Astromenda et GO.speed.com
fredo64220
Messages postés
4
Date d'inscription
Statut
Membre
Dernière intervention
-
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Je m adresse a vous en espérant que vous pourrez m aider a trouver une solution a mon problème , que je vous expose maintenant :
Impossible pour moi d enlever le logiciel Maconfig.com ainsi que Astromenda et GO.speed.com , j ai essayer en mode sans echec avec Malware , rien n y fait :-/ de plus la lecture sur youtube ne passe qu en 240 , au dela , elle beug , et ma webcam ne fonctionne pas non plus . je n y comprends rien , elle est ce lie avec le fait que ces virus soient a l origine de tous ses beug ??
mon ordi est un Emachine , il tourne sous Window 7 .
Je vous remercie , par avance , de l attention que vos voudrez bien porter a ce mail et vous souhaite une bonne journee
Impossible pour moi d enlever le logiciel Maconfig.com ainsi que Astromenda et GO.speed.com , j ai essayer en mode sans echec avec Malware , rien n y fait :-/ de plus la lecture sur youtube ne passe qu en 240 , au dela , elle beug , et ma webcam ne fonctionne pas non plus . je n y comprends rien , elle est ce lie avec le fait que ces virus soient a l origine de tous ses beug ??
mon ordi est un Emachine , il tourne sous Window 7 .
Je vous remercie , par avance , de l attention que vos voudrez bien porter a ce mail et vous souhaite une bonne journee
A voir également:
- Astromenda et GO.speed.com
- Astromenda - Forum Virus
- Me débarrasser d'astromenda ✓ - Forum Virus
7 réponses
Salut,
Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
* Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
* Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
Merci bien , de m avoir répondu aussi vite !
Voici le rapport de AdwCleaner :
# AdwCleaner v4.101 - Rapport créé le 18/11/2014 à 17:49:14
# Mis à jour le 09/11/2014 par Xplode
# Database : 2014-11-16.1 [Live]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : cash - FALL
# Exécuté depuis : C:\Users\cash\Downloads\adwcleaner_4.101.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Google Chrome v
[C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms}
*************************
AdwCleaner[R4].txt - [3979 octets] - [09/11/2014 14:33:44]
AdwCleaner[R5].txt - [1071 octets] - [18/11/2014 17:27:50]
AdwCleaner[S4].txt - [3859 octets] - [09/11/2014 14:36:36]
AdwCleaner[S5].txt - [996 octets] - [18/11/2014 17:49:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1055 octets] ##########
Voici le rapport de AdwCleaner :
# AdwCleaner v4.101 - Rapport créé le 18/11/2014 à 17:49:14
# Mis à jour le 09/11/2014 par Xplode
# Database : 2014-11-16.1 [Live]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : cash - FALL
# Exécuté depuis : C:\Users\cash\Downloads\adwcleaner_4.101.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Google Chrome v
[C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms}
*************************
AdwCleaner[R4].txt - [3979 octets] - [09/11/2014 14:33:44]
AdwCleaner[R5].txt - [1071 octets] - [18/11/2014 17:27:50]
AdwCleaner[S4].txt - [3859 octets] - [09/11/2014 14:36:36]
AdwCleaner[S5].txt - [996 octets] - [18/11/2014 17:49:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1055 octets] ##########
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
* FRST.txt
* Shortcut.txt
* Additionnal.txt
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Cela va générer trois rapports FRST :
* FRST.txt
* Shortcut.txt
* Additionnal.txt
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Salut ,
Voici le rapport généré par Malekal.com :
( je n ai pas réussi a l installer sur le bureau , je l ' ai télécharger depuis Mozilla
Firefox et exécuter depuis celui ci ) :
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-11-2014
Ran by cash (administrator) on FALL on 20-11-2014 01:53:02
Running from C:\Users\cash\Downloads
Loaded Profile: cash (Available profiles: cash)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Speedbit Ltd.) C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-05-28] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-602609182-1199975628-2500924996-1001\...\MountPoints2: D - D:\Opendisc.exe
HKU\S-1-5-21-602609182-1199975628-2500924996-1001\...\MountPoints2: {822f5c92-6d19-11e2-9900-60eb69f99e6d} - F:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\S-1-5-21-602609182-1199975628-2500924996-1001 -> {5FC327B8-4D99-454B-8798-2029D72227C5} URL = https://www.google.com/webhp{searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-602609182-1199975628-2500924996-1001 -> No Name - {56444A2D-5637-006A-76A7-7A786E7484D7} - No File
Tcpip\Parameters: [DhcpNameServer] 109.0.66.10 109.0.66.20
FireFox:
========
FF ProfilePath: C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\704hr2mv.default
FF Homepage:
FF Keyword.URL: hxxp://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-29]
Chrome:
=======
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir=
CHR StartupUrls: Default -> "hxxp://astromenda.com/?f=7&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir=", "hxxp://go.speedbit.com/?pid=s"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll No File
CHR Plugin: (Java Deployment Toolkit 8.0.250.18) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 8 U25) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (RealPlayer Video Downloader (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Video Downloader for HTML5 (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Video Downloader for PepperFlash (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Google Update) - C:\Users\cash\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
CHR Profile: C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-03]
CHR Extension: (Google Docs) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-01]
CHR Extension: (Google Drive) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-01]
CHR Extension: (Search) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-01]
CHR Extension: (Google Sheets) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-03]
CHR Extension: (RealPlayer Downloader) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-05-29]
CHR Extension: (Google Wallet) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-01]
CHR Extension: (Gmail) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-29]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-29] (AVAST Software)
R2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-28] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
R2 SBUpd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe [2545272 2014-04-15] (Speedbit Ltd.)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
S3 GameConsoleService; "C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe" [X]
S2 VideoAcceleratorService; C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe -start -scm [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-29] ()
S3 AUDIOPHONY_DJAZZ_PRO_MIDI; C:\Windows\System32\drivers\apdjazzm.sys [37616 2012-01-09] (Ploytec GmbH)
S3 AUDIOPHONY_DJAZZ_PRO_USB; C:\Windows\System32\Drivers\apdjazzu.sys [424688 2012-01-09] (Ploytec GmbH)
S3 AUDIOPHONY_DJAZZ_PRO_WDM; C:\Windows\System32\drivers\apdjazza.sys [54000 2012-01-09] (Ploytec GmbH)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [154112 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [144896 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-16] (Malwarebytes Corporation)
S3 netr7364; C:\Windows\System32\DRIVERS\netr7364.sys [575488 2011-09-04] (Ralink Technology, Corp.) [File not signed]
S3 NUMARK_NS6_MIDI; C:\Windows\System32\drivers\ns6_midi.sys [31296 2011-03-30] (Numark)
S3 NUMARK_NS6_USB; C:\Windows\System32\Drivers\ns6_usb.sys [416320 2011-03-30] (Ploytec GmbH)
S3 NUMARK_NS6_WDM; C:\Windows\System32\drivers\ns6_wdm.sys [54336 2011-03-30] (Numark)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [848384 2011-06-01] (Realtek Semiconductor Corporation ) [File not signed]
R3 SBUpdd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys [41368 2014-04-15] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-10-01] (C-Media Electronics Inc)
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 DKbFltr; SysWOW64\Drivers\DKbFltr.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 01:52 - 2014-11-20 01:52 - 00046268 _____ () C:\Users\cash\Downloads\Shortcut.txt
2014-11-20 01:47 - 2014-11-20 01:52 - 00028318 _____ () C:\Users\cash\Downloads\Addition.txt
2014-11-20 01:45 - 2014-11-20 01:54 - 00018023 _____ () C:\Users\cash\Downloads\FRST.txt
2014-11-20 01:44 - 2014-11-20 01:53 - 00000000 ___DC () C:\FRST
2014-11-20 01:42 - 2014-11-20 01:43 - 02117120 _____ (Farbar) C:\Users\cash\Downloads\FRST64.exe
2014-11-20 01:33 - 2014-11-20 01:33 - 01029080 _____ (CyberLink) C:\Users\cash\Downloads\CyberLink_PowerDirector_Downloader.exe
2014-11-18 19:23 - 2014-11-18 19:23 - 00001168 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-18 19:23 - 2014-11-18 19:23 - 00001156 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-18 19:23 - 2014-11-18 19:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-18 19:12 - 2014-11-18 19:18 - 36588256 _____ () C:\Users\cash\Downloads\Firefox Setup 33.1.1.exe
2014-11-18 18:43 - 2014-11-18 18:43 - 00001161 _____ () C:\Users\cash\Desktop\AdwCleaner[S5].txt
2014-11-18 17:25 - 2014-11-18 17:26 - 02140160 _____ () C:\Users\cash\Downloads\adwcleaner_4.101.exe
2014-11-18 17:17 - 2014-11-18 17:17 - 00001273 _____ () C:\Users\cash\Desktop\Revo Uninstaller.lnk
2014-11-18 17:17 - 2014-11-18 17:17 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-18 17:16 - 2014-11-18 17:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\cash\Downloads\revouninstaller_1-95_fr_39528.exe
2014-11-16 04:07 - 2014-11-19 23:00 - 00179238 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 17:38 - 2014-11-13 17:38 - 00000095 ____H () C:\Users\cash\Documents\.~lock.cv 2014.odt#
2014-11-12 13:14 - 2014-11-12 13:14 - 00000000 __SHD () C:\Users\cash\AppData\Local\EmieBrowserModeList
2014-11-11 19:27 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 19:27 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:27 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 19:27 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 19:27 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 19:27 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 19:27 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 19:27 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 19:27 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 19:27 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:27 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 19:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 19:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 19:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 19:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 19:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 19:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 19:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 19:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 19:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 19:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 19:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 19:25 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:25 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:25 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 19:25 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 19:25 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:25 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 19:25 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:25 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 19:25 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:25 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:25 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 19:25 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 19:25 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 19:24 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 19:24 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 19:24 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 19:24 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 19:24 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 19:24 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 19:24 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 19:24 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 19:24 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 19:19 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 19:19 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 19:19 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 19:19 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 19:18 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 19:18 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 19:18 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 19:18 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 19:18 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 19:18 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 19:18 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 19:18 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 19:18 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 19:18 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 02:51 - 2014-11-10 02:51 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Publish Providers
2014-11-10 01:37 - 2014-11-10 01:45 - 00000000 ____D () C:\Users\cash\AppData\Local\Sony
2014-11-10 01:32 - 2014-11-10 02:51 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Sony
2014-11-10 01:12 - 2014-11-10 01:31 - 411058696 _____ (Sony Creative Software Inc.) C:\Users\cash\Downloads\vegaspro13.0.373_64bit.exe
2014-11-09 14:33 - 2014-11-18 17:49 - 00000000 ___DC () C:\AdwCleaner
2014-11-09 13:22 - 2014-11-09 13:22 - 00000158 _____ () C:\Users\cash\systeme pyramidal.txt
2014-11-09 13:17 - 2014-11-09 13:17 - 00000000 ____D () C:\Users\cash\AppData\Local\Skype
2014-11-08 23:52 - 2014-11-08 23:53 - 04991400 _____ (Adobe Systems Inc.) C:\Users\cash\Downloads\Shockwave_Installer_Slim (2).exe
2014-11-08 22:40 - 2014-11-08 22:38 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-08 22:39 - 2014-11-08 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-08 22:37 - 2014-11-08 22:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-08 22:37 - 2014-11-08 22:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-08 21:36 - 2014-11-20 01:39 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 21:36 - 2014-11-12 14:39 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-08 21:36 - 2014-11-12 14:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-08 21:36 - 2014-11-12 14:39 - 00003940 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-08 18:11 - 2014-11-08 18:11 - 00003104 _____ () C:\Windows\System32\Tasks\{BF801472-8073-4BE5-9B43-65DC9B50ACC3}
2014-11-08 18:10 - 2014-11-09 01:30 - 00001762 _____ () C:\Users\cash\vec rien jecompose.txt
2014-10-30 21:14 - 2014-10-30 21:14 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-10-30 21:14 - 2014-10-30 21:14 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-10-29 12:44 - 2014-10-29 12:44 - 00000000 ____D () C:\Users\cash\AppData\Roaming\AVAST Software
2014-10-29 12:43 - 2014-10-29 12:43 - 00001933 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-29 12:43 - 2014-10-29 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-29 12:42 - 2014-11-19 12:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-29 12:42 - 2014-11-01 13:00 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-10-29 12:42 - 2014-11-01 13:00 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-29 12:42 - 2014-10-29 12:42 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-29 12:42 - 2014-10-29 12:42 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-29 12:41 - 2014-10-29 12:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-29 12:17 - 2014-10-29 12:33 - 131078000 _____ (AVAST Software) C:\Users\cash\Downloads\avast_free_antivirus_setup.exe
2014-10-28 22:54 - 2014-10-28 22:55 - 05004328 _____ (AVAST Software) C:\Users\cash\Downloads\avast_free_antivirus_setup_online.exe
2014-10-22 15:03 - 2014-10-22 15:45 - 490506044 _____ () C:\Users\cash\Downloads\Windows6.1-KB947821-v33-x64.msu
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-19 11:17 - 2014-09-15 20:21 - 00011999 _____ () C:\Users\cash\NEW77.txt
2014-11-18 19:25 - 2011-12-09 13:26 - 00000000 ____D () C:\Users\cash\AppData\Local\Google
2014-11-18 19:24 - 2011-09-03 21:10 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Mozilla
2014-11-18 19:23 - 2014-02-19 17:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-18 19:16 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-18 19:16 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-18 19:09 - 2012-10-16 11:56 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-11-18 19:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 02:25 - 2014-09-25 20:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-15 03:54 - 2011-08-23 18:06 - 00000000 ____D () C:\Users\cash
2014-11-14 18:07 - 2014-07-29 13:12 - 00003216 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 18:07 - 2014-07-29 13:11 - 00003352 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 13:49 - 2014-08-01 00:57 - 00003330 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 13:49 - 2014-06-30 13:14 - 00003194 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 10:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 21:26 - 2014-08-26 00:37 - 00003985 _____ () C:\Users\cash\secret.txt
2014-11-13 20:48 - 2011-12-09 13:26 - 00000000 ____D () C:\Users\cash\AppData\Local\CrashDumps
2014-11-12 13:08 - 2009-07-14 05:45 - 00295360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 04:27 - 2014-05-07 12:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 03:17 - 2013-07-23 03:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 03:09 - 2011-12-09 13:07 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 17:53 - 2014-05-19 21:00 - 00000000 ____D () C:\ProgramData\Skype
2014-11-10 13:42 - 2014-05-19 21:01 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Skype
2014-11-09 00:06 - 2014-07-25 16:30 - 00000000 ____D () C:\Users\cash\AppData\Local\Adobe
2014-11-08 23:18 - 2011-08-24 03:17 - 00747910 _____ () C:\Windows\system32\perfh00C.dat
2014-11-08 23:18 - 2011-08-24 03:17 - 00150402 _____ () C:\Windows\system32\perfc00C.dat
2014-11-08 23:18 - 2009-07-14 06:13 - 01669656 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 21:23 - 2011-01-14 13:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-08 21:23 - 2011-01-14 13:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-04 14:30 - 2011-08-29 14:25 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-30 21:14 - 2011-08-23 18:18 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Adobe
2014-10-29 12:41 - 2012-01-08 17:59 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-22 16:09 - 2014-09-22 20:30 - 00000000 ____D () C:\Users\cash\Documents\Wondershare Video Editor
Some content of TEMP:
====================
C:\Users\cash\AppData\Local\Temp\Quarantine.exe
C:\Users\cash\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 01:15
==================== End Of Log ============================
Users shortcut scan result (x64) Version: 19-11-2014
Ran by cash at 2014-11-20 01:59:32
Running from C:\Users\cash\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS\Soulseek.lnk -> C:\Program Files (x86)\SoulseekNS\slsk.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS\Uninstall Soulseek.lnk -> C:\Program Files (x86)\SoulseekNS\uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\Outil de découpage RealPlayer.lnk -> C:\Program Files (x86)\Real\RealPlayer\realtrimmer.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Cloud.lnk -> C:\program files (x86)\real\realplayer\realplay.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk -> C:\Program Files (x86)\Real\RealPlayer\realconverter.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Downloader.lnk -> C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Désinstaller Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Codec Tweak Tool.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudio.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\graphstudio.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Haali Muxer.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\gdsmux.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\VobSubStrip.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\VobSubStrip.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Xvid StatsReader.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\StatsReader.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali video renderer.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\madFLAC.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\VP7 decoder.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\All options.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Generate log with system information.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage ACM and VFW codecs.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage DirectShow filters.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage preferred DirectShow source filters.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurer Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\- eMachines Game Console -.lnk -> C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsole-wt.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Agatha Christie - Death on the Nile.lnk -> C:\Program Files (x86)\eMachines Games\Agatha Christie - Death on the Nile\DeathOnTheNile-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Bejeweled 2 Deluxe\Bejeweled 2 Deluxe-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Build-a-lot 2.lnk -> C:\Program Files (x86)\eMachines Games\Build-a-lot 2\Build-a-lot 2-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chuzzle Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Chuzzle Deluxe\Chuzzle Deluxe-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Diner Dash 2 Restaurant Rescue.lnk -> C:\Program Files (x86)\eMachines Games\Diner Dash 2 Restaurant Rescue\Diner Dash 2 Restaurant Rescue-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Farm Frenzy.lnk -> C:\Program Files (x86)\eMachines Games\Farm Frenzy\farm-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FATE.lnk -> C:\Program Files (x86)\eMachines Games\FATE\Fate-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Final Drive Nitro.lnk -> C:\Program Files (x86)\eMachines Games\Final Drive Nitro\Racing-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Insaniquarium Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Insaniquarium Deluxe\Insaniquarium-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest Solitaire 2.lnk -> C:\Program Files (x86)\eMachines Games\Jewel Quest Solitaire 2\JQSolitaire2-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\John Deere Drive Green.lnk -> C:\Program Files (x86)\eMachines Games\John Deere Drive Green\DriveGreen1-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from eMachines Games.lnk -> C:\Program Files (x86)\eMachines Games\Game Explorer Categories - main\provider.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Penguins!.lnk -> C:\Program Files (x86)\eMachines Games\Penguins!\penguins-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plants vs. Zombies.lnk -> C:\Program Files (x86)\eMachines Games\Plants vs. Zombies\Plants vs. Zombies-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler.lnk -> C:\Program Files (x86)\eMachines Games\Polar Bowler\Polar-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Golfer.lnk -> C:\Program Files (x86)\eMachines Games\Polar Golfer\golf-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Virtual Villagers 4 - The Tree of Life.lnk -> C:\Program Files (x86)\eMachines Games\Virtual Villagers 4 - The Tree of Life\Virtual Villagers - The Tree of Life-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zuma Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Zuma Deluxe\Zuma Deluxe-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zuma's Revenge.lnk -> C:\Program Files (x86)\eMachines Games\Zuma's Revenge\ZumasRevenge-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMachines Documentation\eMachines Quick Guide.lnk -> C:\book\Quick Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMachines Documentation\eMachines User Guide.lnk -> C:\book\Generic_User_Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMachines\eMachines Recovery Management.lnk -> C:\Program Files\eMachines\eMachines Recovery Management\Recovery Management.exe (Acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMachines\eMachines Updater.lnk -> C:\Program Files\eMachines\eMachines Updater\ALU.exe (Acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMachines\Welcome Center.lnk -> C:\Program Files (x86)\eMachines\Welcome Center\OEMWelcomeCenter.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{f612b807-4dc7-4e1b-98df-955e3645bd43}\PlayTasks\0\Agatha Christie - Death on the Nile.lnk -> C:\Program Files (x86)\eMachines Games\Agatha Christie - Death on the Nile\DeathOnTheNile-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{efc72cfb-9d80-463d-802d-527043f221b0}\PlayTasks\0\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Bejeweled 2 Deluxe\Bejeweled 2 Deluxe-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{d82b228f-3099-453f-a04d-f1957e2a6bbe}\PlayTasks\0\Zuma's Revenge.lnk -> C:\Program Files (x86)\eMachines Games\Zuma's Revenge\ZumasRevenge-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{bb7e5be3-1452-4d72-8507-5c289b9bdd08}\PlayTasks\0\Final Drive Nitro.lnk -> C:\Program Files (x86)\eMachines Games\Final Drive Nitro\Racing-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{ba4e32b7-3bb3-44d6-a78a-5418ecdef4e0}\PlayTasks\0\Zuma Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Zuma Deluxe\Zuma Deluxe-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9d71143d-60ca-4c0e-a9e9-356bde66fea5}\PlayTasks\0\Farm Frenzy.lnk -> C:\Program Files (x86)\eMachines Games\Farm Frenzy\farm-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\eMachines Games\Game Explorer Categories - main\provider.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{8a6be8a5-b598-48b7-9725-62068f3c5c36}\PlayTasks\0\Diner Dash 2 Restaurant Rescue.lnk -> C:\Program Files (x86)\eMachines Games\Diner Dash 2 Restaurant Rescue\Diner Dash 2 Restaurant Rescue-WT.exe (No File)
Shortcut: C:\ProgramData\Micros
Voici le rapport généré par Malekal.com :
( je n ai pas réussi a l installer sur le bureau , je l ' ai télécharger depuis Mozilla
Firefox et exécuter depuis celui ci ) :
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-11-2014
Ran by cash (administrator) on FALL on 20-11-2014 01:53:02
Running from C:\Users\cash\Downloads
Loaded Profile: cash (Available profiles: cash)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Speedbit Ltd.) C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-05-28] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-602609182-1199975628-2500924996-1001\...\MountPoints2: D - D:\Opendisc.exe
HKU\S-1-5-21-602609182-1199975628-2500924996-1001\...\MountPoints2: {822f5c92-6d19-11e2-9900-60eb69f99e6d} - F:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\S-1-5-21-602609182-1199975628-2500924996-1001 -> {5FC327B8-4D99-454B-8798-2029D72227C5} URL = https://www.google.com/webhp{searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-602609182-1199975628-2500924996-1001 -> No Name - {56444A2D-5637-006A-76A7-7A786E7484D7} - No File
Tcpip\Parameters: [DhcpNameServer] 109.0.66.10 109.0.66.20
FireFox:
========
FF ProfilePath: C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\704hr2mv.default
FF Homepage:
FF Keyword.URL: hxxp://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-29]
Chrome:
=======
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir=
CHR StartupUrls: Default -> "hxxp://astromenda.com/?f=7&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir=", "hxxp://go.speedbit.com/?pid=s"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll No File
CHR Plugin: (Java Deployment Toolkit 8.0.250.18) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 8 U25) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (RealPlayer Video Downloader (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Video Downloader for HTML5 (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Video Downloader for PepperFlash (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Google Update) - C:\Users\cash\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
CHR Profile: C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-03]
CHR Extension: (Google Docs) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-01]
CHR Extension: (Google Drive) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-01]
CHR Extension: (Search) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-01]
CHR Extension: (Google Sheets) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-03]
CHR Extension: (RealPlayer Downloader) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-05-29]
CHR Extension: (Google Wallet) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-01]
CHR Extension: (Gmail) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-29]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-29] (AVAST Software)
R2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-28] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
R2 SBUpd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe [2545272 2014-04-15] (Speedbit Ltd.)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
S3 GameConsoleService; "C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe" [X]
S2 VideoAcceleratorService; C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe -start -scm [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-29] ()
S3 AUDIOPHONY_DJAZZ_PRO_MIDI; C:\Windows\System32\drivers\apdjazzm.sys [37616 2012-01-09] (Ploytec GmbH)
S3 AUDIOPHONY_DJAZZ_PRO_USB; C:\Windows\System32\Drivers\apdjazzu.sys [424688 2012-01-09] (Ploytec GmbH)
S3 AUDIOPHONY_DJAZZ_PRO_WDM; C:\Windows\System32\drivers\apdjazza.sys [54000 2012-01-09] (Ploytec GmbH)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [154112 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [144896 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-16] (Malwarebytes Corporation)
S3 netr7364; C:\Windows\System32\DRIVERS\netr7364.sys [575488 2011-09-04] (Ralink Technology, Corp.) [File not signed]
S3 NUMARK_NS6_MIDI; C:\Windows\System32\drivers\ns6_midi.sys [31296 2011-03-30] (Numark)
S3 NUMARK_NS6_USB; C:\Windows\System32\Drivers\ns6_usb.sys [416320 2011-03-30] (Ploytec GmbH)
S3 NUMARK_NS6_WDM; C:\Windows\System32\drivers\ns6_wdm.sys [54336 2011-03-30] (Numark)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [848384 2011-06-01] (Realtek Semiconductor Corporation ) [File not signed]
R3 SBUpdd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys [41368 2014-04-15] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-10-01] (C-Media Electronics Inc)
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 DKbFltr; SysWOW64\Drivers\DKbFltr.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 01:52 - 2014-11-20 01:52 - 00046268 _____ () C:\Users\cash\Downloads\Shortcut.txt
2014-11-20 01:47 - 2014-11-20 01:52 - 00028318 _____ () C:\Users\cash\Downloads\Addition.txt
2014-11-20 01:45 - 2014-11-20 01:54 - 00018023 _____ () C:\Users\cash\Downloads\FRST.txt
2014-11-20 01:44 - 2014-11-20 01:53 - 00000000 ___DC () C:\FRST
2014-11-20 01:42 - 2014-11-20 01:43 - 02117120 _____ (Farbar) C:\Users\cash\Downloads\FRST64.exe
2014-11-20 01:33 - 2014-11-20 01:33 - 01029080 _____ (CyberLink) C:\Users\cash\Downloads\CyberLink_PowerDirector_Downloader.exe
2014-11-18 19:23 - 2014-11-18 19:23 - 00001168 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-18 19:23 - 2014-11-18 19:23 - 00001156 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-18 19:23 - 2014-11-18 19:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-18 19:12 - 2014-11-18 19:18 - 36588256 _____ () C:\Users\cash\Downloads\Firefox Setup 33.1.1.exe
2014-11-18 18:43 - 2014-11-18 18:43 - 00001161 _____ () C:\Users\cash\Desktop\AdwCleaner[S5].txt
2014-11-18 17:25 - 2014-11-18 17:26 - 02140160 _____ () C:\Users\cash\Downloads\adwcleaner_4.101.exe
2014-11-18 17:17 - 2014-11-18 17:17 - 00001273 _____ () C:\Users\cash\Desktop\Revo Uninstaller.lnk
2014-11-18 17:17 - 2014-11-18 17:17 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-18 17:16 - 2014-11-18 17:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\cash\Downloads\revouninstaller_1-95_fr_39528.exe
2014-11-16 04:07 - 2014-11-19 23:00 - 00179238 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 17:38 - 2014-11-13 17:38 - 00000095 ____H () C:\Users\cash\Documents\.~lock.cv 2014.odt#
2014-11-12 13:14 - 2014-11-12 13:14 - 00000000 __SHD () C:\Users\cash\AppData\Local\EmieBrowserModeList
2014-11-11 19:27 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 19:27 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:27 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 19:27 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 19:27 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 19:27 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 19:27 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 19:27 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 19:27 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 19:27 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:27 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 19:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 19:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 19:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 19:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 19:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 19:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 19:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 19:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 19:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 19:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 19:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 19:25 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:25 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:25 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 19:25 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 19:25 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:25 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 19:25 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:25 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 19:25 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:25 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:25 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 19:25 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 19:25 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 19:24 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 19:24 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 19:24 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 19:24 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 19:24 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 19:24 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 19:24 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 19:24 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 19:24 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 19:19 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 19:19 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 19:19 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 19:19 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 19:18 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 19:18 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 19:18 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 19:18 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 19:18 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 19:18 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 19:18 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 19:18 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 19:18 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 19:18 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 02:51 - 2014-11-10 02:51 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Publish Providers
2014-11-10 01:37 - 2014-11-10 01:45 - 00000000 ____D () C:\Users\cash\AppData\Local\Sony
2014-11-10 01:32 - 2014-11-10 02:51 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Sony
2014-11-10 01:12 - 2014-11-10 01:31 - 411058696 _____ (Sony Creative Software Inc.) C:\Users\cash\Downloads\vegaspro13.0.373_64bit.exe
2014-11-09 14:33 - 2014-11-18 17:49 - 00000000 ___DC () C:\AdwCleaner
2014-11-09 13:22 - 2014-11-09 13:22 - 00000158 _____ () C:\Users\cash\systeme pyramidal.txt
2014-11-09 13:17 - 2014-11-09 13:17 - 00000000 ____D () C:\Users\cash\AppData\Local\Skype
2014-11-08 23:52 - 2014-11-08 23:53 - 04991400 _____ (Adobe Systems Inc.) C:\Users\cash\Downloads\Shockwave_Installer_Slim (2).exe
2014-11-08 22:40 - 2014-11-08 22:38 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-08 22:39 - 2014-11-08 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-08 22:37 - 2014-11-08 22:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-08 22:37 - 2014-11-08 22:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-08 21:36 - 2014-11-20 01:39 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 21:36 - 2014-11-12 14:39 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-08 21:36 - 2014-11-12 14:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-08 21:36 - 2014-11-12 14:39 - 00003940 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-08 18:11 - 2014-11-08 18:11 - 00003104 _____ () C:\Windows\System32\Tasks\{BF801472-8073-4BE5-9B43-65DC9B50ACC3}
2014-11-08 18:10 - 2014-11-09 01:30 - 00001762 _____ () C:\Users\cash\vec rien jecompose.txt
2014-10-30 21:14 - 2014-10-30 21:14 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-10-30 21:14 - 2014-10-30 21:14 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-10-29 12:44 - 2014-10-29 12:44 - 00000000 ____D () C:\Users\cash\AppData\Roaming\AVAST Software
2014-10-29 12:43 - 2014-10-29 12:43 - 00001933 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-29 12:43 - 2014-10-29 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-29 12:42 - 2014-11-19 12:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-29 12:42 - 2014-11-01 13:00 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-10-29 12:42 - 2014-11-01 13:00 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-29 12:42 - 2014-10-29 12:42 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-29 12:42 - 2014-10-29 12:42 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-29 12:41 - 2014-10-29 12:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-29 12:17 - 2014-10-29 12:33 - 131078000 _____ (AVAST Software) C:\Users\cash\Downloads\avast_free_antivirus_setup.exe
2014-10-28 22:54 - 2014-10-28 22:55 - 05004328 _____ (AVAST Software) C:\Users\cash\Downloads\avast_free_antivirus_setup_online.exe
2014-10-22 15:03 - 2014-10-22 15:45 - 490506044 _____ () C:\Users\cash\Downloads\Windows6.1-KB947821-v33-x64.msu
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-19 11:17 - 2014-09-15 20:21 - 00011999 _____ () C:\Users\cash\NEW77.txt
2014-11-18 19:25 - 2011-12-09 13:26 - 00000000 ____D () C:\Users\cash\AppData\Local\Google
2014-11-18 19:24 - 2011-09-03 21:10 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Mozilla
2014-11-18 19:23 - 2014-02-19 17:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-18 19:16 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-18 19:16 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-18 19:09 - 2012-10-16 11:56 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-11-18 19:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 02:25 - 2014-09-25 20:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-15 03:54 - 2011-08-23 18:06 - 00000000 ____D () C:\Users\cash
2014-11-14 18:07 - 2014-07-29 13:12 - 00003216 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 18:07 - 2014-07-29 13:11 - 00003352 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 13:49 - 2014-08-01 00:57 - 00003330 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 13:49 - 2014-06-30 13:14 - 00003194 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 10:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 21:26 - 2014-08-26 00:37 - 00003985 _____ () C:\Users\cash\secret.txt
2014-11-13 20:48 - 2011-12-09 13:26 - 00000000 ____D () C:\Users\cash\AppData\Local\CrashDumps
2014-11-12 13:08 - 2009-07-14 05:45 - 00295360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 04:27 - 2014-05-07 12:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 03:17 - 2013-07-23 03:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 03:09 - 2011-12-09 13:07 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 17:53 - 2014-05-19 21:00 - 00000000 ____D () C:\ProgramData\Skype
2014-11-10 13:42 - 2014-05-19 21:01 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Skype
2014-11-09 00:06 - 2014-07-25 16:30 - 00000000 ____D () C:\Users\cash\AppData\Local\Adobe
2014-11-08 23:18 - 2011-08-24 03:17 - 00747910 _____ () C:\Windows\system32\perfh00C.dat
2014-11-08 23:18 - 2011-08-24 03:17 - 00150402 _____ () C:\Windows\system32\perfc00C.dat
2014-11-08 23:18 - 2009-07-14 06:13 - 01669656 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 21:23 - 2011-01-14 13:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-08 21:23 - 2011-01-14 13:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-04 14:30 - 2011-08-29 14:25 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-30 21:14 - 2011-08-23 18:18 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Adobe
2014-10-29 12:41 - 2012-01-08 17:59 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-22 16:09 - 2014-09-22 20:30 - 00000000 ____D () C:\Users\cash\Documents\Wondershare Video Editor
Some content of TEMP:
====================
C:\Users\cash\AppData\Local\Temp\Quarantine.exe
C:\Users\cash\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 01:15
==================== End Of Log ============================
Users shortcut scan result (x64) Version: 19-11-2014
Ran by cash at 2014-11-20 01:59:32
Running from C:\Users\cash\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS\Soulseek.lnk -> C:\Program Files (x86)\SoulseekNS\slsk.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS\Uninstall Soulseek.lnk -> C:\Program Files (x86)\SoulseekNS\uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\Outil de découpage RealPlayer.lnk -> C:\Program Files (x86)\Real\RealPlayer\realtrimmer.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Cloud.lnk -> C:\program files (x86)\real\realplayer\realplay.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk -> C:\Program Files (x86)\Real\RealPlayer\realconverter.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Downloader.lnk -> C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Désinstaller Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Codec Tweak Tool.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudio.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\graphstudio.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Haali Muxer.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\gdsmux.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\VobSubStrip.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\VobSubStrip.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Xvid StatsReader.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\StatsReader.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali video renderer.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\madFLAC.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\VP7 decoder.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\All options.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Generate log with system information.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage ACM and VFW codecs.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage DirectShow filters.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage preferred DirectShow source filters.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurer Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\- eMachines Game Console -.lnk -> C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsole-wt.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Agatha Christie - Death on the Nile.lnk -> C:\Program Files (x86)\eMachines Games\Agatha Christie - Death on the Nile\DeathOnTheNile-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Bejeweled 2 Deluxe\Bejeweled 2 Deluxe-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Build-a-lot 2.lnk -> C:\Program Files (x86)\eMachines Games\Build-a-lot 2\Build-a-lot 2-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chuzzle Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Chuzzle Deluxe\Chuzzle Deluxe-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Diner Dash 2 Restaurant Rescue.lnk -> C:\Program Files (x86)\eMachines Games\Diner Dash 2 Restaurant Rescue\Diner Dash 2 Restaurant Rescue-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Farm Frenzy.lnk -> C:\Program Files (x86)\eMachines Games\Farm Frenzy\farm-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FATE.lnk -> C:\Program Files (x86)\eMachines Games\FATE\Fate-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Final Drive Nitro.lnk -> C:\Program Files (x86)\eMachines Games\Final Drive Nitro\Racing-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Insaniquarium Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Insaniquarium Deluxe\Insaniquarium-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest Solitaire 2.lnk -> C:\Program Files (x86)\eMachines Games\Jewel Quest Solitaire 2\JQSolitaire2-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\John Deere Drive Green.lnk -> C:\Program Files (x86)\eMachines Games\John Deere Drive Green\DriveGreen1-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from eMachines Games.lnk -> C:\Program Files (x86)\eMachines Games\Game Explorer Categories - main\provider.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Penguins!.lnk -> C:\Program Files (x86)\eMachines Games\Penguins!\penguins-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plants vs. Zombies.lnk -> C:\Program Files (x86)\eMachines Games\Plants vs. Zombies\Plants vs. Zombies-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler.lnk -> C:\Program Files (x86)\eMachines Games\Polar Bowler\Polar-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Golfer.lnk -> C:\Program Files (x86)\eMachines Games\Polar Golfer\golf-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Virtual Villagers 4 - The Tree of Life.lnk -> C:\Program Files (x86)\eMachines Games\Virtual Villagers 4 - The Tree of Life\Virtual Villagers - The Tree of Life-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zuma Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Zuma Deluxe\Zuma Deluxe-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zuma's Revenge.lnk -> C:\Program Files (x86)\eMachines Games\Zuma's Revenge\ZumasRevenge-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMachines Documentation\eMachines Quick Guide.lnk -> C:\book\Quick Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMachines Documentation\eMachines User Guide.lnk -> C:\book\Generic_User_Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMachines\eMachines Recovery Management.lnk -> C:\Program Files\eMachines\eMachines Recovery Management\Recovery Management.exe (Acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMachines\eMachines Updater.lnk -> C:\Program Files\eMachines\eMachines Updater\ALU.exe (Acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMachines\Welcome Center.lnk -> C:\Program Files (x86)\eMachines\Welcome Center\OEMWelcomeCenter.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{f612b807-4dc7-4e1b-98df-955e3645bd43}\PlayTasks\0\Agatha Christie - Death on the Nile.lnk -> C:\Program Files (x86)\eMachines Games\Agatha Christie - Death on the Nile\DeathOnTheNile-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{efc72cfb-9d80-463d-802d-527043f221b0}\PlayTasks\0\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Bejeweled 2 Deluxe\Bejeweled 2 Deluxe-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{d82b228f-3099-453f-a04d-f1957e2a6bbe}\PlayTasks\0\Zuma's Revenge.lnk -> C:\Program Files (x86)\eMachines Games\Zuma's Revenge\ZumasRevenge-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{bb7e5be3-1452-4d72-8507-5c289b9bdd08}\PlayTasks\0\Final Drive Nitro.lnk -> C:\Program Files (x86)\eMachines Games\Final Drive Nitro\Racing-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{ba4e32b7-3bb3-44d6-a78a-5418ecdef4e0}\PlayTasks\0\Zuma Deluxe.lnk -> C:\Program Files (x86)\eMachines Games\Zuma Deluxe\Zuma Deluxe-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9d71143d-60ca-4c0e-a9e9-356bde66fea5}\PlayTasks\0\Farm Frenzy.lnk -> C:\Program Files (x86)\eMachines Games\Farm Frenzy\farm-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\eMachines Games\Game Explorer Categories - main\provider.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{8a6be8a5-b598-48b7-9725-62068f3c5c36}\PlayTasks\0\Diner Dash 2 Restaurant Rescue.lnk -> C:\Program Files (x86)\eMachines Games\Diner Dash 2 Restaurant Rescue\Diner Dash 2 Restaurant Rescue-WT.exe (No File)
Shortcut: C:\ProgramData\Micros
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
https://pjjoint.malekal.com/files.php?id=FRST_20141120_i15c15p8d8w8
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-11-2014
Ran by cash (administrator) on FALL on 20-11-2014 01:53:02
Running from C:\Users\cash\Downloads
Loaded Profile: cash (Available profiles: cash)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Speedbit Ltd.) C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-05-28] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-602609182-1199975628-2500924996-1001\...\MountPoints2: D - D:\Opendisc.exe
HKU\S-1-5-21-602609182-1199975628-2500924996-1001\...\MountPoints2: {822f5c92-6d19-11e2-9900-60eb69f99e6d} - F:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\S-1-5-21-602609182-1199975628-2500924996-1001 -> {5FC327B8-4D99-454B-8798-2029D72227C5} URL = https://www.google.com/webhp{searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-602609182-1199975628-2500924996-1001 -> No Name - {56444A2D-5637-006A-76A7-7A786E7484D7} - No File
Tcpip\Parameters: [DhcpNameServer] 109.0.66.10 109.0.66.20
FireFox:
========
FF ProfilePath: C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\704hr2mv.default
FF Homepage:
FF Keyword.URL: hxxp://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-29]
Chrome:
=======
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir=
CHR StartupUrls: Default -> "hxxp://astromenda.com/?f=7&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir=", "hxxp://go.speedbit.com/?pid=s"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll No File
CHR Plugin: (Java Deployment Toolkit 8.0.250.18) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 8 U25) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (RealPlayer Video Downloader (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Video Downloader for HTML5 (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Video Downloader for PepperFlash (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Google Update) - C:\Users\cash\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
CHR Profile: C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-03]
CHR Extension: (Google Docs) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-01]
CHR Extension: (Google Drive) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-01]
CHR Extension: (Search) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-01]
CHR Extension: (Google Sheets) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-03]
CHR Extension: (RealPlayer Downloader) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-05-29]
CHR Extension: (Google Wallet) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-01]
CHR Extension: (Gmail) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-29]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-29] (AVAST Software)
R2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-28] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
R2 SBUpd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe [2545272 2014-04-15] (Speedbit Ltd.)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
S3 GameConsoleService; "C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe" [X]
S2 VideoAcceleratorService; C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe -start -scm [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-29] ()
S3 AUDIOPHONY_DJAZZ_PRO_MIDI; C:\Windows\System32\drivers\apdjazzm.sys [37616 2012-01-09] (Ploytec GmbH)
S3 AUDIOPHONY_DJAZZ_PRO_USB; C:\Windows\System32\Drivers\apdjazzu.sys [424688 2012-01-09] (Ploytec GmbH)
S3 AUDIOPHONY_DJAZZ_PRO_WDM; C:\Windows\System32\drivers\apdjazza.sys [54000 2012-01-09] (Ploytec GmbH)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [154112 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [144896 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-16] (Malwarebytes Corporation)
S3 netr7364; C:\Windows\System32\DRIVERS\netr7364.sys [575488 2011-09-04] (Ralink Technology, Corp.) [File not signed]
S3 NUMARK_NS6_MIDI; C:\Windows\System32\drivers\ns6_midi.sys [31296 2011-03-30] (Numark)
S3 NUMARK_NS6_USB; C:\Windows\System32\Drivers\ns6_usb.sys [416320 2011-03-30] (Ploytec GmbH)
S3 NUMARK_NS6_WDM; C:\Windows\System32\drivers\ns6_wdm.sys [54336 2011-03-30] (Numark)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [848384 2011-06-01] (Realtek Semiconductor Corporation ) [File not signed]
R3 SBUpdd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys [41368 2014-04-15] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-10-01] (C-Media Electronics Inc)
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 DKbFltr; SysWOW64\Drivers\DKbFltr.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 01:52 - 2014-11-20 01:52 - 00046268 _____ () C:\Users\cash\Downloads\Shortcut.txt
2014-11-20 01:47 - 2014-11-20 01:52 - 00028318 _____ () C:\Users\cash\Downloads\Addition.txt
2014-11-20 01:45 - 2014-11-20 01:54 - 00018023 _____ () C:\Users\cash\Downloads\FRST.txt
2014-11-20 01:44 - 2014-11-20 01:53 - 00000000 ___DC () C:\FRST
2014-11-20 01:42 - 2014-11-20 01:43 - 02117120 _____ (Farbar) C:\Users\cash\Downloads\FRST64.exe
2014-11-20 01:33 - 2014-11-20 01:33 - 01029080 _____ (CyberLink) C:\Users\cash\Downloads\CyberLink_PowerDirector_Downloader.exe
2014-11-18 19:23 - 2014-11-18 19:23 - 00001168 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-18 19:23 - 2014-11-18 19:23 - 00001156 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-18 19:23 - 2014-11-18 19:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-18 19:12 - 2014-11-18 19:18 - 36588256 _____ () C:\Users\cash\Downloads\Firefox Setup 33.1.1.exe
2014-11-18 18:43 - 2014-11-18 18:43 - 00001161 _____ () C:\Users\cash\Desktop\AdwCleaner[S5].txt
2014-11-18 17:25 - 2014-11-18 17:26 - 02140160 _____ () C:\Users\cash\Downloads\adwcleaner_4.101.exe
2014-11-18 17:17 - 2014-11-18 17:17 - 00001273 _____ () C:\Users\cash\Desktop\Revo Uninstaller.lnk
2014-11-18 17:17 - 2014-11-18 17:17 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-18 17:16 - 2014-11-18 17:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\cash\Downloads\revouninstaller_1-95_fr_39528.exe
2014-11-16 04:07 - 2014-11-19 23:00 - 00179238 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 17:38 - 2014-11-13 17:38 - 00000095 ____H () C:\Users\cash\Documents\.~lock.cv 2014.odt#
2014-11-12 13:14 - 2014-11-12 13:14 - 00000000 __SHD () C:\Users\cash\AppData\Local\EmieBrowserModeList
2014-11-11 19:27 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 19:27 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:27 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 19:27 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 19:27 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 19:27 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 19:27 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 19:27 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 19:27 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 19:27 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:27 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 19:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 19:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 19:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 19:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 19:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 19:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 19:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 19:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 19:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 19:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 19:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 19:25 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:25 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:25 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 19:25 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 19:25 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:25 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 19:25 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:25 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 19:25 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:25 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:25 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 19:25 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 19:25 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 19:24 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 19:24 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 19:24 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 19:24 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 19:24 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 19:24 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 19:24 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 19:24 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 19:24 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 19:19 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 19:19 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 19:19 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 19:19 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 19:18 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 19:18 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 19:18 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 19:18 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 19:18 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 19:18 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 19:18 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 19:18 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 19:18 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 19:18 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 02:51 - 2014-11-10 02:51 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Publish Providers
2014-11-10 01:37 - 2014-11-10 01:45 - 00000000 ____D () C:\Users\cash\AppData\Local\Sony
2014-11-10 01:32 - 2014-11-10 02:51 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Sony
2014-11-10 01:12 - 2014-11-10 01:31 - 411058696 _____ (Sony Creative Software Inc.) C:\Users\cash\Downloads\vegaspro13.0.373_64bit.exe
2014-11-09 14:33 - 2014-11-18 17:49 - 00000000 ___DC () C:\AdwCleaner
2014-11-09 13:22 - 2014-11-09 13:22 - 00000158 _____ () C:\Users\cash\systeme pyramidal.txt
2014-11-09 13:17 - 2014-11-09 13:17 - 00000000 ____D () C:\Users\cash\AppData\Local\Skype
2014-11-08 23:52 - 2014-11-08 23:53 - 04991400 _____ (Adobe Systems Inc.) C:\Users\cash\Downloads\Shockwave_Installer_Slim (2).exe
2014-11-08 22:40 - 2014-11-08 22:38 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-08 22:39 - 2014-11-08 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-08 22:37 - 2014-11-08 22:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-08 22:37 - 2014-11-08 22:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-08 21:36 - 2014-11-20 01:39 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 21:36 - 2014-11-12 14:39 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-08 21:36 - 2014-11-12 14:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-08 21:36 - 2014-11-12 14:39 - 00003940 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-08 18:11 - 2014-11-08 18:11 - 00003104 _____ () C:\Windows\System32\Tasks\{BF801472-8073-4BE5-9B43-65DC9B50ACC3}
2014-11-08 18:10 - 2014-11-09 01:30 - 00001762 _____ () C:\Users\cash\vec rien jecompose.txt
2014-10-30 21:14 - 2014-10-30 21:14 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-10-30 21:14 - 2014-10-30 21:14 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-10-29 12:44 - 2014-10-29 12:44 - 00000000 ____D () C:\Users\cash\AppData\Roaming\AVAST Software
2014-10-29 12:43 - 2014-10-29 12:43 - 00001933 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-29 12:43 - 2014-10-29 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-29 12:42 - 2014-11-19 12:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-29 12:42 - 2014-11-01 13:00 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-10-29 12:42 - 2014-11-01 13:00 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-29 12:42 - 2014-10-29 12:42 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-29 12:42 - 2014-10-29 12:42 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-29 12:41 - 2014-10-29 12:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-29 12:17 - 2014-10-29 12:33 - 131078000 _____ (AVAST Software) C:\Users\cash\Downloads\avast_free_antivirus_setup.exe
2014-10-28 22:54 - 2014-10-28 22:55 - 05004328 _____ (AVAST Software) C:\Users\cash\Downloads\avast_free_antivirus_setup_online.exe
2014-10-22 15:03 - 2014-10-22 15:45 - 490506044 _____ () C:\Users\cash\Downloads\Windows6.1-KB947821-v33-x64.msu
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-19 11:17 - 2014-09-15 20:21 - 00011999 _____ () C:\Users\cash\NEW77.txt
2014-11-18 19:25 - 2011-12-09 13:26 - 00000000 ____D () C:\Users\cash\AppData\Local\Google
2014-11-18 19:24 - 2011-09-03 21:10 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Mozilla
2014-11-18 19:23 - 2014-02-19 17:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-18 19:16 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-18 19:16 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-18 19:09 - 2012-10-16 11:56 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-11-18 19:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 02:25 - 2014-09-25 20:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-15 03:54 - 2011-08-23 18:06 - 00000000 ____D () C:\Users\cash
2014-11-14 18:07 - 2014-07-29 13:12 - 00003216 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 18:07 - 2014-07-29 13:11 - 00003352 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 13:49 - 2014-08-01 00:57 - 00003330 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 13:49 - 2014-06-30 13:14 - 00003194 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 10:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 21:26 - 2014-08-26 00:37 - 00003985 _____ () C:\Users\cash\secret.txt
2014-11-13 20:48 - 2011-12-09 13:26 - 00000000 ____D () C:\Users\cash\AppData\Local\CrashDumps
2014-11-12 13:08 - 2009-07-14 05:45 - 00295360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 04:27 - 2014-05-07 12:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 03:17 - 2013-07-23 03:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 03:09 - 2011-12-09 13:07 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 17:53 - 2014-05-19 21:00 - 00000000 ____D () C:\ProgramData\Skype
2014-11-10 13:42 - 2014-05-19 21:01 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Skype
2014-11-09 00:06 - 2014-07-25 16:30 - 00000000 ____D () C:\Users\cash\AppData\Local\Adobe
2014-11-08 23:18 - 2011-08-24 03:17 - 00747910 _____ () C:\Windows\system32\perfh00C.dat
2014-11-08 23:18 - 2011-08-24 03:17 - 00150402 _____ () C:\Windows\system32\perfc00C.dat
2014-11-08 23:18 - 2009-07-14 06:13 - 01669656 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 21:23 - 2011-01-14 13:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-08 21:23 - 2011-01-14 13:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-04 14:30 - 2011-08-29 14:25 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-30 21:14 - 2011-08-23 18:18 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Adobe
2014-10-29 12:41 - 2012-01-08 17:59 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-22 16:09 - 2014-09-22 20:30 - 00000000 ____D () C:\Users\cash\Documents\Wondershare Video Editor
Some content of TEMP:
====================
C:\Users\cash\AppData\Local\Temp\Quarantine.exe
C:\Users\cash\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 01:15
==================== End Of Log ============================
https://pjjoint.malekal.com/files.php?id=20141120_t11k13d15o7t12
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2014
Ran by cash at 2014-11-20 01:55:57
Running from C:\Users\cash\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.30 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.1.61 - Conexant)
DJazz Pro Edition (HKLM\...\USB_AUDIO_DEusb-audio.deAUDIOPHONY_DJAZZ_PRO) (Version: - )
eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0806.2010 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 fr) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 fr)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
RealDownloader (x32 Version: 17.0.9 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - Synaptics Incorporated)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-08-15 16:04 - 00000089 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {41FE4E3D-F1EE-44DF-ADCD-DE1F9D458E39} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {5EACF5B2-D358-4C09-95ED-6DBA7B0CAD1B} - System32\Tasks\SBW_UpdateTask_Time_313434393138393731302d455b2a34504141454a5a576c => Wscript.exe //B "C:\ProgramData\SpeedBit\sbhe.js" sbu.exe /invoke /f:check_services /l:0
Task: {66FFADB4-6C31-481C-AC43-6803892D68F0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6B1638CC-3F36-4ECE-889E-C3AB3B1007E8} - System32\Tasks\{15B68427-D771-452F-83FE-4451893AC02F} => C:\Program Files (x86)\VirtualDJ\virtualdj_djc.exe
Task: {7B85F374-DC14-4DD5-9D7E-FC1555FA7827} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {8ECFB5A2-E63B-4BE6-8BC1-F227A1370F48} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {94498D23-84E4-4E08-B6B5-AB91023DD973} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {A4C563BE-415A-4D0F-ADF5-70D8E0E1B271} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {B1D9A605-BD18-4895-8461-E509AF2C1C1C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {B308533A-113E-4D9E-BBCB-A482BB85F80E} - System32\Tasks\{A06E6625-B937-4F5E-8CD9-880B1AB9631D} => C:\Program Files (x86)\Serato\ITCH for Numark NS6\ITCH For Numark NS6.exe
Task: {B55BA524-2D4E-47C6-A64C-284CFA76ADB8} - System32\Tasks\{74A006DA-6C13-4C43-83D3-A6A241D14092} => C:\Program Files (x86)\Serato\ITCH for Numark NS6\ITCH For Numark NS6.exe
Task: {B6CF48D9-C4E4-41FA-B427-C344DA3CD3FA} - System32\Tasks\{2AB97180-4084-4460-B1FD-C18C7099ACBC} => Firefox.exe http://ui.skype.com/ui/0/4.1.0.179.369/fr/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {BBAD68F9-DA70-4BF4-B8BB-F896D11DEF01} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {C6ED8048-6926-49BA-B1A6-FBD81CD3BFAF} - System32\Tasks\{2CDC0F3E-529D-4286-B8A1-1B8654477F78} => C:\Program Files (x86)\Serato\ITCH for Numark NS6\ITCH For Numark NS6.exe
Task: {C92EC889-4B6A-4651-BB75-8F075058A94E} - System32\Tasks\{0327AB03-1E97-41BC-BF60-A29EAF0FB6FE} => C:\Program Files (x86)\Serato\ITCH for Numark NS6\ITCH For Numark NS6.exe
Task: {ECD85290-20CA-4867-8F82-CDAB24ECA20A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-29] (AVAST Software)
Task: {F38CB3C3-35FE-4149-8FD0-6465B5D08E79} - System32\Tasks\{19F28E93-2EBD-4678-B09F-610AF8855445} => C:\Program Files (x86)\VirtualDJ\virtualdj_djc.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-04-06 22:00 - 2014-04-06 22:00 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-04-07 02:06 - 2014-04-07 02:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-11-18 16:25 - 2014-11-18 16:25 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\14111801\algo.dll
2014-11-19 22:27 - 2014-11-19 22:27 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\14111901\algo.dll
2014-05-28 21:40 - 2014-05-28 21:40 - 00859224 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-29 12:42 - 2014-10-29 12:42 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-16 04:45 - 2014-10-16 04:45 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2011-01-14 12:43 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-15 21:26 - 2014-04-15 21:26 - 00527480 _____ () C:\Program Files\Common Files\SpeedBit\SBUpdate\sbfi32.dll
2014-11-18 19:23 - 2014-11-14 03:42 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-11-12 14:39 - 2014-11-12 14:39 - 16840880 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\Users\cash\13-hulk_aketo_reeno_zesau-regarde_sur_le_monde.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\1312.wav:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\beat058.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\impro:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\Ma musique:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\Marche Au Crève [ProdByRozca].mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\OpenOffice.org 3.4.1 (fr) Installation Files:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\PERSO & DJ STRESH - MIXTAPE (2011):Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\photos:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\REC02.wav:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\retour.wav:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\SON 3:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\son2:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\TEXTES:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\Downloads\bonjour, je me prenom GOMIS PONTANI MARIE THERESE. je vous appelé vendredi pour mon iphone volé.vouis deviez m'envoié un email. j'attends merci.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrateur (S-1-5-21-602609182-1199975628-2500924996-500 - Administrator - Disabled)
cash (S-1-5-21-602609182-1199975628-2500924996-1001 - Administrator - Enabled) => C:\Users\cash
Invité (S-1-5-21-602609182-1199975628-2500924996-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/18/2014 05:09:19 PM) (Source: MsiInstaller) (EventID: 10005) (User: FALL)
Description: Produit : Vegas Pro 13.0 (64-bit) -- Vegas Pro 13.0 (64-bit) ne peut pas se désinstaller lorsque le logiciel est ouvert. Veuillez fermer l'application, puis essayez de nouveau.
Error: (11/17/2014 09:07:54 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l'appel de la routine CoCreateInstance. hr = 0x800706b5, Interface inconnue.
.
Error: (11/17/2014 09:07:54 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x800706b5, Interface inconnue.
]
Error: (11/17/2014 09:01:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante svchost.exe_RpcEptMapper, version : 6.1.7600.16385, horodatage : 0x4a5bc3c1
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d'exception : 0xc0000005
Décalage d'erreur : 0x000000000007000a
ID du processus défaillant : 0x318
Heure de début de l'application défaillante : 0xsvchost.exe_RpcEptMapper0
Chemin d'accès de l'application défaillante : svchost.exe_RpcEptMapper1
Chemin d'accès du module défaillant: svchost.exe_RpcEptMapper2
ID de rapport : svchost.exe_RpcEptMapper3
Error: (11/15/2014 01:24:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante sbu.exe, version : 2.1.0.65, horodatage : 0x534d956e
Nom du module défaillant : ntdll.dll, version : 6.1.7601.18247, horodatage : 0x521eaf24
Code d'exception : 0xc0000005
Décalage d'erreur : 0x0000000000053290
ID du processus défaillant : 0xa6c
Heure de début de l'application défaillante : 0xsbu.exe0
Chemin d'accès de l'application défaillante : sbu.exe1
Chemin d'accès du module défaillant: sbu.exe2
ID de rapport : sbu.exe3
Error: (11/15/2014 04:29:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante rndlresolversvc.exe, version : 0.0.0.0, horodatage : 0x53423f07
Nom du module défaillant : rndlresolversvc.exe, version : 0.0.0.0, horodatage : 0x53423f07
Code d'exception : 0xc0000005
Décalage d'erreur : 0x00003035
ID du processus défaillant : 0x9b8
Heure de début de l'application défaillante : 0xrndlresolversvc.exe0
Chemin d'accès de l'application défaillante : rndlresolversvc.exe1
Chemin d'accès du module défaillant: rndlresolversvc.exe2
ID de rapport : rndlresolversvc.exe3
Error: (11/13/2014 08:47:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante rpsystray.exe, version : 1.0.4.148, horodatage : 0x53454287
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d'exception : 0xc0000005
Décalage d'erreur : 0x000000000036ec50
ID du processus défaillant : 0x624
Heure de début de l'application défaillante : 0xrpsystray.exe0
Chemin d'accès de l'application défaillante : rpsystray.exe1
Chemin d'accès du module défaillant: rpsystray.exe2
ID de rapport : rpsystray.exe3
Error: (11/11/2014 10:55:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante rpsystray.exe, version : 1.0.4.148, horodatage : 0x53454287
Nom du module défaillant : netprofm.dll_unloaded, version : 0.0.0.0, horodatage : 0x4a5bdfd0
Code d'exception : 0xc0000005
Décalage d'erreur : 0x000007fef6af75f4
ID du processus défaillant : 0x63c
Heure de début de l'application défaillante : 0xrpsystray.exe0
Chemin d'accès de l'application défaillante : rpsystray.exe1
Chemin d'accès du module défaillant: rpsystray.exe2
ID de rapport : rpsystray.exe3
Error: (11/10/2014 03:21:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d'activation a échoué pour « rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1 ».
Assembly dépendant rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (11/09/2014 01:53:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme CCleaner.exe version 2.30.0.1130 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le Centre de maintenance.
ID de processus : 1080
Heure de début : 01cffc194d4d4ef2
Heure de fin : 18
Chemin d'accès de l'application : C:\Program Files (x86)\CCleaner\CCleaner.exe
ID de rapport : 4bc1d890-680f-11e4-b8f1-72a3c4515714
System errors:
=============
Error: (11/19/2014 07:03:01 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (11/19/2014 06:24:22 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (11/19/2014 01:00:00 PM) (Source: ipnathlp) (EventID: 3100
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-11-2014
Ran by cash (administrator) on FALL on 20-11-2014 01:53:02
Running from C:\Users\cash\Downloads
Loaded Profile: cash (Available profiles: cash)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Speedbit Ltd.) C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-05-28] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-602609182-1199975628-2500924996-1001\...\MountPoints2: D - D:\Opendisc.exe
HKU\S-1-5-21-602609182-1199975628-2500924996-1001\...\MountPoints2: {822f5c92-6d19-11e2-9900-60eb69f99e6d} - F:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\S-1-5-21-602609182-1199975628-2500924996-1001 -> {5FC327B8-4D99-454B-8798-2029D72227C5} URL = https://www.google.com/webhp{searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-602609182-1199975628-2500924996-1001 -> No Name - {56444A2D-5637-006A-76A7-7A786E7484D7} - No File
Tcpip\Parameters: [DhcpNameServer] 109.0.66.10 109.0.66.20
FireFox:
========
FF ProfilePath: C:\Users\cash\AppData\Roaming\Mozilla\Firefox\Profiles\704hr2mv.default
FF Homepage:
FF Keyword.URL: hxxp://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-29]
Chrome:
=======
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir=
CHR StartupUrls: Default -> "hxxp://astromenda.com/?f=7&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir=", "hxxp://go.speedbit.com/?pid=s"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\cash\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll No File
CHR Plugin: (Java Deployment Toolkit 8.0.250.18) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 8 U25) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (RealPlayer Video Downloader (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Video Downloader for HTML5 (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Video Downloader for PepperFlash (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Google Update) - C:\Users\cash\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
CHR Profile: C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-03]
CHR Extension: (Google Docs) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-01]
CHR Extension: (Google Drive) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-01]
CHR Extension: (Search) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-01]
CHR Extension: (Google Sheets) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-03]
CHR Extension: (RealPlayer Downloader) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-05-29]
CHR Extension: (Google Wallet) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-01]
CHR Extension: (Gmail) - C:\Users\cash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-29]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-29] (AVAST Software)
R2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-28] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
R2 SBUpd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe [2545272 2014-04-15] (Speedbit Ltd.)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
S3 GameConsoleService; "C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe" [X]
S2 VideoAcceleratorService; C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe -start -scm [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-29] ()
S3 AUDIOPHONY_DJAZZ_PRO_MIDI; C:\Windows\System32\drivers\apdjazzm.sys [37616 2012-01-09] (Ploytec GmbH)
S3 AUDIOPHONY_DJAZZ_PRO_USB; C:\Windows\System32\Drivers\apdjazzu.sys [424688 2012-01-09] (Ploytec GmbH)
S3 AUDIOPHONY_DJAZZ_PRO_WDM; C:\Windows\System32\drivers\apdjazza.sys [54000 2012-01-09] (Ploytec GmbH)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [154112 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [144896 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-16] (Malwarebytes Corporation)
S3 netr7364; C:\Windows\System32\DRIVERS\netr7364.sys [575488 2011-09-04] (Ralink Technology, Corp.) [File not signed]
S3 NUMARK_NS6_MIDI; C:\Windows\System32\drivers\ns6_midi.sys [31296 2011-03-30] (Numark)
S3 NUMARK_NS6_USB; C:\Windows\System32\Drivers\ns6_usb.sys [416320 2011-03-30] (Ploytec GmbH)
S3 NUMARK_NS6_WDM; C:\Windows\System32\drivers\ns6_wdm.sys [54336 2011-03-30] (Numark)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [848384 2011-06-01] (Realtek Semiconductor Corporation ) [File not signed]
R3 SBUpdd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys [41368 2014-04-15] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-10-01] (C-Media Electronics Inc)
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 DKbFltr; SysWOW64\Drivers\DKbFltr.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 01:52 - 2014-11-20 01:52 - 00046268 _____ () C:\Users\cash\Downloads\Shortcut.txt
2014-11-20 01:47 - 2014-11-20 01:52 - 00028318 _____ () C:\Users\cash\Downloads\Addition.txt
2014-11-20 01:45 - 2014-11-20 01:54 - 00018023 _____ () C:\Users\cash\Downloads\FRST.txt
2014-11-20 01:44 - 2014-11-20 01:53 - 00000000 ___DC () C:\FRST
2014-11-20 01:42 - 2014-11-20 01:43 - 02117120 _____ (Farbar) C:\Users\cash\Downloads\FRST64.exe
2014-11-20 01:33 - 2014-11-20 01:33 - 01029080 _____ (CyberLink) C:\Users\cash\Downloads\CyberLink_PowerDirector_Downloader.exe
2014-11-18 19:23 - 2014-11-18 19:23 - 00001168 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-18 19:23 - 2014-11-18 19:23 - 00001156 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-18 19:23 - 2014-11-18 19:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-18 19:12 - 2014-11-18 19:18 - 36588256 _____ () C:\Users\cash\Downloads\Firefox Setup 33.1.1.exe
2014-11-18 18:43 - 2014-11-18 18:43 - 00001161 _____ () C:\Users\cash\Desktop\AdwCleaner[S5].txt
2014-11-18 17:25 - 2014-11-18 17:26 - 02140160 _____ () C:\Users\cash\Downloads\adwcleaner_4.101.exe
2014-11-18 17:17 - 2014-11-18 17:17 - 00001273 _____ () C:\Users\cash\Desktop\Revo Uninstaller.lnk
2014-11-18 17:17 - 2014-11-18 17:17 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-18 17:16 - 2014-11-18 17:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\cash\Downloads\revouninstaller_1-95_fr_39528.exe
2014-11-16 04:07 - 2014-11-19 23:00 - 00179238 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 17:38 - 2014-11-13 17:38 - 00000095 ____H () C:\Users\cash\Documents\.~lock.cv 2014.odt#
2014-11-12 13:14 - 2014-11-12 13:14 - 00000000 __SHD () C:\Users\cash\AppData\Local\EmieBrowserModeList
2014-11-11 19:27 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 19:27 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:27 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 19:27 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 19:27 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 19:27 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 19:27 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 19:27 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 19:27 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 19:27 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:27 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 19:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 19:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 19:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 19:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 19:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 19:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 19:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 19:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 19:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 19:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 19:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 19:25 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:25 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:25 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 19:25 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 19:25 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:25 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 19:25 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:25 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 19:25 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:25 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:25 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 19:25 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 19:25 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 19:24 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 19:24 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 19:24 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 19:24 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 19:24 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 19:24 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 19:24 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 19:24 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 19:24 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 19:19 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 19:19 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 19:19 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 19:19 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 19:18 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 19:18 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 19:18 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 19:18 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 19:18 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 19:18 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 19:18 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 19:18 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 19:18 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 19:18 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 19:18 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 19:18 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 19:18 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 19:18 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 02:51 - 2014-11-10 02:51 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Publish Providers
2014-11-10 01:37 - 2014-11-10 01:45 - 00000000 ____D () C:\Users\cash\AppData\Local\Sony
2014-11-10 01:32 - 2014-11-10 02:51 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Sony
2014-11-10 01:12 - 2014-11-10 01:31 - 411058696 _____ (Sony Creative Software Inc.) C:\Users\cash\Downloads\vegaspro13.0.373_64bit.exe
2014-11-09 14:33 - 2014-11-18 17:49 - 00000000 ___DC () C:\AdwCleaner
2014-11-09 13:22 - 2014-11-09 13:22 - 00000158 _____ () C:\Users\cash\systeme pyramidal.txt
2014-11-09 13:17 - 2014-11-09 13:17 - 00000000 ____D () C:\Users\cash\AppData\Local\Skype
2014-11-08 23:52 - 2014-11-08 23:53 - 04991400 _____ (Adobe Systems Inc.) C:\Users\cash\Downloads\Shockwave_Installer_Slim (2).exe
2014-11-08 22:40 - 2014-11-08 22:38 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-08 22:39 - 2014-11-08 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-08 22:37 - 2014-11-08 22:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-08 22:37 - 2014-11-08 22:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-08 21:36 - 2014-11-20 01:39 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 21:36 - 2014-11-12 14:39 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-08 21:36 - 2014-11-12 14:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-08 21:36 - 2014-11-12 14:39 - 00003940 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-08 18:11 - 2014-11-08 18:11 - 00003104 _____ () C:\Windows\System32\Tasks\{BF801472-8073-4BE5-9B43-65DC9B50ACC3}
2014-11-08 18:10 - 2014-11-09 01:30 - 00001762 _____ () C:\Users\cash\vec rien jecompose.txt
2014-10-30 21:14 - 2014-10-30 21:14 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-10-30 21:14 - 2014-10-30 21:14 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-10-29 12:44 - 2014-10-29 12:44 - 00000000 ____D () C:\Users\cash\AppData\Roaming\AVAST Software
2014-10-29 12:43 - 2014-10-29 12:43 - 00001933 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-29 12:43 - 2014-10-29 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-29 12:42 - 2014-11-19 12:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-29 12:42 - 2014-11-01 13:00 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-10-29 12:42 - 2014-11-01 13:00 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-29 12:42 - 2014-10-29 12:42 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-29 12:42 - 2014-10-29 12:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-29 12:42 - 2014-10-29 12:42 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-29 12:41 - 2014-10-29 12:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-29 12:17 - 2014-10-29 12:33 - 131078000 _____ (AVAST Software) C:\Users\cash\Downloads\avast_free_antivirus_setup.exe
2014-10-28 22:54 - 2014-10-28 22:55 - 05004328 _____ (AVAST Software) C:\Users\cash\Downloads\avast_free_antivirus_setup_online.exe
2014-10-22 15:03 - 2014-10-22 15:45 - 490506044 _____ () C:\Users\cash\Downloads\Windows6.1-KB947821-v33-x64.msu
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-19 11:17 - 2014-09-15 20:21 - 00011999 _____ () C:\Users\cash\NEW77.txt
2014-11-18 19:25 - 2011-12-09 13:26 - 00000000 ____D () C:\Users\cash\AppData\Local\Google
2014-11-18 19:24 - 2011-09-03 21:10 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Mozilla
2014-11-18 19:23 - 2014-02-19 17:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-18 19:16 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-18 19:16 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-18 19:09 - 2012-10-16 11:56 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-11-18 19:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 02:25 - 2014-09-25 20:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-15 03:54 - 2011-08-23 18:06 - 00000000 ____D () C:\Users\cash
2014-11-14 18:07 - 2014-07-29 13:12 - 00003216 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 18:07 - 2014-07-29 13:11 - 00003352 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 13:49 - 2014-08-01 00:57 - 00003330 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 13:49 - 2014-06-30 13:14 - 00003194 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001
2014-11-14 10:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 21:26 - 2014-08-26 00:37 - 00003985 _____ () C:\Users\cash\secret.txt
2014-11-13 20:48 - 2011-12-09 13:26 - 00000000 ____D () C:\Users\cash\AppData\Local\CrashDumps
2014-11-12 13:08 - 2009-07-14 05:45 - 00295360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 04:27 - 2014-05-07 12:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 03:17 - 2013-07-23 03:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 03:09 - 2011-12-09 13:07 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 17:53 - 2014-05-19 21:00 - 00000000 ____D () C:\ProgramData\Skype
2014-11-10 13:42 - 2014-05-19 21:01 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Skype
2014-11-09 00:06 - 2014-07-25 16:30 - 00000000 ____D () C:\Users\cash\AppData\Local\Adobe
2014-11-08 23:18 - 2011-08-24 03:17 - 00747910 _____ () C:\Windows\system32\perfh00C.dat
2014-11-08 23:18 - 2011-08-24 03:17 - 00150402 _____ () C:\Windows\system32\perfc00C.dat
2014-11-08 23:18 - 2009-07-14 06:13 - 01669656 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 21:23 - 2011-01-14 13:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-08 21:23 - 2011-01-14 13:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-04 14:30 - 2011-08-29 14:25 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-30 21:14 - 2011-08-23 18:18 - 00000000 ____D () C:\Users\cash\AppData\Roaming\Adobe
2014-10-29 12:41 - 2012-01-08 17:59 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-22 16:09 - 2014-09-22 20:30 - 00000000 ____D () C:\Users\cash\Documents\Wondershare Video Editor
Some content of TEMP:
====================
C:\Users\cash\AppData\Local\Temp\Quarantine.exe
C:\Users\cash\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-15 01:15
==================== End Of Log ============================
https://pjjoint.malekal.com/files.php?id=20141120_t11k13d15o7t12
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2014
Ran by cash at 2014-11-20 01:55:57
Running from C:\Users\cash\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.30 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.1.61 - Conexant)
DJazz Pro Edition (HKLM\...\USB_AUDIO_DEusb-audio.deAUDIOPHONY_DJAZZ_PRO) (Version: - )
eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0806.2010 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 fr) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 fr)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
RealDownloader (x32 Version: 17.0.9 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - Synaptics Incorporated)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-08-15 16:04 - 00000089 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {41FE4E3D-F1EE-44DF-ADCD-DE1F9D458E39} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {5EACF5B2-D358-4C09-95ED-6DBA7B0CAD1B} - System32\Tasks\SBW_UpdateTask_Time_313434393138393731302d455b2a34504141454a5a576c => Wscript.exe //B "C:\ProgramData\SpeedBit\sbhe.js" sbu.exe /invoke /f:check_services /l:0
Task: {66FFADB4-6C31-481C-AC43-6803892D68F0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6B1638CC-3F36-4ECE-889E-C3AB3B1007E8} - System32\Tasks\{15B68427-D771-452F-83FE-4451893AC02F} => C:\Program Files (x86)\VirtualDJ\virtualdj_djc.exe
Task: {7B85F374-DC14-4DD5-9D7E-FC1555FA7827} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {8ECFB5A2-E63B-4BE6-8BC1-F227A1370F48} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {94498D23-84E4-4E08-B6B5-AB91023DD973} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {A4C563BE-415A-4D0F-ADF5-70D8E0E1B271} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {B1D9A605-BD18-4895-8461-E509AF2C1C1C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {B308533A-113E-4D9E-BBCB-A482BB85F80E} - System32\Tasks\{A06E6625-B937-4F5E-8CD9-880B1AB9631D} => C:\Program Files (x86)\Serato\ITCH for Numark NS6\ITCH For Numark NS6.exe
Task: {B55BA524-2D4E-47C6-A64C-284CFA76ADB8} - System32\Tasks\{74A006DA-6C13-4C43-83D3-A6A241D14092} => C:\Program Files (x86)\Serato\ITCH for Numark NS6\ITCH For Numark NS6.exe
Task: {B6CF48D9-C4E4-41FA-B427-C344DA3CD3FA} - System32\Tasks\{2AB97180-4084-4460-B1FD-C18C7099ACBC} => Firefox.exe http://ui.skype.com/ui/0/4.1.0.179.369/fr/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {BBAD68F9-DA70-4BF4-B8BB-F896D11DEF01} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-602609182-1199975628-2500924996-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {C6ED8048-6926-49BA-B1A6-FBD81CD3BFAF} - System32\Tasks\{2CDC0F3E-529D-4286-B8A1-1B8654477F78} => C:\Program Files (x86)\Serato\ITCH for Numark NS6\ITCH For Numark NS6.exe
Task: {C92EC889-4B6A-4651-BB75-8F075058A94E} - System32\Tasks\{0327AB03-1E97-41BC-BF60-A29EAF0FB6FE} => C:\Program Files (x86)\Serato\ITCH for Numark NS6\ITCH For Numark NS6.exe
Task: {ECD85290-20CA-4867-8F82-CDAB24ECA20A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-29] (AVAST Software)
Task: {F38CB3C3-35FE-4149-8FD0-6465B5D08E79} - System32\Tasks\{19F28E93-2EBD-4678-B09F-610AF8855445} => C:\Program Files (x86)\VirtualDJ\virtualdj_djc.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-04-06 22:00 - 2014-04-06 22:00 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-04-07 02:06 - 2014-04-07 02:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-11-18 16:25 - 2014-11-18 16:25 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\14111801\algo.dll
2014-11-19 22:27 - 2014-11-19 22:27 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\14111901\algo.dll
2014-05-28 21:40 - 2014-05-28 21:40 - 00859224 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-29 12:42 - 2014-10-29 12:42 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-16 04:45 - 2014-10-16 04:45 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2011-01-14 12:43 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-15 21:26 - 2014-04-15 21:26 - 00527480 _____ () C:\Program Files\Common Files\SpeedBit\SBUpdate\sbfi32.dll
2014-11-18 19:23 - 2014-11-14 03:42 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-11-12 14:39 - 2014-11-12 14:39 - 16840880 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\Users\cash\13-hulk_aketo_reeno_zesau-regarde_sur_le_monde.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\1312.wav:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\beat058.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\impro:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\Ma musique:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\Marche Au Crève [ProdByRozca].mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\OpenOffice.org 3.4.1 (fr) Installation Files:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\PERSO & DJ STRESH - MIXTAPE (2011):Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\photos:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\REC02.wav:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\retour.wav:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\SON 3:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\son2:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\TEXTES:Roxio EMC Stream
AlternateDataStreams: C:\Users\cash\Downloads\bonjour, je me prenom GOMIS PONTANI MARIE THERESE. je vous appelé vendredi pour mon iphone volé.vouis deviez m'envoié un email. j'attends merci.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrateur (S-1-5-21-602609182-1199975628-2500924996-500 - Administrator - Disabled)
cash (S-1-5-21-602609182-1199975628-2500924996-1001 - Administrator - Enabled) => C:\Users\cash
Invité (S-1-5-21-602609182-1199975628-2500924996-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/18/2014 05:09:19 PM) (Source: MsiInstaller) (EventID: 10005) (User: FALL)
Description: Produit : Vegas Pro 13.0 (64-bit) -- Vegas Pro 13.0 (64-bit) ne peut pas se désinstaller lorsque le logiciel est ouvert. Veuillez fermer l'application, puis essayez de nouveau.
Error: (11/17/2014 09:07:54 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l'appel de la routine CoCreateInstance. hr = 0x800706b5, Interface inconnue.
.
Error: (11/17/2014 09:07:54 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x800706b5, Interface inconnue.
]
Error: (11/17/2014 09:01:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante svchost.exe_RpcEptMapper, version : 6.1.7600.16385, horodatage : 0x4a5bc3c1
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d'exception : 0xc0000005
Décalage d'erreur : 0x000000000007000a
ID du processus défaillant : 0x318
Heure de début de l'application défaillante : 0xsvchost.exe_RpcEptMapper0
Chemin d'accès de l'application défaillante : svchost.exe_RpcEptMapper1
Chemin d'accès du module défaillant: svchost.exe_RpcEptMapper2
ID de rapport : svchost.exe_RpcEptMapper3
Error: (11/15/2014 01:24:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante sbu.exe, version : 2.1.0.65, horodatage : 0x534d956e
Nom du module défaillant : ntdll.dll, version : 6.1.7601.18247, horodatage : 0x521eaf24
Code d'exception : 0xc0000005
Décalage d'erreur : 0x0000000000053290
ID du processus défaillant : 0xa6c
Heure de début de l'application défaillante : 0xsbu.exe0
Chemin d'accès de l'application défaillante : sbu.exe1
Chemin d'accès du module défaillant: sbu.exe2
ID de rapport : sbu.exe3
Error: (11/15/2014 04:29:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante rndlresolversvc.exe, version : 0.0.0.0, horodatage : 0x53423f07
Nom du module défaillant : rndlresolversvc.exe, version : 0.0.0.0, horodatage : 0x53423f07
Code d'exception : 0xc0000005
Décalage d'erreur : 0x00003035
ID du processus défaillant : 0x9b8
Heure de début de l'application défaillante : 0xrndlresolversvc.exe0
Chemin d'accès de l'application défaillante : rndlresolversvc.exe1
Chemin d'accès du module défaillant: rndlresolversvc.exe2
ID de rapport : rndlresolversvc.exe3
Error: (11/13/2014 08:47:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante rpsystray.exe, version : 1.0.4.148, horodatage : 0x53454287
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d'exception : 0xc0000005
Décalage d'erreur : 0x000000000036ec50
ID du processus défaillant : 0x624
Heure de début de l'application défaillante : 0xrpsystray.exe0
Chemin d'accès de l'application défaillante : rpsystray.exe1
Chemin d'accès du module défaillant: rpsystray.exe2
ID de rapport : rpsystray.exe3
Error: (11/11/2014 10:55:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante rpsystray.exe, version : 1.0.4.148, horodatage : 0x53454287
Nom du module défaillant : netprofm.dll_unloaded, version : 0.0.0.0, horodatage : 0x4a5bdfd0
Code d'exception : 0xc0000005
Décalage d'erreur : 0x000007fef6af75f4
ID du processus défaillant : 0x63c
Heure de début de l'application défaillante : 0xrpsystray.exe0
Chemin d'accès de l'application défaillante : rpsystray.exe1
Chemin d'accès du module défaillant: rpsystray.exe2
ID de rapport : rpsystray.exe3
Error: (11/10/2014 03:21:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: La création du contexte d'activation a échoué pour « rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1 ».
Assembly dépendant rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (11/09/2014 01:53:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme CCleaner.exe version 2.30.0.1130 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le Centre de maintenance.
ID de processus : 1080
Heure de début : 01cffc194d4d4ef2
Heure de fin : 18
Chemin d'accès de l'application : C:\Program Files (x86)\CCleaner\CCleaner.exe
ID de rapport : 4bc1d890-680f-11e4-b8f1-72a3c4515714
System errors:
=============
Error: (11/19/2014 07:03:01 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (11/19/2014 06:24:22 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (11/19/2014 01:00:00 PM) (Source: ipnathlp) (EventID: 3100
A priori, tu n'as reconfiguré la page de démarrage sur Google Chrome.
Désinstalle Speedbit
Ouvre le bloc-notes : Menu Démarrer / Tous les programmes / Accessoires et Bloc-Notes.
Copie/colle dedans ce qui suit :
FF Keyword.URL: hxxp://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms} [Pays US - 184.73.224.59]
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir= [Pays US - 54.243.229.128]
CHR StartupUrls: Default -> hxxp://astromenda.com/?f=7&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir=, hxxp://go.speedbit.com/?pid=s [Pays US - 54.243.229.128]
R2 SBUpd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe [2545272 2014-04-15] (Speedbit Ltd.)
C:\Program Files\Common Files\SpeedBit
Menu Fichier / Enregistrer-sous
Place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Si FRST ne l'a pas fait, redémarre l'ordinateur.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Désinstalle Speedbit
Ouvre le bloc-notes : Menu Démarrer / Tous les programmes / Accessoires et Bloc-Notes.
Copie/colle dedans ce qui suit :
FF Keyword.URL: hxxp://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms} [Pays US - 184.73.224.59]
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir= [Pays US - 54.243.229.128]
CHR StartupUrls: Default -> hxxp://astromenda.com/?f=7&a=ast_tele_14_39_ie&cd=2XzuyEtN2Y1L1QzuyBtB0AtA0CyEyDtCyDyBtCyEyCyByB0AtN0D0Tzu0SzyzyzytN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EtA0F0FtCzztGtAyDzytBtGzz0EyCyCtGzz0C0CzztGtDzy0E0EtAtCzz0FtCyByCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0CyEzytCyEyB0CtGzzyB0F0DtGyEzz0CyBtG0AtA0A0BtG0E0C0CyEyDtB0FzytC0AyCtD2Q&cr=2110005022&ir=, hxxp://go.speedbit.com/?pid=s [Pays US - 54.243.229.128]
R2 SBUpd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe [2545272 2014-04-15] (Speedbit Ltd.)
C:\Program Files\Common Files\SpeedBit
Menu Fichier / Enregistrer-sous
Place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Si FRST ne l'a pas fait, redémarre l'ordinateur.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
https://www.clubic.com/telecharger-fiche39528-revouninstaller.html
Esasaye avec ce programme de désinstallation ^^
Cordialement.
Esasaye avec ce programme de désinstallation ^^
Cordialement.