Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Just lost a partition... Virus or malware suspected?


  • Please log in to reply
10 replies to this topic

#1 ssebs

ssebs

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 03 April 2016 - 03:13 PM

Hi,

 

I'm requesting your help because it's beyond my knowledge ;-)

 

I just "lost" a partition:

- I have a ssd with C: (system, win10 family x64. migrated from win7 about 1 month ago) and S: (data) partitions

+ a non-ssd disk for data (only 1 partition on this one).

 

Now, since 1h30, the S: partition isn't accessible any more, and even worse, it's displayed as unallocated on disk (info given by windows disk management + "MiniTool Partition Wizard Free").

The partition "disappeared" after a reboot that I did earlier, because the update of my tomtom gpy was stuck.

 

Since a few weeks, I have strange behaviours, I did many scans with different tools and even a system restore, but I still had strange behaviours.

 

And now there's this partition just lost.

So I don't know if it's a big win10 bug or hardware failure, or a problem due to virus/malware.

 

I find it complicated, because now I don't know which tools I can trust, and what to do to be sure it's clean.

 

My first priority, if you can help for this, would be to be able to recover the partition which disappeared, because I had very important emails on it, that I did not backup-ed these last days.

Yet I didn't do anything on this partition (no tool used except "MiniTool Partition Wizard Free" just to look at the disk status), to maximize chances to recover it.

 

Here are the tools that I used to check for virus/malware: (note: since I'm fighting with this since weeks, for some tools I don't remember the results that they gave..)

- I have avira as antivirus. Note: these last days, what is strange and was a new behaviour, is that at windows startup, windows was complaining that no firewall was running. Normaly, now it's avira which drives (or replace, I don't know exactly...) the firewall. Now I often had to start it manually in the avira interface.

- Roguekiller. Here are the results for the scan that I ran at 21:00 today. If I run a second scan after fix, it's fine. But after rebooting, all the detected elements are back (excepted Firefox home page, I also fixed it manually to be sure...). In particular, I don't know if the Hidden.ADS is "normal" or is dangerous...

- CcCleaner. Tonight, I disabled it in the startup.

- Malwarebytes Anti-Malware. Tonight it doesn't detect anything. I also tried "Junkware removal tool" from them.

- Spybot-S&D Start Center

- ZHPCleaner

- Emsisoft Emergency Kit

- AdwCleaner

- Kaspersky rescue scan (iso image and boot on disk and full scan)

- TDSSKiller (from Kaspersky) (nothing detected tonight)

 

What was really detected and I did:

- I don't remember which tool detected it, but "win32/Small.CA" was once reported. On the web, I found some info on how to look for it in folders and registry. After that, it was not detected any more.

- last week I noticed errors when opening windows task planifiaction (sorry I'm french, I hope it's the official name in windows in english...). I didn't open it before since I migrated to win 10, about 1 month ago, so I don't know since when these errors were here. It was suspicious because these tasks were badly configured, with crazy names and paths... I deleted them manually in the registry.

- I did a system restore 2 weeks ago, to go back with an earlier backup, on win 10 also. Unfortunately, I didn't make a backup right after migrating from win7 to win10. I also installed and used the opera browser for a while after win10 migration, and then the first strange behaviours appeared (slow web browsing, slow windows explorer sometimes...). I suspect Opera to be the entry point for a virus/malware for my machine (even if of course I have no proof of it, just an intuition...).

 

Note: I'm software scientist, so you can tell me some technical instructions, and I'll ask you if I don't understand. For example, I know how to modify the registry, but I don't do it if I'm sure about the effect (I know it can break windows or a software behaviour...).

 

My request:

-> Can you tell me if there's a chance to recover the disappeared parittion, and if yes with which tool?

-> then, can you help to be sure there's no virus or malware?

-> Or may the partition be disappeared for another reason than virus/malware?

 

Edit: regarding the ssd hardware, the C: smart status doesn't give any error. This ssd is not so old, CrystalDiskInfo says it's running since 4547 hours.

 

 

You can of course ask my to run any tool to help to find the issue(s).

 

Thanks in advance ;-)


Edited by ssebs, 03 April 2016 - 03:28 PM.


BC AdBot (Login to Remove)

 


#2 ssebs

ssebs
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 06 April 2016 - 01:49 AM

Hi,

An update:

As I was blocked, I did some searches about the partition issue, and I was able to restore it with minitool partition wizard (partition recovery wizard).

It's working fine now.

 

I'd like now to be sure that I have no infection on my pc.



#3 Jo*

Jo*

  • Malware Response Team
  • 3,319 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:37 PM

Posted 12 April 2016 - 09:52 AM

:welcome: to BleepingComputer.

Hi there,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / music / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


:step1: Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


:step2: Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step3: Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


:step4: MiniToolbox by Farbar

Disable your antivirus if it does not allow you to download the tool!
Please download MiniToolBox, save it to your desktop and run it.
Place a checkmark in Select all, then click Go and post the result (MTB.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Copy and paste the contents of that logfile in your next reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#4 ssebs

ssebs
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 20 April 2016 - 10:25 AM

Hi,

 

Thanks for your help,

I was away from home and now I was able to run the tools.

 

Before I post all the results, I have one question: the MiniToolBox results are in french, which is my windows language.

Is there a way to produce a result in english so you can review it much easier?



#5 Jo*

Jo*

  • Malware Response Team
  • 3,319 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:37 PM

Posted 20 April 2016 - 11:07 AM

post what you have...


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#6 ssebs

ssebs
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 20 April 2016 - 12:36 PM

Here it is:

 

 

 

1 - checkup.txt  ----------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus    
Windows Defender   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Adobe Flash Player     21.0.0.197  
 Mozilla Firefox (45.0.2)
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled!
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 sebandre Desktop vérifs virus SecurityCheck.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

 

 

(end of Security Check report) ----------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

2 - MBAR: no malware was found ----------------------------------------------------------------------------------------------------------------------------

 

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.04.20.04
  rootkit: v2016.04.17.01

Windows 10 x64 NTFS
Internet Explorer 11.212.10586.0
sebandre :: SEB-PC-BUREAU [administrator]

20/04/2016 17:05:24
mbar-log-2016-04-20 (17-05-24).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 475381
Time elapsed: 13 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

(end of MBAR report) ----------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

 

3) AdwCleaner  ----------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

# AdwCleaner v5.112 - Logfile created 20/04/2016 at 17:20:03
# Updated 17/04/2016 by Xplode
# Database : 2016-04-19.5 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : sebandre - SEB-PC-BUREAU
# Running from : D:\Internet\download\antivirus\adwcleaner_5.112.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [6671 bytes] - [06/02/2016 13:04:45]
C:\AdwCleaner\AdwCleaner[C2].txt - [1423 bytes] - [13/02/2016 13:44:13]
C:\AdwCleaner\AdwCleaner[S1].txt - [6237 bytes] - [06/02/2016 13:02:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [6097 bytes] - [06/02/2016 13:04:02]
C:\AdwCleaner\AdwCleaner[S3].txt - [2693 bytes] - [13/02/2016 13:43:11]
C:\AdwCleaner\AdwCleaner[S4].txt - [1130 bytes] - [08/04/2016 12:47:47]
C:\AdwCleaner\AdwCleaner[S5].txt - [1052 bytes] - [20/04/2016 17:20:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1125 bytes] ##########
 

(end of Adwcleaner report) ----------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

4) MTB.txt  ----------------------------------------------------------------------------------------------------------------------------------------------------------------------

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by sebandre (administrator) on 20-04-2016 at 17:21:42
Running from "D:\Internet\download\antivirus"
Microsoft Windows 10 Famille  (X64)
Model: To Be Filled By O.E.M. Manufacturer: To Be Filled By O.E.M.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Configuration IP de Windows

Cache de r�solution DNS vid�.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Connexion au réseau local 4 (Connected)


# ----------------------------------
# Configuration du protocole IPv4
# ----------------------------------
pushd interface ipv4

reset
set global
set interface interface="Connexion au r‚seau local 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Connexion au r‚seau local" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Connexion au r‚seau local 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Connexion au r‚seau local 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Connexion au r‚seau local* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# Fin de la configuration du protocole IPv4



Configuration IP de Windows

   Nom de l'h“te . . . . . . . . . . : seb-PC-bureau
   Suffixe DNS principal . . . . . . :
   Type de noeud. . . . . . . . . .  : Hybride
   Routage IP activ‚ . . . . . . . . : Non
   Proxy WINS activ‚ . . . . . . . . : Non

Carte Ethernet Connexion au r‚seau local 4 :

   Suffixe DNS propre … la connexion. . . :
   Description. . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Adresse physique . . . . . . . . . . . : D0-50-99-0B-9A-5C
   DHCP activ‚. . . . . . . . . . . . . . : Oui
   Configuration automatique activ‚e. . . : Oui
   Adresse IPv6 de liaison locale. . . . .: fe80::c51:5f82:5647:9fbc%6(pr‚f‚r‚)
   Adresse IPv4. . . . . . . . . . . . . .: 10.0.0.2(pr‚f‚r‚)
   Masque de sous-r‚seau. . . .ÿ. . . . . : 255.255.255.0
   Bail obtenu. . . . . . . . .ÿ. . . . . : mardi, 19 avril 2016 23:47:04
   Bail expirant. . . . . . . . .ÿ. . . . : jeudi, 21 avril 2016 16:54:02
   Passerelle par d‚faut. . . .ÿ. . . . . : 10.0.0.1
   Serveur DHCP . . . . . . . . . . . . . : 10.0.0.1
   IAID DHCPv6 . . . . . . . . . . . : 349196441
   DUID de client DHCPv6. . . . . . . . : 00-01-00-01-1E-6D-E7-E0-D0-50-99-0B-9A-5C
   Serveurs DNS. . .  . . . . . . . . . . : 8.8.8.8
                                   8.8.4.4
   NetBIOS sur Tcpip. . . . . . . . . . . : Activ‚

Carte Tunnel Teredo Tunneling Pseudo-Interface :

   Suffixe DNS propre … la connexion. . . :
   Description. . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP activ‚. . . . . . . . . . . . . . : Non
   Configuration automatique activ‚e. . . : Oui
   Adresse IPv6. . . . . . . . . . .ÿ. . .: 2001:0:5ef5:79fb:46e:1539:f5ff:fffd(pr‚f‚r‚)
   Adresse IPv6 de liaison locale. . . . .: fe80::46e:1539:f5ff:fffd%2(pr‚f‚r‚)
   Passerelle par d‚faut. . . .ÿ. . . . . : ::
   IAID DHCPv6 . . . . . . . . . . . : 201326592
   DUID de client DHCPv6. . . . . . . . : 00-01-00-01-1E-6D-E7-E0-D0-50-99-0B-9A-5C
   NetBIOS sur TCPIP. . . . . . . . . . . : D‚sactiv‚

Carte Tunnel isatap.{53E9081A-7B47-4067-B5A2-AFED2C4EC845} :

   Statut du m‚dia. . . . . . . . . . . . : M‚dia d‚connect‚
   Suffixe DNS propre … la connexion. . . :
   Description. . . . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP activ‚. . . . . . . . . . . . . . : Non
   Configuration automatique activ‚e. . . : Oui
Serveur :   google-public-dns-a.google.com
Address:  8.8.8.8

Nom :    google.com
Addresses:  2a00:1450:400a:806::200e
      172.217.19.174


Envoi d'une requˆte 'ping' sur google.com [172.217.19.174] avec 32 octets de donn‚esÿ:
R‚ponse de 172.217.19.174ÿ: octets=32 temps=13 ms TTL=53
R‚ponse de 172.217.19.174ÿ: octets=32 temps=13 ms TTL=53

Statistiques Ping pour 172.217.19.174:
    Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),
Dur‚e approximative des boucles en millisecondes :
    Minimum = 13ms, Maximum = 13ms, Moyenne = 13ms
Serveur :   google-public-dns-a.google.com
Address:  8.8.8.8

Nom :    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
      2001:4998:58:c02::a9
      2001:4998:44:204::a7
      206.190.36.45
      98.138.253.109
      98.139.183.24


Envoi d'une requˆte 'ping' sur yahoo.com [206.190.36.45] avec 32 octets de donn‚esÿ:
R‚ponse de 206.190.36.45ÿ: octets=32 temps=184 ms TTL=46
R‚ponse de 206.190.36.45ÿ: octets=32 temps=184 ms TTL=46

Statistiques Ping pour 206.190.36.45:
    Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),
Dur‚e approximative des boucles en millisecondes :
    Minimum = 184ms, Maximum = 184ms, Moyenne = 184ms

Envoi d'une requˆte 'Ping'  127.0.0.1 avec 32 octets de donn‚esÿ:
R‚ponse de 127.0.0.1ÿ: octets=32 temps<1ms TTL=128
R‚ponse de 127.0.0.1ÿ: octets=32 temps<1ms TTL=128

Statistiques Ping pour 127.0.0.1:
    Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),
Dur‚e approximative des boucles en millisecondes :
    Minimum = 0ms, Maximum = 0ms, Moyenne = 0ms
===========================================================================
Liste d'Interfaces
  6...d0 50 99 0b 9a 5c ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
  2...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
  8...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Table de routage
===========================================================================
Itin‚raires actifsÿ:
Destination r‚seau    Masque r‚seau  Adr. passerelle   Adr. interface M‚trique
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.2     20
         10.0.0.0    255.255.255.0         On-link          10.0.0.2    276
         10.0.0.2  255.255.255.255         On-link          10.0.0.2    276
       10.0.0.255  255.255.255.255         On-link          10.0.0.2    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.2    276
===========================================================================
Itin‚raires persistantsÿ:
  Aucun

IPv6 Table de routage
===========================================================================
Itin‚raires actifsÿ:
 If Metric Network Destination      Gateway
  2    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  2    306 2001::/32                On-link
  2    306 2001:0:5ef5:79fb:46e:1539:f5ff:fffd/128
                                    On-link
  6    276 fe80::/64                On-link
  2    306 fe80::/64                On-link
  2    306 fe80::46e:1539:f5ff:fffd/128
                                    On-link
  6    276 fe80::c51:5f82:5647:9fbc/128
                                    On-link
  1    306 ff00::/8                 On-link
  6    276 ff00::/8                 On-link
  2    306 ff00::/8                 On-link
===========================================================================
Itin‚raires persistantsÿ:
  Aucun
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/20/2016 05:21:01 PM) (Source: Acronis Scheduler) (User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'C73DF26C-DA36-4B34-A03E-033834498780' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:20:01 PM) (Source: Acronis Scheduler) (User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'E8EB23E7-2D44-49CD-BDBA-301B0BD1C9E3' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:20:01 PM) (Source: Acronis Scheduler) (User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID '382C4399-F5D0-4669-8993-8725BB7E684F' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:20:01 PM) (Source: Acronis Scheduler) (User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'C73DF26C-DA36-4B34-A03E-033834498780' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:19:00 PM) (Source: Acronis Scheduler) (User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'C73DF26C-DA36-4B34-A03E-033834498780' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:18:41 PM) (Source: Application Hang) (User: )
Description: Le programme mbar.exe version 1.9.3.1001 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.

ID de processus : 2f78

Heure de début : 01d19b15dd2ba3f7

Heure de fin : 3146

Chemin d'accès de l'application : D:\Internet\download\antivirus\mbar\mbar.exe

ID de rapport : 1f3b2b53-070b-11e6-9506-d050990b9a5c

Nom complet du package défaillant :

ID de l'application relative au package défaillant :

Error: (04/20/2016 05:18:01 PM) (Source: Acronis Scheduler) (User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'E8EB23E7-2D44-49CD-BDBA-301B0BD1C9E3' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:18:01 PM) (Source: Acronis Scheduler) (User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'C73DF26C-DA36-4B34-A03E-033834498780' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:17:01 PM) (Source: Acronis Scheduler) (User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'C73DF26C-DA36-4B34-A03E-033834498780' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:16:01 PM) (Source: Acronis Scheduler) (User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'E8EB23E7-2D44-49CD-BDBA-301B0BD1C9E3' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).


System errors:
=============
Error: (04/20/2016 01:15:24 AM) (Source: Service Control Manager) (User: )
Description: Le service Accès aux données utilisateur_e066db s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (04/20/2016 01:15:24 AM) (Source: Service Control Manager) (User: )
Description: Le service Stockage des données utilisateur_e066db s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (04/20/2016 01:15:24 AM) (Source: Service Control Manager) (User: )
Description: Le service Données de contacts_e066db s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (04/20/2016 01:15:24 AM) (Source: Service Control Manager) (User: )
Description: Le service Hôte de synchronisation_e066db s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (04/14/2016 07:27:50 AM) (Source: Service Control Manager) (User: )
Description: Le service Accès aux données utilisateur_aa467 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (04/14/2016 07:27:50 AM) (Source: Service Control Manager) (User: )
Description: Le service Stockage des données utilisateur_aa467 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (04/14/2016 07:27:50 AM) (Source: Service Control Manager) (User: )
Description: Le service Données de contacts_aa467 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (04/14/2016 07:27:50 AM) (Source: Service Control Manager) (User: )
Description: Le service Hôte de synchronisation_aa467 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (04/14/2016 06:22:32 AM) (Source: Service Control Manager) (User: )
Description: Le service NetTcpActivator dépend du service NetTcpPortSharing qui n’a pas pu démarrer en raison de l’erreur :
%%1058

Error: (04/13/2016 10:53:46 PM) (Source: Service Control Manager) (User: )
Description: Le service Accès aux données utilisateur_8fc4658 s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.


Microsoft Office Sessions:
=========================
Error: (04/20/2016 05:21:01 PM) (Source: Acronis Scheduler)(User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'C73DF26C-DA36-4B34-A03E-033834498780' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:20:01 PM) (Source: Acronis Scheduler)(User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'E8EB23E7-2D44-49CD-BDBA-301B0BD1C9E3' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:20:01 PM) (Source: Acronis Scheduler)(User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID '382C4399-F5D0-4669-8993-8725BB7E684F' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:20:01 PM) (Source: Acronis Scheduler)(User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'C73DF26C-DA36-4B34-A03E-033834498780' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:19:00 PM) (Source: Acronis Scheduler)(User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'C73DF26C-DA36-4B34-A03E-033834498780' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:18:41 PM) (Source: Application Hang)(User: )
Description: mbar.exe1.9.3.10012f7801d19b15dd2ba3f73146D:\Internet\download\antivirus\mbar\mbar.exe1f3b2b53-070b-11e6-9506-d050990b9a5c

Error: (04/20/2016 05:18:01 PM) (Source: Acronis Scheduler)(User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'E8EB23E7-2D44-49CD-BDBA-301B0BD1C9E3' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:18:01 PM) (Source: Acronis Scheduler)(User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'C73DF26C-DA36-4B34-A03E-033834498780' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:17:01 PM) (Source: Acronis Scheduler)(User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'C73DF26C-DA36-4B34-A03E-033834498780' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).

Error: (04/20/2016 05:16:01 PM) (Source: Acronis Scheduler)(User: AUTORITE NT)
Description: Le planificateur ne peut pas exécuter la tâche  avec le GUID 'E8EB23E7-2D44-49CD-BDBA-301B0BD1C9E3' à cause de l'erreur 2 (Impossible de trouver le fichier (dossier) ou la clé (valeur) dans le registre.).


CodeIntegrity Errors:
===================================
  Date: 2016-04-14 06:23:05.752
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 06:22:25.553
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-12 13:12:25.928
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-12 13:08:20.964
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-12 12:57:56.927
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-08 10:38:46.920
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-08 10:25:27.915
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-08 10:15:52.007
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-07 12:52:33.970
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-06 23:40:07.049
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.531 - ABBYY Production LLC)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3505 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0708.2011 - Acer Incorporated)
Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Acronis True Image 2015 (HKLM-x32\...\{0174F517-0B1C-4969-B7C1-03A04EC64A21}) (Version: 18.0.6613 - Acronis) Hidden
Acronis True Image 2015 (HKLM-x32\...\{0174F517-0B1C-4969-B7C1-03A04EC64A21}Visible) (Version: 18.0.6613 - Acronis)
Acronis Universal Boot Media Builder (HKLM-x32\...\{C729A6EC-9D4A-4A0F-B410-1C2BFF33EDDF}) (Version: 11.5.38938 - Acronis)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe DNG Codec (HKLM-x32\...\Adobe DNG Codec) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Afficher le Mode d’emploi (HKLM-x32\...\View User Guide) (Version: 3.60.02.0 - )
Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-758db433-de59-4691-b939-6c76b8164b4f) (Version: 2.2.0.98 - WildTangent) Hidden
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: 1.15.0.43061 - Amazon)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.11.2.1053 - Amazon Services LLC)
Argazki Galeria (HKLM-x32\...\{35E5135F-9B3E-4DFC-A90B-AABA12F1E085}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Athentech Perfectly Clear (HKLM\...\{20778D45-52FE-467E-B422-1D2097582A28}) (Version: 1.0.0.117 - Corel Corporation) Hidden
Athentech Perfectly Clear (HKLM-x32\...\_{5CF88B4A-5805-4F7C-B059-23C6C9D0604D}) (Version: 1.0.0.117 - Corel Corporation)
Athentech Perfectly Clear (HKLM-x32\...\{5CF88B4A-5805-4F7C-B059-23C6C9D0604D}) (Version: 1.0.0.117 - Nom de votre société) Hidden
Authorization Wizard Update 2.1 (HKLM-x32\...\{40AFBF62-AB70-49F5-B0FF-D92EA8BD4833}) (Version: 2.1 - EastWest Sounds, Inc)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{34CE35A5-BC22-4045-9F05-6C411D3A74DB}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
AVOX4 x64 (HKLM\...\{95A421DB-156C-4F3C-A85A-9A881C84F123}) (Version: 4.0.0 - Antares Audio Technologies)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-5 - Wacom Technology Corp.)
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-eb4508b4-101e-4fd3-98a4-d8a85e62e467) (Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bs2bwmp (HKLM-x32\...\{47B5BB26-A85D-4DBA-88E7-37A3C1682D59}) (Version: 1.0.0 - BG)
calibre (HKLM-x32\...\{DCB4A686-C75A-4F07-A5AE-00A4A618CE81}) (Version: 2.52.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CamStudio Lossless Codec v1.5 (HKLM-x32\...\camcodec) (Version: 1.5 - CamStudio)
C-CHANNEL OnlineUpdate (HKLM-x32\...\{408FA92C-0766-48A1-8055-D6DFD27B7C2B}) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Centre Souris et Claviers Microsoft (HKLM\...\{FA945868-397C-44F2-A1A4-53244A1D64B3}) (Version: 2.5.166.0 - Microsoft Corporation) Hidden
Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
clear.fi  (HKLM-x32\...\{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}) (Version: 1.5.3201_45059 - CyberLink Corp.) Hidden
clear.fi  (HKLM-x32\...\{E8E37C4F-DE01-4286-AFB6-9FBEC8265A1A}) (Version: 9.0.9024 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\{37126D87-E4FD-4614-B908-A0BB7ECE3992}) (Version: 1.5.3318.35 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\InstallShield_{37126D87-E4FD-4614-B908-A0BB7ECE3992}) (Version: 1.5.3318.35 - CyberLink Corp.)
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.05.3002 - Acer Incorporated)
CLX.PayPen (HKLM-x32\...\{FF03F4E5-3269-459B-A5F3-DC0D7B2561FB}) (Version:  - )
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CoolSoft VirtualMIDISynth 1.13.2 (HKLM-x32\...\CoolSoft VirtualMIDISynth) (Version: 1.13.2.0 - CoolSoft)
Corel PaintShop Pro X7  (HKLM-x32\...\_{176F50D6-6857-49CE-B731-65F757EE3F0D}) (Version: 17.3.0.30 - Corel Corporation)
Crazy Chicken Kart 2 (HKLM-x32\...\WTA-5ea5c84b-16a4-45eb-b69e-cda787120a66) (Version: 2.2.0.97 - WildTangent) Hidden
CSDiff (HKLM-x32\...\{F9C3B51C-DCCC-4916-B08D-A6820D914AC0}) (Version: 5.0 - ComponentSoftware)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DeepSkyStacker (HKLM-x32\...\{DCEC4A35-DA2B-4CA6-89A3-206F9A568ACD}) (Version: 3.2.0 -  )
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.35.1 - Dropbox, Inc.) Hidden
DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.94.0 - DxO Labs)
DxO Optics Pro 8 (HKLM\...\{2FB06E89-6F7D-4D42-8726-F302480C8EAB}) (Version: 8.5.0 - DxO Labs)
DxO ViewPoint (HKLM\...\{A0A7372A-C28E-48BE-B88C-3C3C3EEFC2EA}) (Version: 1.2.14.0 - DxO Labs)
DxO ViewPoint 2 (HKLM\...\{5602DC38-848F-42BD-B764-4BE48E9E7623}) (Version: 2.5.74.0 - DxO Labs)
Eaton UPS Companion v1.04 (HKLM-x32\...\Eaton UPSCompanion) (Version: v1.04.017 build - Eaton)
Elements 11 Organizer (HKLM-x32\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Nom de votre société) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.3.1185 - Steinberg Media Technologies GmbH)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)
Epson Guide d'utilisation XP-600 Series (HKLM-x32\...\XP-600 Series Useg) (Version:  - )
Epson Guide réseau XP-600 Series (HKLM-x32\...\XP-600 Series Netg) (Version:  - )
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.20.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ePUBee Converter (HKLM-x32\...\ePUBee Converter) (Version: 1.51.0.4 - ePUBee Inc.)
ePUBee DRM Removal (HKLM-x32\...\ePUBee DRM Removal) (Version: 3.0.5.1 - ePUBee Inc.)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.103 - Etron Technology)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
f.lux (HKCU\...\Flux) (Version:  - )
FATE (HKLM-x32\...\WTA-d7bb18fe-4890-4101-bb6f-ca631dbb0332) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (HKLM-x32\...\WTA-239ca5b9-66db-40e2-8483-6ca244d41f21) (Version: 2.2.0.95 - WildTangent) Hidden
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fooz Kids (HKLM-x32\...\{4C774C35-E0AF-72E1-136A-2BF666702268}) (Version: 3.0.8 - FUHU, Inc.) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.)
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogaléria (HKLM-x32\...\{5B87607E-E781-49C5-9891-80990E45BCA1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{85E3592A-8C11-44F4-AABD-F82EF41167AD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{5FF3045E-4A36-4B98-9F7F-48B49F4469C7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotografias (HKLM-x32\...\{23079EF2-2617-4BFC-BDFF-E6AE8D79B734}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotos (HKLM-x32\...\{9EE1AE8B-4872-41CA-8C9A-C33D899523E0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotogràfica (HKLM-x32\...\{118AAEAF-65EF-41CA-B24B-14732C266C84}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie foto (HKLM-x32\...\{429BEB2D-4EB8-49E6-A135-823FCB2AAAC5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerija fotografija (HKLM-x32\...\{343C0612-37DC-4914-95A7-0845EE0C8F04}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garmin BaseCamp (HKLM-x32\...\{36A0D446-B8E9-4753-BDFE-335F6F4DE59C}) (Version: 4.5.2 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM-x32\...\{58FA5D40-E35A-47ED-8AFA-68CCC758559E}) (Version: 6.15.11 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
Google Drive (HKLM-x32\...\{B0F1B758-60D6-41F7-93D9-212A448813FE}) (Version: 1.29.1862.0513 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Guide Epson Connect (HKLM-x32\...\Epson Connect Guide) (Version:  - )
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
HDtracks Downloader (HKLM-x32\...\HDtracks Downloader) (Version: 18 - J. River, Inc.)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated)
hppMSRedist (HKLM-x32\...\{58ECE031-9AAD-4011-B34A-BC78E77527E2}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
hppusgP1000 (HKLM-x32\...\{F1AC923B-2A52-4C5D-8011-5FC83CD58CF4}) (Version: 1.1.0.1 - Hewlett-Packard) Hidden
H-Series_ASIO64 (HKLM\...\{5ACDFB68-D994-48E0-A579-2AFA6B851710}) (Version: 2.0.0.3 - ZOOM)
ICA (HKLM-x32\...\{176F50D6-6857-49CE-B731-65F757EE3F0D}) (Version: 17.3.0.30 - Corel Corporation) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
iLok Client Helper (HKLM-x32\...\{DEA491FB-48BC-4B6B-8902-FCD4BAB069BE}) (Version: 5.9.7 - PACE Anti-Piracy, Inc.) Hidden
iLok Client Helper (HKLM-x32\...\InstallShield_{DEA491FB-48BC-4B6B-8902-FCD4BAB069BE}) (Version: 5.9.7 - PACE Anti-Piracy, Inc.)
Insaniquarium Deluxe (HKLM-x32\...\WTA-19621073-9568-4010-b000-fff8f23138d4) (Version: 2.2.0.97 - WildTangent) Hidden
Intel® C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.7 - PACE Anti-Piracy, Inc.)
IPM_PSP_COM64 (HKLM\...\{17704FA2-B1D2-4D5C-A23D-BDA0D2BC9CC7}) (Version: 17.3.0.30 - Corel Corporation) Hidden
Jewel Match 3 (HKLM-x32\...\WTA-13d50d78-eee8-42a4-b45c-de532db35f74) (Version: 2.2.0.97 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-902e2c2d-fcbb-4358-bfe0-717cb825ab05) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM-x32\...\{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.761 - Kaspersky Lab) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.761 - Kaspersky Lab)
Kobo (HKLM-x32\...\Kobo) (Version: 3.15.0 - Rakuten Kobo Inc.)
Kodi (HKCU\...\Kodi) (Version:  - XBMC-Foundation)
Kolor Autopano Pro 3.6 (HKLM\...\AutopanoPro3.6) (Version: V3.6.3 - Kolor)
Kolor Autopano Pro 3.7 (HKLM\...\AutopanoPro3.7) (Version: V3.7.1 - Kolor)
Kolor Autopano Pro 4.0 (HKLM\...\AutopanoPro4.0) (Version: V4.0.0 - Kolor)
Kolor Autopano Pro 4.2 (HKLM\...\AutopanoPro4.2) (Version: V4.2.1 - Kolor)
kowoma_switzerland (HKLM-x32\...\kowoma_switzerland) (Version:  - )
KUSO EXIF Viewer (HKLM-x32\...\KUSO EXIF Viewer) (Version:  - )
LightSOURCE Second Edition (HKLM-x32\...\{3473B1D3-3812-4C59-8715-2D5D1743BEFB}) (Version: 2.00.0000 - CodeName: MANA LLC)
Linn Download Manager (HKLM-x32\...\{8D6E4CD7-58D5-D10E-F6C2-9530663445DF}) (Version: 1.2.1 - Linn Products Ltd) Hidden
Linn Download Manager (HKLM-x32\...\com.linnrecords.DownloadManager) (Version: 1.2.1 - Linn Products Ltd)
Logiciel pour périphérique à chipset Intel® (HKLM-x32\...\{5ae11e9e-c192-4030-97b5-2f83e0edf570}) (Version: 10.0.24 - Intel® Corporation) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
MAGIX Audio Cleanic 2013 (HKLM\...\{B6D411CA-163A-472F-8FFE-33A686672EFC}) (Version: 19.0.0.10 - MAGIX AG) Hidden
MAGIX Audio Cleanic 2013 (HKLM-x32\...\MAGIX_{B6D411CA-163A-472F-8FFE-33A686672EFC}) (Version: 19.0.0.10 - MAGIX AG)
Magix Audio Cleanic 2013 Update (HKLM\...\{1914FEE5-4263-412E-B17F-CA9240B176DA}) (Version: 19.0.1.12 - MAGIX AG) Hidden
MAGIX Burn routines (HKLM-x32\...\{7F2B12E7-2302-4A86-AE26-33DDD84E478A}) (Version: 9.0.0.193 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM\...\{A3C61317-1811-4FEB-8329-2E93E5DE854A}) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{A3C61317-1811-4FEB-8329-2E93E5DE854A}) (Version: 7.0.1.27 - MAGIX Software GmbH)
MAGIX Vidéo deluxe 2013 Plus (effets de titres) (HKLM\...\{539C8989-6AED-480F-AAFF-F66BC420E723}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (effets de titres) (HKLM-x32\...\MAGIX_{539C8989-6AED-480F-AAFF-F66BC420E723}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (Effets de transition) (HKLM\...\{2EFD2A73-A219-44AF-8017-BFBCA4DB455C}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (Effets de transition) (HKLM-x32\...\MAGIX_{2EFD2A73-A219-44AF-8017-BFBCA4DB455C}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (Éléments de design) (HKLM\...\{432C4A13-0414-4B0C-AB3F-F89B99F453AB}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (Éléments de design) (HKLM-x32\...\MAGIX_{432C4A13-0414-4B0C-AB3F-F89B99F453AB}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (HKLM\...\{C91D3B3F-BA53-49F1-A352-2E6E648F2301}) (Version: 12.0.0.32 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (HKLM-x32\...\MAGIX_{C91D3B3F-BA53-49F1-A352-2E6E648F2301}) (Version: 12.0.0.32 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (modèles de films) (HKLM\...\{E586CDBD-B2F6-4AF9-89EA-C206F3A4BD91}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (modèles de films) (HKLM-x32\...\MAGIX_{E586CDBD-B2F6-4AF9-89EA-C206F3A4BD91}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (Modèles de menus 1) (HKLM\...\{B402AD7F-4F13-432E-B42C-39FA8B2EA215}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (Modèles de menus 1) (HKLM-x32\...\MAGIX_{B402AD7F-4F13-432E-B42C-39FA8B2EA215}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (Modèles de menus 2) (HKLM\...\{E6B6A382-204E-4115-B276-B866939D1591}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (Modèles de menus 2) (HKLM-x32\...\MAGIX_{E6B6A382-204E-4115-B276-B866939D1591}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (Modèles de menus à personnaliser) (HKLM\...\{A497603A-4E61-4174-A010-727C479745B3}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (Modèles de menus à personnaliser) (HKLM-x32\...\MAGIX_{A497603A-4E61-4174-A010-727C479745B3}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (Projet de démonstration) (HKLM\...\{2F2D3D5D-AEBC-4FDA-8348-089A3465B323}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (Projet de démonstration) (HKLM-x32\...\MAGIX_{2F2D3D5D-AEBC-4FDA-8348-089A3465B323}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (Styles Photoshow Maker 1) (HKLM\...\{A2CC226F-19E6-4ECB-B089-5E944E044AF1}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (Styles Photoshow Maker 1) (HKLM-x32\...\MAGIX_{A2CC226F-19E6-4ECB-B089-5E944E044AF1}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (Styles Photoshow Maker 2) (HKLM\...\{645130F2-E3A2-4426-9BFD-D5E1691D8FA3}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (Styles Photoshow Maker 2) (HKLM-x32\...\MAGIX_{645130F2-E3A2-4426-9BFD-D5E1691D8FA3}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (Styles Soundtrack Maker) (HKLM\...\{A92969A9-5595-4919-9D7B-34CE35C7E8EF}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (Styles Soundtrack Maker) (HKLM-x32\...\MAGIX_{A92969A9-5595-4919-9D7B-34CE35C7E8EF}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (Video Plugins) (HKLM\...\{6171316C-9234-4FD5-B566-A31DFDCE9784}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (Video Plugins) (HKLM-x32\...\MAGIX_{6171316C-9234-4FD5-B566-A31DFDCE9784}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2013 Plus (Vidéos d'introduction) (HKLM\...\{AAA49663-0908-494D-917C-B092532BAFBC}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vidéo deluxe 2013 Plus (Vidéos d'introduction) (HKLM-x32\...\MAGIX_{AAA49663-0908-494D-917C-B092532BAFBC}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vidéo deluxe 2015 Premium (HKLM\...\{D23C4A4D-F83B-4B7E-B72A-91C41A04833E}) (Version: 14.0.0.153 - MAGIX Software GmbH) Hidden
MAGIX Vidéo deluxe 2015 Premium (HKLM\...\MX.{D23C4A4D-F83B-4B7E-B72A-91C41A04833E}) (Version: 14.0.0.153 - MAGIX Software GmbH)
MAGIX Vidéo deluxe 2015 Premium (modèles de films 1) (HKLM\...\{803CF778-1DA5-49A0-A331-C452B87FB59F}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Vidéo deluxe 2015 Premium (modèles de films 1) (HKLM\...\MX.{803CF778-1DA5-49A0-A331-C452B87FB59F}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Vidéo deluxe 2015 Premium (modèles de films 2) (HKLM\...\{C11EE45A-7737-43C3-9C74-5AD40DEE27FC}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Vidéo deluxe 2015 Premium (modèles de films 2) (HKLM\...\MX.{C11EE45A-7737-43C3-9C74-5AD40DEE27FC}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Vidéo deluxe 2015 Premium (modèles de films 3) (HKLM\...\{88E50B16-45C4-4DC0-8EF8-CF121AC8C2C3}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Vidéo deluxe 2015 Premium (modèles de films 3) (HKLM\...\MX.{88E50B16-45C4-4DC0-8EF8-CF121AC8C2C3}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Vidéo deluxe 2015 Premium (modèles de films 4) (HKLM\...\{FF43870C-29D8-4304-9E7C-32A4BC528E4B}) (Version: 1.0.1.0 - MAGIX Software GmbH) Hidden
MAGIX Vidéo deluxe 2015 Premium (modèles de films 4) (HKLM\...\MX.{FF43870C-29D8-4304-9E7C-32A4BC528E4B}) (Version: 1.0.1.0 - MAGIX Software GmbH)
MAGIX Vidéo deluxe 2015 Premium (modèles de films 5) (HKLM\...\{ADC8A522-5E43-4337-83E7-66B8AC8A58F2}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Vidéo deluxe 2015 Premium (modèles de films 5) (HKLM\...\MX.{ADC8A522-5E43-4337-83E7-66B8AC8A58F2}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Vidéo deluxe 2015 Premium (modèles de films 6) (HKLM\...\{40772F42-809E-4D7C-BFD7-1197A7B813D1}) (Version: 1.0.1.0 - MAGIX Software GmbH) Hidden
MAGIX Vidéo deluxe 2015 Premium (modèles de films 6) (HKLM\...\MX.{40772F42-809E-4D7C-BFD7-1197A7B813D1}) (Version: 1.0.1.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Premium Update (HKLM\...\{63369EB5-CE68-4B79-BCDD-E2EACD451246}) (Version: 14.0.0.172 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus 2013 Update (HKLM\...\{437B9AF4-4734-4BE7-A656-8FA5A6756DD7}) (Version: 12.0.2.2 - MAGIX AG) Hidden
MAGIX Video deluxe Plus 2013 Update (HKLM\...\{E6FD1013-27CC-4122-96EE-5E2ED42B3C40}) (Version: 12.0.4.2 - MAGIX AG) Hidden
MAGIX Video deluxe Plus 2013 Update (HKLM\...\{E990584C-9908-452E-A3EC-4714329B2F5F}) (Version: 12.0.3.4 - MAGIX AG) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Melodyne Runtime 4.1 (x64) (HKLM\...\{53EE2829-E9DB-4913-B3EA-96F10F84E98B}) (Version: 1.0.1 - Celemony Software GmbH)
Melodyne singletrack (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 2.01.0115 - Celemony Software GmbH)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Migros Photo Service (HKLM-x32\...\Migros Photo Service) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
Module externe DxO OpticsPro 10 pour Adobe Lightroom (HKLM-x32\...\{79C97462-1598-48CD-B597-8B3C3C5A20B8}) (Version: 1.0.30 - DxO Labs)
MOTU Hardware (HKLM\...\{D3896665-69A3-42B3-B33D-2FCC751547FD}) (Version: 4.0.5.9644 - MOTU)
Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{0A32B8F3-011F-4E2C-A87D-55791BA1470D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{0CD05078-D4F3-4006-8726-B01E10A89B28}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{23071FD0-7328-4FF7-AF8A-DEB8E0DEFCFA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{26E474C7-E63A-4EC2-A08C-909B996AA75D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3B5AAF87-531E-4163-BE79-8989FC249173}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3DB68967-DC34-41B1-A420-C300716AA51C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{57430A7B-EB42-41ED-88F8-ACB2DEDB8416}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5D3B997B-DF28-4BC1-82E6-E6C29A53AF6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{AC20CAEC-CC13-4877-A7DC-30BC97936645}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{C05F4139-CB6B-4272-A0BF-861FEB667F27}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DEA34BD6-47C4-4505-895D-139327473329}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{E668DD34-04FA-4A11-B07A-8CBA2119401B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F215DDB5-BE2A-4453-BABF-8790434F65D0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F78F19A8-F3F5-4407-B98B-F23ACC82DBF5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F7954B53-8522-450D-B262-B362B440FEC0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{FDF7A21E-3AEF-46AB-AC22-2BDFF8C9B553}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 fr)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
MrvlUsgTracking (HKLM-x32\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)
MrvlUsgTracking64 (HKLM\...\{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}) (Version: 1.0.1 - Marvell Semiconductor Pvt Ltd)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
Mystery of Mortlake Mansion (HKLM-x32\...\WTA-726a9568-2af4-4772-a716-6241e24fb83e) (Version: 2.2.0.98 - WildTangent) Hidden
Nero 7 Essentials (HKLM-x32\...\{1DED92A7-05FA-4736-8AEA-1BE2363F1036}) (Version: 7.02.9463 - Nero AG)
Nikon Scan (HKLM-x32\...\{9AE4AC96-A5F4-4F19-9D13-066C8B3CE034}) (Version: 4.0 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
Oloneo PhotoEngine (HKLM\...\Oloneo PhotoEngine) (Version: 1.1.400.429 - Oloneo SAS)
OMNINAS Finder 1.19 (HKLM-x32\...\OMNINAS Finder) (Version: 1.19 - Shuttle, Inc.)
Online Bible 12.34 (HKCU\...\OnlineBible) (Version:  - )
Online Bible 12.34 (HKLM-x32\...\OnlineBible) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{121727D5-FDF3-4723-BA57-EB383440ED72}) (Version: 4.11.9775 - Apache Software Foundation)
OSM generic routable (HKLM-x32\...\OSM generic routable) (Version:  - )
PACE License Support Win64 (HKLM\...\{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.)
Package de pilotes Windows - Anoto AB (PayPen) Input Pen  (09/28/2007 2.0.0.0) (HKLM\...\B0FFC364CE14DAFAFC484A60C2BB7758BC842A8F) (Version: 09/28/2007 2.0.0.0 - Anoto AB)
PayPen (HKLM-x32\...\{8CD52C41-69B2-4DE6-BFA0-E82FABE5E056}) (Version: 1.5.0.0 - C Technologies, Anoto AB) Hidden
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Penguins! (HKLM-x32\...\WTA-87769a15-6d59-44cf-a558-aae638cf6217) (Version: 2.2.0.95 - WildTangent) Hidden
Perfect Effects 8 (HKLM-x32\...\{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}) (Version: 8.1.0 - onOne Software)
PIPP 2.5.2 (HKLM-x32\...\PIPP) (Version: 2.5.2 - Chris Garry)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-db330f75-89a1-4d2f-a31b-40214bd996d8) (Version: 2.2.0.95 - WildTangent) Hidden
PlayStation®Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation®Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.18.0.15698 - Sony Computer Entertainment Inc.)
Poczta usługi Windows Live (HKLM-x32\...\{45FF54A4-ECD4-455D-89A2-D209737AD726}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Polar Bowler (HKLM-x32\...\WTA-3d3faf4d-2623-487b-8409-f504d9049cf7) (Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (HKLM-x32\...\{125D677D-7C65-4660-8E1C-68EF9F32F291}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PrintPratic (HKLM-x32\...\PrintPratic) (Version:  - Micro Application)
PSE11 STI Installer (HKLM-x32\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PSPPContent (HKLM-x32\...\{17289BF4-5826-447B-A20A-738044D0B3E5}) (Version: 17.3.0.30 - Corel Corporation) Hidden
PSPPHelp (HKLM-x32\...\{1735F0DE-B173-4116-BABC-653A12FB9238}) (Version: 17.3.0.30 - Corel Corporation) Hidden
PSPPro64 (HKLM\...\{17511557-C430-486A-AB5A-87A8134B2613}) (Version: 17.3.0.30 - Corel Corporation) Hidden
QUAD-CAPTURE Driver (HKLM\...\RolandRDID0117) (Version:  - Roland Corporation)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.)
RegiStax 6 (HKCU\...\RegiStax 6) (Version:  - )
RegiStax 6.1.0.8 update (HKCU\...\RegiStax 6.1.0.8 update) (Version:  - )
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.06.00.04(29/01/2016) - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.103.0 - SAMSUNG Electronics Co., Ltd.)
Setup (HKLM-x32\...\{17088A4E-3CF3-4F12-926D-2A9E8085B8EC}) (Version: 17.3.0.30 - Nom de votre société) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Slingo Deluxe (HKLM-x32\...\WTA-9e7adc4f-9102-4ab9-88cb-822119acd476) (Version: 2.2.0.95 - WildTangent) Hidden
Soda PDF 7 (HKLM-x32\...\Soda7) (Version: 7.0.137.20994 - LULU Software Limited)
Soda PDF 7 Asian Fonts Pack (HKLM-x32\...\{01493BEA-EF17-4F89-8BC4-71F3A53170A6}) (Version: 7.1.5.21089 - LULU Software Limited) Hidden
Soda PDF 7 Convert Module (HKLM-x32\...\{8FC4C02B-0829-494A-9463-7F9B1CE983A7}) (Version: 7.1.5.21089 - LULU Software Limited) Hidden
Soda PDF 7 Create Module (HKLM-x32\...\{66DF252F-B414-43A2-807A-9C3C2EEF25CB}) (Version: 7.1.5.21089 - LULU Software Limited) Hidden
Soda PDF 7 Edit Module (HKLM-x32\...\{13A73ACA-68D7-4DB3-B1F3-E5B50AEF4027}) (Version: 7.1.5.21089 - LULU Software Limited) Hidden
Soda PDF 7 Forms Module (HKLM-x32\...\{E41A963E-3BED-455E-A47C-17D029BB444D}) (Version: 7.1.5.21089 - LULU Software Limited) Hidden
Soda PDF 7 Insert Module (HKLM-x32\...\{B2B7BD08-69F1-4F53-96FC-50FF0E22174C}) (Version: 7.1.5.21089 - LULU Software Limited) Hidden
Soda PDF 7 OCR Module (HKLM-x32\...\{5619D18F-5C33-4C1C-84C7-FFE24CA7122E}) (Version: 7.1.5.21089 - LULU Software Limited) Hidden
Soda PDF 7 Review Module (HKLM-x32\...\{CF73CFFB-F70A-4241-9A58-9193BE2E5B9F}) (Version: 7.1.5.21089 - LULU Software Limited) Hidden
Soda PDF 7 Secure Module (HKLM-x32\...\{19BD04F7-9255-4139-96D0-799C175D0FA5}) (Version: 7.1.5.21089 - LULU Software Limited) Hidden
Soda PDF 7 View Module (HKLM-x32\...\{BFDD3D91-19A3-4068-8107-61E7F8834804}) (Version: 7.1.5.21089 - LULU Software Limited) Hidden
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Subtitle Workshop 6.0b (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
SubtitleCreator (HKLM-x32\...\SubtitleCreator) (Version: V2.3rc1 - Erik Vullings)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tablette Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.1.7-3 - Wacom Technology Corp.)
TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
Topo Schweiz/Suisse v2 (HKLM-x32\...\{3AC863D6-8E32-42CC-8B57-271D431F0D1E}) (Version: 2.00 - Garmin Deutschland GmbH)
Torchlight (HKLM-x32\...\WTA-01825c2a-e41b-4f56-9dac-8d99d5b2ad06) (Version: 2.2.0.97 - WildTangent) Hidden
TSP_CODEC (HKLM-x32\...\{A90C03D6-08E1-4C59-B93B-6919A6C0AC19}) (Version: 1.00.0000 - Bytescribe)
TUSBAudio Driver v1.61.0 (HKLM-x32\...\TUSBAudio Driver v1.61.0) (Version: 1.61.0 - USBAudio)
UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.075 - Aten International Co., Ltd.)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.13 - Samsung Electronics CO., LTD.)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Valokuvavalikoima (HKLM-x32\...\{B315ABA6-8217-484E-9AC5-38806E265664}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Virtual Audio Cable 4.12 (HKLM\...\Virtual Audio Cable 4.12) (Version:  - )
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-9fc580e5-8702-43ec-81ba-9bbd6a64a3bc) (Version: 2.2.0.97 - WildTangent) Hidden
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.3.0.8766 - PACE Anti-Piracy, Inc.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VueScan (HKLM\...\VueScan) (Version:  - )
VueScan x32 (HKLM-x32\...\VueScan x32) (Version:  - )
VueScan x64 (HKLM\...\VueScan x64) (Version:  - )
WaveLab Elements 7 (HKLM-x32\...\WaveLabElements7) (Version: 7.2.1.600 - Steinberg)
Waves Central V1.0.3.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}) (Version: 1.0.4 - Waves)
WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.1 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
Wedding Dash (HKLM-x32\...\WTA-708f58b0-87e7-424d-9572-113f2c2042e8) (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (Acer Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.5.14 - WildTangent) Hidden
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Womble EasySub 2.0.0.110 (10/2015) (HKLM-x32\...\Womble EasySub) (Version: 2.0.0.110 (10/2015) - Womble Multimedia, Inc.)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zuma Deluxe (HKLM-x32\...\WTA-6567d0ca-fb7e-4d01-89d1-cc4ff1d08e3a) (Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{D177E45E-2BA3-42C1-8570-CCA2217B958C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{C325D201-108B-410F-98F7-F3F1B3CA555A}) (Version: 16.4.3528.0331 - Корпорация Майкрософт) Hidden
Фотоальбом (HKLM-x32\...\{B27EB36C-9860-42FD-AA90-23648E49F15C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотогалерия (HKLM-x32\...\{3AAB928E-40E9-4DC5-A9CC-FB979E1B2C03}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (HKLM-x32\...\{7D6C9057-7F50-4CAB-A557-A68A7932B48E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
גלריית התמונות (HKLM-x32\...\{F1BEEA80-1419-45EE-A4C7-41FD4450ED92}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{CDFECFAC-D979-48BA-BBF3-7B2F74A2252A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
معرض الصور (HKLM-x32\...\{CF15F988-98D4-479F-9750-85A495BF8233}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
影像中心 (HKLM-x32\...\{D3F0882C-4948-4BAA-9720-47CC4D9AEF54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

========================= Devices: ================================

Name: MGE UPS with PnP INTERFACE
Description: MGE UPS with PnP INTERFACE
Class Guid:
Manufacturer:
Service:
Device ID: SERENUM\MGE0002\8&A8C68D7&1&0000
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 16076.51 MB
Available physical RAM: 13015.52 MB
Total Virtual: 17076.51 MB
Available Virtual: 13579.44 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:124.36 GB) (Free:23.67 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:2794.39 GB) (Free:1101.19 GB) NTFS
6 Drive s: (DATA2) (Fixed) (Total:114.11 GB) (Free:35.4 GB) NTFS

========================= Users: ========================================

comptes d'utilisateurs de \\SEB-PC-BUREAU

Administrateur           DefaultAccount           Invit‚                   
sebandre                 
La commande s'est termin‚e correctement.

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================


**** End of log ****
 



#7 Jo*

Jo*

  • Malware Response Team
  • 3,319 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:37 PM

Posted 20 April 2016 - 12:59 PM

Hello,

:step1: Run Malwarebytes Anti-Rootkit again: Right-click mbar.exe and select Run As Administrator
  • Scan your system for malware
  • If malware is found, click on the Cleanup
  • button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • then please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step2: Enable System Restore now:
Enable or Disable System Restore in Windows 7 and Windows 8
Turn On System Restore in Windows 10

Create a restore point now!



***


:step3: Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#8 ssebs

ssebs
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 21 April 2016 - 01:55 AM

Hi,

 

Here are the results:

 

mbar still didn't detected anything

 

 

 

 

 

 

 

 

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.04.20.04
  rootkit: v2016.04.17.01

Windows 10 x64 NTFS
Internet Explorer 11.212.10586.0
sebandre :: SEB-PC-BUREAU [administrator]

20/04/2016 20:40:27
mbar-log-2016-04-20 (20-40-27).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 475505
Time elapsed: 13 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Home x64
Ran by sebandre (Administrator) on 21/04/2016 at  8:52:15.00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21/04/2016 at  8:53:01.55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#9 Jo*

Jo*

  • Malware Response Team
  • 3,319 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:37 PM

Posted 21 April 2016 - 02:28 AM

Hello again,

:step1: We need to download Temp File Cleaner (TFC) by OldTimer:
  • Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
  • Save and close all running applications
  • Double-click on TFC.exe to run the program
  • Click on Start to begin the cleaning process note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • When the scan is complete, if you were not asked to reboot the computer, please do so now
More Information can be found about the tool here:
http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/



***


:step2: ESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Open the scan log and copy and paste the content to your next reply.
 

***


:step3: How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#10 ssebs

ssebs
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 25 April 2016 - 02:45 AM

Hi,

 

I finally had time to run ESET last night.

 

Here is the log:

 

C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Acer Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    cleaned by deleting
C:\Program Files (x86)\VaudTax 2012\lib\dvbern-lib-update.jar    Win32/Elevate.A potentially unsafe application    deleted
C:\Program Files (x86)\VaudTax 2013\lib\dvbern-lib-update.jar    Win32/Elevate.A potentially unsafe application    deleted
C:\Program Files (x86)\VaudTax 2014\lib\dvbern-lib-update.jar    Win32/Elevate.A potentially unsafe application    deleted
C:\Program Files (x86)\VaudTax 2015\lib\dvbern-lib-update.jar    Win32/Elevate.A potentially unsafe application    deleted
D:\Documents\installeurs logiciels\magix\magix video deluxe plus\2013\Video_deluxe_2013_Plus_DLV_fr-FR_120824_11-56_12_0_0_32.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted
D:\Documents\installeurs logiciels\magix\magix video deluxe plus\2013\addon\Ask\AskInstallChecker-1.5.0.0.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    cleaned by deleting
D:\Documents\installeurs logiciels\magix\magix video deluxe plus\2013\addon\Ask\askToolbarInstaller-1.14.1.0.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    cleaned by deleting
D:\Google Drive\Martine-Sebandre-partage\aide Sebandré à Martine\pour windows 10 - et kodi\VaudTax_2012.exe    Win32/Elevate.A potentially unsafe application    deleted
D:\Internet\download\antivirus\avira_free_antivirus_fr.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted
D:\Internet\download\mp3tools\Setup_FreeConverter.exe    a variant of Win32/Toolbar.Widgi potentially unwanted application    deleted
D:\Internet\download\outils système\ccsetup515.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted
D:\Internet\download\outils système\UBCD4WinV360.exe    a variant of Win32/Toolbar.Conduit.I potentially unwanted application    deleted
D:\Internet\download\outils système\utilitaires backup-copie\FreeFileSync_6.14_Win_Setup.exe    Win32/FusionCore.A potentially unwanted application    deleted
D:\Internet\download\sound\Audio_Cleanic_2013_DLV_fr-FR_121001_11-01_19_0_0_10.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted
D:\Internet\download\sound\switchsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted
D:\Internet\download\vaudtax\VaudTax_2012.exe    Win32/Elevate.A potentially unsafe application    deleted
D:\Internet\download\vaudtax\VaudTax_2013.exe    Win32/Elevate.A potentially unsafe application    deleted
D:\Internet\download\vaudtax\VaudTax_2014.exe    Win32/Elevate.A potentially unsafe application    deleted
D:\Internet\download\vaudtax\VaudTax_2015.exe    Win32/Elevate.A potentially unsafe application    deleted
D:\Internet\download\video\aTubeCatcher.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    deleted
D:\sound\software\tools\Setup_KRAC_EN.exe    Win32/Toolbar.Widgi potentially unwanted application    deleted
 

 

I had to undelete several of these files, because they are useful software, in particular VaudTax.

 

Now my pc seems to be ok, I don't use anymore IE, but Firefox for browsing, and on Firefox I don't have strange behaviour.



#11 Jo*

Jo*

  • Malware Response Team
  • 3,319 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:37 PM

Posted 25 April 2016 - 03:30 AM

It Appears That Your Pc Is Now Clean!


***


Clean up:


***


Right-click AdwCleaner.exe and select Run As Administrator.
  • Click on the Uninstall button.
  • A window will open, press the Confirm button.
  • AdwCleaner will uninstall now.

***


Clean up with delfix:
  • please download delfix to your desktop.
  • Close all other programms and start delfix.
  • Please check all the boxes and run the tool.
  • delfix will now delete all found traces of our removal process

***


Delete the log files our tools created; they are located at your desktop or at the
"c:\users\{.......}\Downloads" folder.
Highlight them, and press the del or delete key on the keyboard.
You can browse to the location of the file or folder using either My Computer or Windows Explorer.


***


Here are some Preventive tips to reduce the potential for spyware infection in the future

:step1: Browse more secure :step2: Make sure you keep your Windows OS current.
  • Windows XP users can visit Windows update regularly to download and install any critical updates and service packs.
  • Windows Vista / 7 / 8 users can update via
    Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane).
:step3: Avoid P2P
  • If you think you're using a "safe" P2P program, only the program is safe, not the data.
  • You will share files from unsafe sources, and these may be infected.
  • Some bad guys use P2P filesharing as an important chanel to spread their wares.
:step4: Use only one anti-virus software and keep it up-to-date.

:step5: Firewall
Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

:step6: Backup regularly
You never know when your PC will become unstable or become so infected that you can't recover it.

:step7: Use Strong passwords!

:step8: Email attachments
Do not open any unknown email attachments, which you received without asking for it!


Extra note:
Keep your Browser, Java, pdf Reader and Adobe Flash Up to Date.
And you could install Malwarebytes Anti-Exploit to run alongside your traditional anti-virus or anti-malware products.

Make sure your programs are up to date - because older versions may contain Security Leaks.


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users