 19:19 - 2013-09-03 19:19 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Apple Computer
2013-09-03 19:19 - 2013-09-03 19:19 - 00000000 ____D C:\Users\Invité\AppData\Local\LogMeIn
2013-09-03 19:19 - 2013-09-03 19:19 - 00000000 ____D C:\Users\Invité\AppData\Local\BMExplorer
2013-09-03 19:18 - 2013-09-03 19:18 - 00001429 _____ C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-03 19:18 - 2013-09-03 19:18 - 00000020 ___SH C:\Users\Invité\ntuser.ini
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Voisinage réseau
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Voisinage d'impression
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Modèles
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Menu Démarrer
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Documents\Mes vidéos
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Documents\Mes images
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\Documents\Ma musique
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 _SHDL C:\Users\Invité\AppData\Local\Historique
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ___RD C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ___RD C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Sony Corporation
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Atheros
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Adobe
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ____D C:\Users\Invité\AppData\Local\VirtualStore
2013-09-03 19:18 - 2013-09-03 19:18 - 00000000 ____D C:\Users\Invité
2013-09-03 19:10 - 2012-12-28 11:36 - 00000664 __RSH C:\Users\utilisateur\ntuser.pol
2013-09-03 19:10 - 2012-07-03 17:07 - 00000000 ____D C:\Users\utilisateur
 
Some content of TEMP:
====================
C:\Users\Cynthia_\AppData\Local\Temp\1gvzywsm.dll
C:\Users\Cynthia_\AppData\Local\Temp\4deuw8ui.dll
C:\Users\Cynthia_\AppData\Local\Temp\cr5tqwli.dll
C:\Users\Cynthia_\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Cynthia_\AppData\Local\Temp\drm_dyndata_7360010.dll
C:\Users\Cynthia_\AppData\Local\Temp\install_flashplayer11x32ax_aih.exe
C:\Users\Cynthia_\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\Cynthia_\AppData\Local\Temp\mism.exe
C:\Users\Cynthia_\AppData\Local\Temp\SkypeSetup.exe
C:\Users\utilisateur\AppData\Local\Temp\0v5zvumf.dll
C:\Users\utilisateur\AppData\Local\Temp\4jhhqrjd.dll
C:\Users\utilisateur\AppData\Local\Temp\5rzu1oyv.dll
C:\Users\utilisateur\AppData\Local\Temp\6qox3v7n.dll
C:\Users\utilisateur\AppData\Local\Temp\AutoRun.exe
C:\Users\utilisateur\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\utilisateur\AppData\Local\Temp\chrome_installer.exe
C:\Users\utilisateur\AppData\Local\Temp\CommonInstaller.exe
C:\Users\utilisateur\AppData\Local\Temp\drm_dyndata_7360010.dll
C:\Users\utilisateur\AppData\Local\Temp\EAInstall.dll
C:\Users\utilisateur\AppData\Local\Temp\hvr54hje.dll
C:\Users\utilisateur\AppData\Local\Temp\increBibar_install1003.exe
C:\Users\utilisateur\AppData\Local\Temp\Install_BubbleDock.exe
C:\Users\utilisateur\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
C:\Users\utilisateur\AppData\Local\Temp\mcoambp2.dll
C:\Users\utilisateur\AppData\Local\Temp\pjnn_7en.dll
C:\Users\utilisateur\AppData\Local\Temp\Quarantine.exe
C:\Users\utilisateur\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\utilisateur\AppData\Local\Temp\SkypeSetup.exe
C:\Users\utilisateur\AppData\Local\Temp\t5wpr00q.dll
C:\Users\utilisateur\AppData\Local\Temp\The Sims Life Stories_uninst.exe
C:\Users\utilisateur\AppData\Local\Temp\ubiusppk.dll
C:\Users\utilisateur\AppData\Local\Temp\VP6Install.exe
C:\Users\utilisateur\AppData\Local\Temp\VP6VFW.dll
C:\Users\utilisateur\AppData\Local\Temp\xrivabnp.dll
C:\Users\utilisateur\AppData\Local\Temp\ywohu57n.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-09-22 11:47
 
==================== End Of Log ============================
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by utilisateur on 01/10/2013 at 19:33:52,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3527451823-3196262786-1204036535-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\64a6e60055d801f4bb8ac269354b72b8
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\64a6e60055d801f4bb8ac269354b72b8
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\ba086f2d38a8e1a47912955a68b3ad24
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\utilisateur\appdata\local\software"
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{046E2B11-334C-4F49-AC6A-C566E2B6F08E}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{06F437A5-E996-41F8-A3ED-D806A335793D}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{0CF7DA45-E946-4494-BDE8-1B606F193EED}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{0EA7E5A9-B447-4B31-81A8-9E900F057F2C}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{12FF37D1-6448-4855-A02E-EA4FCB7584E7}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{18550540-157D-4D9C-B928-C1664220CEB3}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{187A0EDF-09DB-46E2-8CD8-1DAFDA12CE21}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{205B91A2-973E-4F68-9D48-424A98705DB3}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{20E67584-6BC5-45EC-A946-F6A93EF0E9F4}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{220B90CC-6F07-4A1B-AD82-E56F815956C1}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{2576EC2D-D143-4769-B0A1-E7C1691F099E}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{26E42BEE-EE22-489C-9942-8EB49EF5EF9D}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{28557F0A-3651-456D-99E1-1CB2EDCBDB0E}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{28B46440-5240-4558-86C8-440B79978357}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{2F48622A-A85B-436F-BF3D-C09F4FF4BCEB}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{3014D351-1C34-44F0-832B-765E31501888}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{32A69B7A-EC50-484C-A1DF-8C13624579D8}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{3437A25A-4D50-4B7E-86EB-10008732F2F2}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{3ABDD9CC-3DA3-482D-A5DA-6974BD886FA7}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{3E5F1A7A-14AD-4749-9950-E3BC176EB995}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{473F9FC1-8D32-4234-A2BC-F78EC73EAD11}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{49D104B1-0AD3-4177-9C32-033B5372F9F1}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{4A28F47B-ABFF-4D2B-8403-E6306BCA6D18}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{4CA24FBD-3877-4419-AADD-9AC1267166F5}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{4E83ECF1-165F-42A9-B5C9-8DC79FF51652}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{4F47F6FE-C5E3-4375-94C9-119ABC8D9587}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{4FCB2BE2-8297-4370-8B60-1BB4B35251C2}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{51799211-4FE9-4C15-9A82-6081B8E2CAD7}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{537C1C50-C256-4C97-B307-7577B704BA8C}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{56D7A2D1-692D-4149-B867-3220B57462FB}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{59515092-374F-4E0C-B16A-25DED0DD5FAB}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{5A68F85D-BB16-4E60-A330-5EB78B95938F}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{5ACFE9C5-4C23-422E-9F48-284A0287C206}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{5D73443E-BA60-41EF-8447-3CC86E565886}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{61CE37DE-DAF0-459C-AA6E-1F3E7BEB54F6}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{655DDF7B-848A-4058-90DF-BF64FCB2373E}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{673633B6-342F-4B7F-9AF1-330E40EEC350}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{6CCED1BC-08B5-4F12-AA49-F189E130FB4D}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{6EA9589F-C468-453B-9BBD-EEB440B6129E}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{733DFB42-2A4F-4E41-8E80-9ED81F3344F4}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{73AF2C7C-E05F-41E6-A3AE-F34E4D4C52EE}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{758A3FD2-DC58-498E-B80B-F7BB1158EEA9}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{77DE90FB-5F3C-42BC-88E3-E6FCDB5860CA}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{7C4E1ACE-5723-400A-A96A-BC97EBE21EF3}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{7C9FE61E-D969-41D0-BF0E-7EF15D3937DF}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{83415556-90EC-4A45-9403-F53332EF2DBA}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{83BDDBD3-DD6A-4C78-A69B-A1E30DB64981}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{854D55D3-5D2C-4D07-ACF5-CBD4FEFB4716}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{862FD810-767F-41E8-9613-E389163EBBF9}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{86F3658B-482C-4A2A-A44B-69FFCFBFD241}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{8DC5562A-9D44-4B76-965B-42FC9707BF36}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{8F01D37A-50DE-46E8-A383-438EAB1E37A5}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{96F2D81E-D542-4491-9D6F-8D0416BC9D71}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{9951E68A-E2B8-4CB8-94BE-6FAA3D2C949B}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{99C4985E-CADF-47DE-88E8-2A3F4C35F619}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{9B993BB0-0A36-4057-8313-07CF58C96B18}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{A1EB8ED9-1BFC-4E3A-B6A4-A9016E976937}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{A2861B43-1E32-4414-AAA3-00BDD7D9515C}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{A423AF0C-B71A-4FAD-8F44-97DC0037C32C}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{A798CC96-1834-46AF-9B3D-FFB1275EE9C2}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{B1710F1D-4967-4E1F-ADB3-3E3547E454D4}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{B32CCD02-9A59-424E-A020-87FC45410DCC}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{B3D0A5F1-7F03-4374-92AE-91C6E2A54EC3}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{B7943491-7C1A-4A1B-A7E2-769C3F8FB1DE}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{BC386C3D-2AED-4DC3-8794-C8E6CD80DB02}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{C0DC68A6-841C-4663-B487-49BFBABB5B0D}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{C36FF66B-396C-4AB4-8976-8879A78C667A}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{C67178B3-4A97-4639-9453-875258897730}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{C8BBF8DE-3CDB-4D17-91CD-B9302C7B2066}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{CD358470-D4CB-4B76-B70F-C876FC8A0772}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{CE0AC327-5CA8-429A-8BA0-80A32677DEB2}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{D2C14FFE-29BF-439C-838C-066B9F5580C7}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{D5408AF3-C9A4-4605-B71A-EE0071F8F72E}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{D7D0171B-684F-4C7B-8895-D3938697AB6C}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{DF444E26-08F8-4748-9AAC-B94A4B216B5B}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{E2838FB2-EA14-4733-9F55-DF63EC4DB636}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{E2D20136-CAE0-411E-B93D-45CBBB855001}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{E61956C6-CD16-42D9-960C-0AB1D034ECEB}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{F2424B37-2FC8-4A94-AE10-FF8D3B2D256B}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{F497CBE1-D008-45FB-8EE5-848B75A86009}
Successfully deleted: [Empty Folder] C:\Users\utilisateur\appdata\local\{F8808E47-15EE-4EC4-A515-5FA2844831F8}
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\utilisateur\AppData\Roaming\mozilla\firefox\profiles\xok4rz70.default\minidumps [399 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/10/2013 at 19:41:31,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 


#7 champdore

champdore
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 02 October 2013 - 07:23 AM

re hello,

 

important thing :

 

the virus has deactivated the antivirus, delete multiple drivers, 



#8 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:07:13 AM

Posted 02 October 2013 - 02:26 PM

Hi champdoreand save it to your Desktop. <<<<< Important
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • Vista/Win7 users should right-click and select Run As Administrator.

    tdss1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.

    tdss2.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    tdss3.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    tdss4.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file in your next reply.


BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users