Binkiland & Strong signal !Résolu/Fermé

Question

Bonjour, 

Moi c'est Nicolas, j'ai téléchargé vdownloader depuis 01.net ce matin

Depuis je me suis choppé les mêmes symptôme que les autres ... Écran noir au démarrage, et j'ai accès qu au gestionnaires des tâches ..
J'ai donc hérité de binkiland et Strong signal.. Je n'arrive pas à les supprimer de mon ordi

Tu peux m'aider lilidurhone ? Dis moi si tu as besoin de plus d'infos ! Merci d'avance car là je rame !

lilidurhone · Answer

Hello

oui je suis là

Quel système d'exploitation?

As tu accès au gestionnaire des tâches ?au bureau ou au mode sans échec?

lilidurhone · Answer

Clique sur "Plus de détails" en bas à gauche de la fenêtre
Clique sur "Fichier"
Clique sur "Exécuter une nouvelle tâche"
Dans la fenêtre qui s'ouvre, tape ceci en bleu
explorer.exe
valide par "Entrée", patiente le temps que le bureau revienne ( 5 min parfois, cela dépend du degré d'infection au démarrage)

lilidurhone · Answer

Si jamais ça ne marche pas

>Tu peux essayer d'accéder au mode sans échec en suivant cette manip
 
 https://forums.commentcamarche.net/forum/affich-31519876-ecran-noir-apres-avoir-mis-le-mdp#8

Il faudra choisir mode sans échec avec réseau

lilidurhone · Answer

Ou ici
https://www.commentcamarche.net/informatique/windows/113-demarrer-windows-10-en-mode-sans-echec/

Nicolas168 · Answer

J'ai réussi à lancer le mode sans échec avec prise en compte reseau mais une fois ouvert on m'idique que je ne suis pas connecté a internet 
Et je ne peux pas lancer de diagnostic reseau en mode sans échec ...

lilidurhone · Answer

il faut te reconnecter à internet

Nicolas168 · Answer

J'arrive a avoir internent San sale mode sans échec c'est suffisant pour faire les manip?

Nicolas168 · Answer

Ah c'est bon je l'ai !! Fiouu

Je t'écoute pour la suite ;)

lilidurhone · Answer

Ok on va faire vite :)
&#9654 Télécharge ici : FRST (de Farbar)
!!! En fonction de ta version de Windows, prends la "32-Bit Version" ou la "64-Bit Version" !!!
Aide : va dans Démarrer > Panneau de configuration > Système pour savoir si tu es sous 32 bits ou 64 bits.

&#9654 Double-clique sur l'icône FRST.exe pour lancer le programme. (Sous Windows Vista, 7 et 8, il faut faire un clic droit dessus, puis exécuter en tant qu'administrateur.) Clique ensuite sur Oui lorsqu'un message d'avertissement (Disclaimer) s'affiche.

&#9654 Sur le menu principal, clique sur le bouton Scan et patiente le temps de l'analyse.

&#9654 A la fin du scan, deux rapports s'affichent, FRST.txt et Addition.txt Poste les rapports dans ta prochaine réponse.

Les rapport se trouvent ici : C:\FRST\Logs

&#9654 Envoie-les sur https://www.cjoint.com/ et poste les liens obtenus en échange.
 
Si problème il y a il existe toujours une solution 
~~~~~~ Cs ~~~~~~

lilidurhone · Answer

Tu désactives smartscreen 

 
 https://forums.commentcamarche.net/forum/affich-37641559-desactiver-le-smartscreen-sous-windows

Nicolas168 · Answer

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2015
Ran by nicolas (administrator) on NICOLAS on 12-02-2015 23:08:20
Running from C:\Users
icolas\Downloads
Loaded Profiles: nicolas (Available profiles: UpdatusUser & nicolas)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1380056 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32undll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [2460160 2015-02-11] (Vitzo)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-12] (AVAST Software)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\RunOnce: [Binkiland] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users
icolas\AppData\Roaming\Binkiland\UpdateProc\bkup.dat"
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-801284242-1192935596-3800551885-1002\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-801284242-1192935596-3800551885-1002\...\Run: [cacaoweb] => C:\Users
icolas\AppData\Roaming\cacaoweb\cacaoweb.exe [504112 2015-02-05] ()
HKU\S-1-5-21-801284242-1192935596-3800551885-1002\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [2460160 2015-02-11] (Vitzo)
HKU\S-1-5-21-801284242-1192935596-3800551885-1002\...\RunOnce: [Binkiland] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users
icolas\AppData\Roaming\Binkiland\UpdateProc\bkup.dat"
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [349680 2014-03-08] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp{searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-801284242-1192935596-3800551885-1002\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp{searchTerms}
HKU\S-1-5-21-801284242-1192935596-3800551885-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-801284242-1192935596-3800551885-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/webhp{searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/webhp{searchTerms}
SearchScopes: HKU\S-1-5-21-801284242-1192935596-3800551885-1002 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/webhp{searchTerms}
SearchScopes: HKU\S-1-5-21-801284242-1192935596-3800551885-1002 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = https://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-801284242-1192935596-3800551885-1002 -> {2057C59E-3A31-40CE-8157-2D03CC1BD594} URL = 
SearchScopes: HKU\S-1-5-21-801284242-1192935596-3800551885-1002 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-801284242-1192935596-3800551885-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/webhp{searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users
icolas\AppData\Roaming\Mozilla\Firefox\Profiles\f7o07k2b.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0
pctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins
pFoxitPhantomPDFPlugin.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
pIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
pIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins
pmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0
pctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR
ppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins
pMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins
ppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users
icolas\AppData\Roaming\Mozilla\Firefox\Profiles\f7o07k2b.default\searchplugins\Binkiland.xml
FF SearchPlugin: C:\Users
icolas\AppData\Roaming\Mozilla\Firefox\Profiles\f7o07k2b.default\searchplugins\google-avast.xml
FF Extension: cacaoweb - C:\Users
icolas\AppData\Roaming\Mozilla\Firefox\Profiles\f7o07k2b.default\Extensions\cacaoweb@cacaoweb.org [2015-01-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-27]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-01-10]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-02-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-27] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast
g\vbox\AvastVBoxSVC.exe [4012248 2014-12-27] (Avast Software)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-27] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-27] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-27] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-12] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-27] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-27] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-27] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S2 npf; C:\Windows\System32\drivers
pf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast
g\vbox\VBoxAswDrv.sys [271752 2014-12-27] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-12 23:08 - 2015-02-12 23:08 - 00017170 _____ () C:\Users
icolas\Downloads\FRST.txt
2015-02-12 23:07 - 2015-02-12 23:08 - 00000000 ____D () C:\FRST
2015-02-12 23:02 - 2015-02-12 23:02 - 02134016 _____ (Farbar) C:\Users
icolas\Downloads\FRST64.exe
2015-02-12 22:55 - 2015-02-12 22:55 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\AVAST Software
2015-02-12 22:30 - 2015-02-12 22:30 - 00000247 _____ () C:\Windows\system32\2015-02-12-21-30-48.014-aswFe.exe-3016.log
2015-02-12 22:24 - 2015-02-12 22:30 - 00000247 _____ () C:\Windows\system32\2015-02-12-21-24-23.047-aswFe.exe-2220.log
2015-02-12 22:24 - 2015-02-12 22:24 - 00000197 _____ () C:\Windows\system32\2015-02-12-21-24-19.092-AvastVBoxSVC.exe-3700.log
2015-02-12 21:25 - 2015-02-12 21:25 - 00003098 _____ () C:\Windows\System32\Tasks\{70E67DBB-BE0E-4BAB-BB61-6102E323AC4F}
2015-02-12 21:01 - 2015-02-12 21:01 - 00000000 _____ () C:\autoexec.bat
2015-02-12 20:41 - 2015-02-12 20:41 - 00001984 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-12 20:40 - 2014-12-27 10:20 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-12 18:13 - 2015-02-12 18:13 - 00000197 _____ () C:\Windows\system32\2015-02-12-17-13-21.023-AvastVBoxSVC.exe-3208.log
2015-02-12 17:36 - 2015-02-12 17:37 - 00000197 _____ () C:\Windows\system32\2015-02-12-16-36-44.012-AvastVBoxSVC.exe-3080.log
2015-02-12 17:31 - 2015-02-12 17:32 - 00000197 _____ () C:\Windows\system32\2015-02-12-16-31-32.032-AvastVBoxSVC.exe-2904.log
2015-02-12 09:37 - 2015-02-12 09:37 - 00000000 ____D () C:\Users
icolas\AppData\Local\Google
2015-02-12 08:05 - 2015-02-12 08:11 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\Apple Computer
2015-02-12 08:05 - 2015-02-12 08:05 - 00000000 ____D () C:\Users
icolas\AppData\Local\Apple Computer
2015-02-12 08:04 - 2015-02-12 20:33 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-12 08:04 - 2015-02-12 20:33 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-02-12 08:04 - 2015-02-12 20:33 - 00000000 ____D () C:\Program Files\iTunes
2015-02-12 08:04 - 2015-02-12 20:33 - 00000000 ____D () C:\Program Files\iPod
2015-02-12 08:04 - 2015-02-12 20:33 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-12 08:02 - 2015-02-12 08:02 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Users
icolas\AppData\Local\Apple
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Program Files\Bonjour
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-02-12 08:01 - 2015-02-12 08:02 - 00000000 ____D () C:\ProgramData\Apple
2015-02-12 07:55 - 2015-02-12 21:56 - 00000316 _____ () C:\Windows\Tasks\Binkiland.job
2015-02-12 07:55 - 2015-02-12 21:21 - 00000000 ____D () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce
2015-02-12 07:55 - 2015-02-12 20:33 - 00000000 ____D () C:\Users
icolas\AppData\Local\708484
2015-02-12 07:55 - 2015-02-12 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader
2015-02-12 07:55 - 2015-02-12 20:33 - 00000000 ____D () C:\ProgramData\{5BB9B37A-0B3B-62FC-BABD-127E6A3FC1F0}
2015-02-12 07:55 - 2015-02-12 20:33 - 00000000 ____D () C:\Program Files\WinPcap
2015-02-12 07:55 - 2015-02-12 20:33 - 00000000 ____D () C:\Program Files\VDownloader
2015-02-12 07:55 - 2015-02-12 20:33 - 00000000 ____D () C:\Program Files (x86)\WSE_Binkiland
2015-02-12 07:55 - 2015-02-12 07:55 - 00002654 _____ () C:\Windows\System32\Tasks\Binkiland
2015-02-12 07:55 - 2015-02-12 07:55 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\Binkiland
2015-02-12 07:55 - 2010-01-26 11:11 - 00444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2015-02-12 07:47 - 2015-02-12 07:48 - 00000197 _____ () C:\Windows\system32\2015-02-12-06-47-59.036-AvastVBoxSVC.exe-3448.log
2015-02-05 20:30 - 2015-02-05 20:30 - 00504112 _____ () C:\Users
icolas\Downloads\cacaoweb.exe
2015-01-30 12:05 - 2015-01-30 12:06 - 00000197 _____ () C:\Windows\system32\2015-01-30-11-05-52.006-AvastVBoxSVC.exe-4840.log
2015-01-30 12:05 - 2015-01-30 12:05 - 00000000 ____D () C:\Program Files\McAfee
2015-01-30 11:55 - 2015-01-30 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-30 11:55 - 2015-01-30 11:55 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-30 11:55 - 2015-01-30 11:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-30 11:54 - 2015-02-12 22:27 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-30 11:54 - 2015-02-05 09:27 - 00003890 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-26 18:12 - 2015-01-26 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 18:04 - 2015-01-25 18:04 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-01-25 16:48 - 2015-01-25 16:48 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-18 10:55 - 2015-01-18 10:56 - 00000000 ____D () C:\Users
icolas\Documents\Winamax Poker
2015-01-18 10:54 - 2015-01-18 10:54 - 00000949 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamax Poker.lnk
2015-01-18 10:54 - 2015-01-18 10:54 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
2015-01-18 10:54 - 2015-01-18 10:54 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\wam
2015-01-18 10:54 - 2015-01-18 10:54 - 00000000 ____D () C:\Program Files (x86)\Winamax Poker
2015-01-18 10:52 - 2015-01-25 16:57 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-18 10:52 - 2015-01-25 16:47 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-18 10:52 - 2015-01-18 10:52 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-18 10:52 - 2015-01-18 10:52 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-16 10:30 - 2015-01-16 10:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-01-15 10:07 - 2015-01-15 10:08 - 00000197 _____ () C:\Windows\system32\2015-01-15-09-07-57.037-AvastVBoxSVC.exe-3204.log
2015-01-14 23:06 - 2015-01-14 23:06 - 00000000 ____D () C:\ProgramData\Avanquest Software
2015-01-14 23:02 - 2015-02-12 08:19 - 00000000 ____D () C:\Users
icolas\Desktop\CM2
2015-01-13 20:01 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 20:01 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 20:01 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-13 20:01 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 20:01 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-13 20:01 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-13 20:01 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-13 20:01 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-13 20:01 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-13 20:01 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-13 20:01 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-13 20:01 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-13 20:01 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32
csi.dll
2015-01-13 20:01 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32
lasvc.dll
2015-01-13 20:01 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-13 20:01 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-13 20:01 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-13 20:01 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-13 20:01 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-13 20:01 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-13 20:01 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-13 20:01 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-13 20:01 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-13 20:01 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-13 20:01 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-13 20:01 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-13 20:01 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-13 20:01 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-13 20:01 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32
laapi.dll
2015-01-13 20:01 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-13 20:01 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64
laapi.dll
2015-01-13 19:08 - 2015-01-13 19:08 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-12 22:50 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-12 22:45 - 2014-10-26 08:42 - 01067658 _____ () C:\Windows\WindowsUpdate.log
2015-02-12 22:45 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-12 22:30 - 2014-12-24 14:02 - 00000000 ___DO () C:\Users
icolas\OneDrive
2015-02-12 22:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-12 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-12 21:22 - 2013-08-22 15:46 - 00031474 _____ () C:\Windows\setupact.log
2015-02-12 21:21 - 2014-03-18 10:54 - 00440354 _____ () C:\Windows\PFRO.log
2015-02-12 21:01 - 2014-12-24 13:54 - 00000000 ____D () C:\Users
icolas
2015-02-12 20:49 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-12 20:40 - 2014-12-27 10:20 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-12 20:40 - 2014-12-27 10:20 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-12 20:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-12 20:33 - 2014-12-27 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-12 20:33 - 2014-12-27 10:18 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-12 20:33 - 2014-12-27 10:17 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-12 20:33 - 2014-12-24 13:54 - 00000000 ____D () C:\Users
icolas\AppData\Local\Pokki
2015-02-12 20:33 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2015-02-12 20:33 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2015-02-12 20:33 - 2014-07-25 22:27 - 00000000 ____D () C:\ProgramData\Pokki
2015-02-12 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-12 20:33 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-02-12 20:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windowsegistration
2015-02-12 20:23 - 2015-01-06 23:18 - 00000000 __RHD () C:\MSOCache
2015-02-12 18:40 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-12 12:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-12 12:20 - 2014-12-24 14:03 - 00000000 ____D () C:\Users
icolas\AppData\Local\CrashDumps
2015-02-12 08:01 - 2014-12-24 14:00 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-801284242-1192935596-3800551885-1002
2015-02-12 07:56 - 2015-01-02 14:47 - 00001151 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-12 07:44 - 2014-07-25 22:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-09 16:56 - 2014-12-24 13:58 - 00002296 _____ () C:\Users
icolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-05 22:52 - 2014-12-29 21:22 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\cacaoweb
2015-02-03 20:31 - 2015-01-02 17:12 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2015-01-02 17:12 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 12:03 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-30 12:01 - 2015-01-02 14:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-30 11:59 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-30 11:57 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\Administrator
2015-01-30 11:54 - 2015-01-02 15:15 - 00000000 ____D () C:\Users
icolas\AppData\Local\Adobe
2015-01-29 14:39 - 2014-10-26 15:56 - 00812350 _____ () C:\Windows\system32\perfh00C.dat
2015-01-29 14:39 - 2014-10-26 15:56 - 00159412 _____ () C:\Windows\system32\perfc00C.dat
2015-01-29 14:39 - 2014-03-18 11:03 - 01824010 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-29 12:42 - 2014-12-24 13:55 - 00000000 ____D () C:\Users
icolas\AppData\Local\Packages
2015-01-25 16:56 - 2014-12-24 13:55 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\Adobe
2015-01-25 16:41 - 2014-07-25 22:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-15 10:10 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-15 10:10 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-15 10:07 - 2014-12-24 13:56 - 00000000 ____D () C:\Users
icolas\AppData\Local\clear.fi
2015-01-14 23:06 - 2015-01-08 08:49 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\PDF Pro 10 9
2015-01-14 23:05 - 2015-01-07 23:46 - 00000000 ____D () C:\Users
icolas\Desktop\CM1
2015-01-14 22:45 - 2015-01-02 15:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 18:11 - 2015-01-02 15:09 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 19:43 - 2013-08-22 16:36 - 00000000 ____D () C:\Windowsescache

==================== Files in the root of some directories =======

2015-02-12 07:55 - 2010-01-26 11:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2014-10-26 07:57 - 2014-10-26 07:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users
icolas\AppData\Local\Temp\0147711422615973mcinst.exe
C:\Users
icolas\AppData\Local\Temp\14060uninstall.exe
C:\Users
icolas\AppData\Local\Temp\BNKStubSetup.exe
C:\Users
icolas\AppData\Local\Temp\FoxitUpdater.exe
C:\Users
icolas\AppData\Local\Temp\LMkRstPt.exe
C:\Users
icolas\AppData\Local\Temp\oct925A.tmp.exe
C:\Users
icolas\AppData\Local\Temp\octB7C3.tmp.exe
C:\Users
icolas\AppData\Local\Temp\octC867.tmp.exe
C:\Users
icolas\AppData\Local\Temp\octE098.tmp.exe
C:\Users
icolas\AppData\Local\Temp\octEB1D.tmp.exe
C:\Users
icolas\AppData\Local\Temp\VDownloaderSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32pcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-05 20:48

==================== End Of Log ============================

Nicolas168 · Answer

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2015 Ran by nicolas at 2015-02-12 23:09:12 Running from C:\Users icolas\Downloads Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated) abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated) abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated) abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated) Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3012 - Acer Incorporated) Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated) Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated) Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated) Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated) Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated) Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated) Apple Application Support (32 bits) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.) CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.) Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.) Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.) Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden Host App Service (HKU\S-1-5-21-801284242-1192935596-3800551885-1002\...\Pokki) (Version: 0.269.5.470 - Pokki) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation) Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech) LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation) Mises à jour NVIDIA 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation) Mozilla Firefox 35.0.1 (x86 fr) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 fr)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla) NVIDIA Logiciel système PhysX 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation) NVIDIA Pilote graphique 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Panneau de configuration NVIDIA 332.35 (Version: 332.35 - NVIDIA Corporation) Hidden Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden Pokki Start Menu (HKU\S-1-5-21-801284242-1192935596-3800551885-1002\...\Pokki_Start_Menu) (Version: 0.269.5.470 - Pokki) Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.) The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VDownloader 4.0.1123 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden Winamax Poker (HKLM-x32\...\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1) (Version: 3.4.1.1420205129 - Winamax) Winamax Poker (x32 Version: 3.4.1 - Winamax) Hidden WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies) WSE_Binkiland (HKLM-x32\...\WSE_Binkiland) (Version: - WSE_Binkiland) Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-801284242-1192935596-3800551885-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 02-01-2015 14:38:30 Windows Update 05-01-2015 19:37:09 Windows Update 06-01-2015 23:18:09 Installed Microsoft Office Professionnel Plus 2013 06-01-2015 23:18:48 PROPLUS 14-01-2015 18:08:29 Programme d'installation pour les modules Windows 23-01-2015 17:21:45 Windows Update 29-01-2015 13:36:20 Windows Update 09-02-2015 16:55:40 Windows Update 12-02-2015 08:02:59 Installed iTunes 12-02-2015 20:21:49 Opération de restauration ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {06AF56EC-E4E2-401C-BE32-7EEE682B973F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {0BCDFE13-4C6A-4CEA-9BB3-8CC5E305A90E} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer) Task: {2923779E-6EEB-48BE-A74D-8C074541E151} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] () Task: {2EFB2264-EEEC-49ED-8F8F-9404F4579FF3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-14] (Microsoft Corporation) Task: {33A02728-0D8D-4036-ABD0-BCB47F63DCAB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {41207DBE-32FD-4400-BEA5-43C88C5EBE72} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-27] (AVAST Software) Task: {4621F24C-2B09-4415-A9B5-59E80B23B1ED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] () Task: {4C44B2C7-BE07-41E9-A785-C4CF1378E070} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated) Task: {4E4CD3F3-095E-46B7-A070-7B295ED74DA5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {6F4C6B94-76C8-4A69-BF84-2017E4D4C148} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate) Task: {7CC3A020-2B4B-420B-B12D-B45BF4A1101B} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated) Task: {9C663A25-446F-495B-B9B7-3F0C5AD97E7E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated) Task: {A64C43B5-20B3-442F-B2AC-772DD2A16B90} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {A6F13E5C-8217-4B4F-A9AF-E08D3A9518AE} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-09-09] (Dolby Laboratories Inc.) Task: {AA9F1F0F-147D-4013-A93A-B1C5D81C0680} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated) Task: {C47F28C1-5580-4EEB-8D52-C72B0341BE65} - System32\Tasks\{70E67DBB-BE0E-4BAB-BB61-6102E323AC4F} => pcalua.exe -a C:\PROGRA~2\WSE_BI~1\uninstall.exe -c /uninstaller Task: {C5C9FCA9-CAE2-4C4C-93C3-3E44ADEF4086} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate) Task: {D13F48A1-5935-4E1A-AAE7-102210C83D04} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate) Task: {E5D8AA8F-25BB-4E76-9148-500255DE4526} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {F602C7D8-08F8-4255-A007-2FB1B8E7EDA5} - System32\Tasks\Binkiland => C:\Users icolas\AppData\Roaming\Binkiland\UpdateProc\UpdateTask.exe [2015-02-12] () <==== ATTENTION Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: ) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Binkiland.job => C:\Users icolas\AppData\Roaming\BINKIL~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION ==================== Loaded Modules (whitelisted) ============== 2014-12-27 10:20 - 2014-12-27 10:20 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users icolas\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-801284242-1192935596-3800551885-1002\Control Panel\Desktop\Wallpaper -> C:\Users icolas\AppData\Roaming\Mozilla\Firefox\Fond d'écran.bmp DNS Servers: 212.27.40.240 - 212.27.40.241 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-801284242-1192935596-3800551885-1002\...\StartupApproved\Run: => "cacaoweb" ==================== Accounts: ============================= Administrateur (S-1-5-21-801284242-1192935596-3800551885-500 - Administrator - Disabled) Invité (S-1-5-21-801284242-1192935596-3800551885-501 - Limited - Disabled) nicolas (S-1-5-21-801284242-1192935596-3800551885-1002 - Administrator - Enabled) => C:\Users icolas UpdatusUser (S-1-5-21-801284242-1192935596-3800551885-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= Name: Intel(R) Serial IO I2C Host Controller - 9C62 Description: Intel(R) Serial IO I2C Host Controller - 9C62 Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Corporation Service: iaLPSS_I2C Problem: : Windows cannot initialize the device driver for this hardware. (Code 37) Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver. ==================== Event log errors: ========================= Application errors: ================== Error: (02/12/2015 09:15:06 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme SpyHunter4.exe version 4.18.9.4384 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le Centre de maintenance. ID de processus : 13d8 Heure de début : 01d046ffb370772b Heure de fin : 0 Chemin d'accès de l'application : C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe ID de rapport : d40772b5-b2f3-11e4-8267-f0761c332bcb Nom complet du package défaillant : ID de l'application relative au package défaillant : Error: (02/12/2015 09:08:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Le programme SpyHunter4.exe version 4.18.9.4384 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le Centre de maintenance. ID de processus : 9a8 Heure de début : 01d046feb6aada18 Heure de fin : 15 Chemin d'accès de l'application : C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe ID de rapport : d605b6fc-b2f2-11e4-8267-f0761c332bcb Nom complet du package défaillant : ID de l'application relative au package défaillant : Error: (02/12/2015 09:00:00 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1648) SRUJet: L'Erreur -1811 (0xfffff8ed) s'est produite lors de l'ouverture du fichier journal C:\Windows\system32\SRU\SRU00140.log. Error: (02/12/2015 07:00:10 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: La création du contexte d'activation a échoué pour « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2 » à la ligne C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Une version de composant nécessaire à l'application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Error: (02/12/2015 07:00:10 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: La création du contexte d'activation a échoué pour « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2 » à la ligne C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Une version de composant nécessaire à l'application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Error: (02/12/2015 07:00:10 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: La création du contexte d'activation a échoué pour « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2 » à la ligne C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Une version de composant nécessaire à l'application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Error: (02/12/2015 07:00:02 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: La création du contexte d'activation a échoué pour « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2 » à la ligne C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Une version de composant nécessaire à l'application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Error: (02/12/2015 06:40:41 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: La création du contexte d'activation a échoué pour « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2 » à la ligne C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Une version de composant nécessaire à l'application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Error: (02/12/2015 06:40:30 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: La création du contexte d'activation a échoué pour « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2 » à la ligne C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Une version de composant nécessaire à l'application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Error: (02/12/2015 06:40:30 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: La création du contexte d'activation a échoué pour « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2 » à la ligne C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Une version de composant nécessaire à l'application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. System errors: ============= Error: (02/12/2015 11:07:48 PM) (Source: DCOM) (EventID: 10005) (User: NICOLAS) Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC} Error: (02/12/2015 11:06:44 PM) (Source: DCOM) (EventID: 10005) (User: NICOLAS) Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/12/2015 11:06:44 PM) (Source: DCOM) (EventID: 10005) (User: NICOLAS) Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/12/2015 11:06:41 PM) (Source: DCOM) (EventID: 10005) (User: NICOLAS) Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/12/2015 11:06:41 PM) (Source: DCOM) (EventID: 10005) (User: NICOLAS) Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/12/2015 11:06:39 PM) (Source: DCOM) (EventID: 10005) (User: NICOLAS) Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC} Error: (02/12/2015 11:06:37 PM) (Source: DCOM) (EventID: 10005) (User: NICOLAS) Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/12/2015 11:06:37 PM) (Source: DCOM) (EventID: 10005) (User: NICOLAS) Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/12/2015 11:06:34 PM) (Source: DCOM) (EventID: 10005) (User: NICOLAS) Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/12/2015 11:06:34 PM) (Source: DCOM) (EventID: 10005) (User: NICOLAS) Description: 1084WSearchNon disponible{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Microsoft Office Sessions: ========================= Error: (02/12/2015 09:15:06 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: SpyHunter4.exe4.18.9.438413d801d046ffb370772b0C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exed40772b5-b2f3-11e4-8267-f0761c332bcb Error: (02/12/2015 09:08:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: SpyHunter4.exe4.18.9.43849a801d046feb6aada1815C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exed605b6fc-b2f2-11e4-8267-f0761c332bcb Error: (02/12/2015 09:00:00 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost1648SRUJet: C:\Windows\system32\SRU\SRU00140.log-1811 (0xfffff8ed) Error: (02/12/2015 07:00:10 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users icolas\AppData\Local\Pokki\Uninstall.exe Error: (02/12/2015 07:00:10 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users icolas\AppData\Local\Pokki\Uninstall.exe Error: (02/12/2015 07:00:10 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users icolas\AppData\Local\Pokki\Uninstall.exe Error: (02/12/2015 07:00:02 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users icolas\AppData\Local\Pokki\Engine\HostAppService.exe Error: (02/12/2015 06:40:41 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users icolas\AppData\Local\Pokki\Engine\HostAppService.exe Error: (02/12/2015 06:40:30 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users icolas\AppData\Local\Pokki\Engine\HostAppService.exe Error: (02/12/2015 06:40:30 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users icolas\AppData\Local\Pokki\Engine\HostAppService.exe ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Percentage of memory in use: 12% Total physical RAM: 8115.27 MB Available physical RAM: 7130.39 MB Total Pagefile: 9395.27 MB Available Pagefile: 8485.59 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:914.19 GB) (Free:849.06 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 17AB2C3C) Partition: GPT Partition Type. ==================== End Of Log ============================

lilidurhone · Answer

▶ /!\ Crée un point de restauration manuel avant d'appliquer le correctif - Tutoriel en images/!\ ▶ Ouvre le Bloc-notes (Démarrer => Tous les programmes => Accessoires => Bloc-notes) ▶ Copie/colle la totalité du contenu de la zone Code ci-dessous dans le Bloc-notes startFF SearchPlugin: C:\Users icolas\AppData\Roaming\Mozilla\Firefox\Profiles\f7o07k2b.default\searchplugins\Binkiland.xml HKU\S-1-5-21-801284242-1192935596-3800551885-1002\...\RunOnce: [Binkiland] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users icolas\AppData\Roaming\Binkiland\UpdateProc\bkup.dat"HKLM-x32\...\RunOnce: [Binkiland] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users icolas\AppData\Roaming\Binkiland\UpdateProc\bkup.dat" 2015-02-12 07:55 - 2015-02-12 21:56 - 00000316 _____ () C:\Windows\Tasks\Binkiland.job 2015-02-12 07:55 - 2015-02-12 21:21 - 00000000 ____D () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce 2015-02-12 07:55 - 2015-02-12 20:33 - 00000000 ____D () C:\Users icolas\AppData\Local\708484 2015-02-12 07:55 - 2015-02-12 20:33 - 00000000 ____D () C:\Program Files (x86)\WSE_Binkiland 2015-02-12 07:55 - 2015-02-12 07:55 - 00002654 _____ () C:\Windows\System32\Tasks\Binkiland 2015-02-12 07:55 - 2015-02-12 07:55 - 00000000 ____D () C:\Users icolas\AppData\Roaming\Binkiland Task: {C47F28C1-5580-4EEB-8D52-C72B0341BE65} - System32\Tasks\{70E67DBB-BE0E-4BAB-BB61-6102E323AC4F} => pcalua.exe -a C:\PROGRA~2\WSE_BI~1\uninstall.exe -c /uninstaller Task: {F602C7D8-08F8-4255-A007-2FB1B8E7EDA5} - System32\Tasks\Binkiland => C:\Users icolas\AppData\Roaming\Binkiland\UpdateProc\UpdateTask.exe [2015-02-12] () <==== ATTENTION Task: C:\Windows\Tasks\Binkiland.job => C:\Users icolas\AppData\Roaming\BINKIL~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION end ▶ Enregistre le fichier sur ton Bureau (au même endroit que FRST) sous le nom fixlist.txt ▶ Ferme toutes les applications, y compris ton navigateur ▶ Double-clique sur FRST.exe /!\ Sous Vista, Windows 7 et 8, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur ▶ Sur le menu principal, clique une seule fois sur Fix et patiente le temps de la correction ▶ L'outil va créer un rapport de correction Fixlog.txt. Poste ce rapport dans ta réponse. ▶ /!\ Ce script a été établi pour cet utilisateur, il ne doit, en aucun cas, être appliqué sur un autre système, au risque de provoquer de graves dysfonctionnement et endommager Windows /!\

lilidurhone · Answer

Normalement tu devrais pouvoir redémarrer en mode normal

Ensuite tu feras adwcleaner puis Mbam

Nicolas168 · Answer

Pour le point de restauration il me demande de redémarrer mon pc c'est normal ?

Le tuto est un peu différent car c'est pour le 7. Je n'ai pas créer mais "modifier" pour la description ,tu me confirmes que c'ets bien ça?

lilidurhone · Answer

Pas besoin de point de restau passe directement au script (fais moi confiance )

lilidurhone · Answer

Normalement tu pourras démarrer normalement

lilidurhone · Answer

Redémarre et tada :)

Bureau normalement :)

Nicolas168 · Answer

YAOUHH !!!! :D
1000 merci lilidurhone !!
Franchement tu gères <3 lol

Nicolas168 · Answer

Du coup tout est ok ? je peux m'en resservir comme avant ?!
je dois éviter des choses? intaller des protections? 


Pffff ca gère :p :p
Demain je vais pouvoir reprendre mes cours tranquillement sans me stresser MERCI !

lilidurhone · Answer

C'est pas fini 

 On va passer cet outil simple d'utilisation

 Télécharge cet outil simple d'utilisation https://toolslib.net/downloads/viewdownload/1-adwcleaner/
 Lance le (Sous vista/seven/8 clic droit dessus, et sur Exécuter en tant qu'administrateur) si tu es sous xp double cliques dessus
 Puis clique sur nettoyer.
 Sauvegarde tout travail en cours puis accepte la fermeture des programmes en cours d'exécution.
 Patiente le temps du nettoyage.
 Une fois le scan fini, il te sera proposé de redémarrer.
 Au redémarrage du PC, un rapport s'ouvrira.
 Poste moi son contenu dans ta prochaine réponse.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt 


Ensuite Mbam pour demain car là dodo pour moi

Nicolas168 · Answer

# AdwCleaner v4.110 - Rapport créé le 12/02/2015 à 23:46:25
# Mis à jour le 05/02/2015 par Xplode
# Base de données : 2015-02-12.1 [Serveur]
# Système d'exploitation : Windows 8.1  (x64)
# Nom d'utilisateur : nicolas - NICOLAS
# Exécuté depuis : C:\Users
icolas\Downloads\adwcleaner_4.110.exe
# Option : Nettoyer

 [ Services ] *****
 [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Users
icolas\AppData\Roaming\cacaoweb
Dossier Supprimé : C:\Users
icolas\AppData\Roaming\Binkiland
Dossier Supprimé : C:\Users
icolas\AppData\Roaming\Mozilla\Firefox\Profiles\f7o07k2b.default\Extensions\cacaoweb@cacaoweb.org

 [ Tâches planifiées ] *****
 [ Raccourcis ] *****
 [ Registre ] *****

Clé Supprimée : HKCU\Software\Classes\pokki
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Clé Supprimée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Clé Supprimée : HKCU\Software\cacaoweb
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\Pokki
Clé Supprimée : HKCU\Software\WSE_Binkiland
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Binkiland
Donnée Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

 [ Navigateurs ] *****

-\ Internet Explorer v11.0.9600.17416


-\ Mozilla Firefox v35.0.1 (x86 fr)

[f7o07k2b.default\prefs.js] - Ligne Supprimée : user_pref("browser.search.hiddenOneOffs", "Yahoo,Bing,Amazon.fr,DuckDuckGo,eBay France,Portail Lexical - CNRTL,Web Search,Wikipédia (fr)");



AdwCleaner[R0].txt - [2692 octets] - [12/02/2015 23:44:41]
AdwCleaner[S0].txt - [2130 octets] - [12/02/2015 23:46:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2190  octets] ##########

Nicolas168 · Answer

Voilà le résultat ! 
Ok ça marche on finis demain, tu n'auras cas poster un message sur le forum et je le verrais ..
Demain matin tu penses que c'est ok ? 

Bonne nuit ;)

lilidurhone · Answer

Passe à Mbam

Nicolas168 · Answer

Ecoute je ne sais pas ce que c'est Mbam ... 
Je ne veux pas refaire de connerie sur le pc 
Je te dis à demain si tu vas dormir

Merci déjà du temps accordé c'est hyper gentil !

Nicolas168 · Answer

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 13/02/2015
Heure de l'examen: 00:11:38
Fichier journal: Mbam.txt
Administrateur: Oui

Version: 2.00.4.1028
Base de données Malveillants: v2015.02.12.07
Base de données Rootkits: v2015.02.03.01
Licence: Gratuit
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Auto-protection: Désactivé(e)

Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: nicolas

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 390757
Temps écoulé: 12 min, 58 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(Aucun élément malicieux detecté)

Modules: 0
(Aucun élément malicieux detecté)

Clés du Registre: 8
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{c723a437-2eaf-466d-a95b-3fa0966bf88c}, Mis en quarantaine, [0f88021bd3b71422c87e946c63a0f50b], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{e806ac01-e7a5-4949-af7c-7e6e5775035b}, Mis en quarantaine, [0f88021bd3b71422c87e946c63a0f50b], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{BA6EB888-8424-4C93-8E71-6050C714CFBE}, Mis en quarantaine, [0f88021bd3b71422c87e946c63a0f50b], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BA6EB888-8424-4C93-8E71-6050C714CFBE}, Mis en quarantaine, [0f88021bd3b71422c87e946c63a0f50b], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{e806ac01-e7a5-4949-af7c-7e6e5775035b}, Mis en quarantaine, [0f88021bd3b71422c87e946c63a0f50b], 
PUP.Optional.StrongSignal.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C723A437-2EAF-466D-A95B-3FA0966BF88C}, Mis en quarantaine, [0f88021bd3b71422c87e946c63a0f50b], 
PUP.Optional.StrongSignal.A, HKU\S-1-5-21-801284242-1192935596-3800551885-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C723A437-2EAF-466D-A95B-3FA0966BF88C}, Mis en quarantaine, [0f88021bd3b71422c87e946c63a0f50b], 
PUP.Optional.StrongSignal.A, HKU\S-1-5-21-801284242-1192935596-3800551885-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C723A437-2EAF-466D-A95B-3FA0966BF88C}, Mis en quarantaine, [0f88021bd3b71422c87e946c63a0f50b], 

Valeurs du Registre: 0
(Aucun élément malicieux detecté)

Données du Registre: 0
(Aucun élément malicieux detecté)

Dossiers: 0
(Aucun élément malicieux detecté)

Fichiers: 0
(Aucun élément malicieux detecté)

Secteurs physiques: 0
(Aucun élément malicieux detecté)


(end)

Nicolas168 · Answer

Alors j'ai fais ma fouine sur tes autres forum et j'ai trouvé la procédure pour ce fameux Mbam ;) 
J'ai fais comme tu as tout décris, le résultat est dans le fichier .txt au dessus ! 

Sur le lien suivant c'est énorme les 7 points que tu donnes aussi ! 
https://forums.commentcamarche.net/forum/affich-31552623-binkiland-encore-et-encore

Je pense que c'est tout bon, tu me confirmeras si j'ai oublié quelque chose .. LoL

merci beaucoup encore car sans toi j'aurai été perdu ! et nickel niveau réactivité!

Au plaisir 
Nicolas

lilidurhone · Answer

Refais frst :)

Nicolas168 · Answer

Hello !

Ok donc toute la procédure depuis le scan ?

Je fais ca dans 30mn le temps d'avoir du reseau

lilidurhone · Answer

Juste pour vérifier :)

Nicolas168 · Answer

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2015
Ran by nicolas (administrator) on NICOLAS on 13-02-2015 08:55:13
Running from C:\Users
icolas\Desktop\FRST64
Loaded Profiles: UpdatusUser & nicolas (Available profiles: UpdatusUser & nicolas)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32
vvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast
g\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast
g
gservice.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display
vxdsync.exe
(NVIDIA Corporation) C:\Windows\System32
vvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display
vtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1380056 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32undll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [VDownloader] => "C:\Program Files\VDownloader\VDownloader4.exe" /silent
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-12] (AVAST Software)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-801284242-1192935596-3800551885-1001\...\Run: [Pokki] => C:\Windows\system32undll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-801284242-1192935596-3800551885-1001\...\RunOnce: [RegDXVA1] => C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\abPhoto\SwitchUserVideoKey.reg"
HKU\S-1-5-21-801284242-1192935596-3800551885-1001\...\RunOnce: [SetAsDefault] => C:\Program Files (x86)\Acer\Acer Video Player\SwitchUserVideoKey.bat
HKU\S-1-5-21-801284242-1192935596-3800551885-1002\...\Run: [VDownloader] => "C:\Program Files\VDownloader\VDownloader4.exe" /silent
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [349680 2014-03-08] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp{searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-801284242-1192935596-3800551885-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?cobrand=acer13.msn.com&ocid=AARDHP&pc=MAARJS
HKU\S-1-5-21-801284242-1192935596-3800551885-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=acer13.msn.com&ocid=AARDHP&pc=MAARJS
HKU\S-1-5-21-801284242-1192935596-3800551885-1002\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp{searchTerms}
HKU\S-1-5-21-801284242-1192935596-3800551885-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-801284242-1192935596-3800551885-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/webhp{searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-801284242-1192935596-3800551885-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-801284242-1192935596-3800551885-1002 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = https://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-801284242-1192935596-3800551885-1002 -> {2057C59E-3A31-40CE-8157-2D03CC1BD594} URL = 
SearchScopes: HKU\S-1-5-21-801284242-1192935596-3800551885-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/webhp{searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users
icolas\AppData\Roaming\Mozilla\Firefox\Profiles\f7o07k2b.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0
pctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins
pFoxitPhantomPDFPlugin.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
pIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
pIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins
pmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0
pctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR
ppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins
pMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins
ppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users
icolas\AppData\Roaming\Mozilla\Firefox\Profiles\f7o07k2b.default\searchplugins\google-avast.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-27]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-01-10]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-02-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-27] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast
g\vbox\AvastVBoxSVC.exe [4012248 2014-12-27] (Avast Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-27] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers
pf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast
g\vbox\VBoxAswDrv.sys [271752 2014-12-27] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-13 08:50 - 2015-02-13 08:50 - 00000197 _____ () C:\Windows\system32\2015-02-13-07-50-56.001-AvastVBoxSVC.exe-3084.log
2015-02-13 00:32 - 2015-02-13 08:55 - 00000000 ____D () C:\Users
icolas\Desktop\FRST64
2015-02-13 00:07 - 2015-02-13 00:11 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-13 00:07 - 2015-02-13 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-13 00:07 - 2015-02-13 00:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-13 00:07 - 2015-02-13 00:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-13 00:07 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-13 00:07 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-13 00:07 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-12 23:51 - 2015-02-12 23:51 - 00000197 _____ () C:\Windows\system32\2015-02-12-22-51-07.099-AvastVBoxSVC.exe-3264.log
2015-02-12 23:44 - 2015-02-12 23:46 - 00000000 ____D () C:\AdwCleaner
2015-02-12 23:36 - 2015-02-12 23:38 - 00000197 _____ () C:\Windows\system32\2015-02-12-22-36-26.017-AvastVBoxSVC.exe-3920.log
2015-02-12 23:07 - 2015-02-13 08:55 - 00000000 ____D () C:\FRST
2015-02-12 22:55 - 2015-02-12 22:55 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\AVAST Software
2015-02-12 22:30 - 2015-02-12 22:30 - 00000247 _____ () C:\Windows\system32\2015-02-12-21-30-48.014-aswFe.exe-3016.log
2015-02-12 22:24 - 2015-02-12 22:30 - 00000247 _____ () C:\Windows\system32\2015-02-12-21-24-23.047-aswFe.exe-2220.log
2015-02-12 22:24 - 2015-02-12 22:24 - 00000197 _____ () C:\Windows\system32\2015-02-12-21-24-19.092-AvastVBoxSVC.exe-3700.log
2015-02-12 22:20 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-12 22:20 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 22:20 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 22:20 - 2014-12-09 00:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-12 21:25 - 2015-02-12 21:25 - 00003098 _____ () C:\Windows\System32\Tasks\{70E67DBB-BE0E-4BAB-BB61-6102E323AC4F}
2015-02-12 21:01 - 2015-02-12 21:01 - 00000000 _____ () C:\autoexec.bat
2015-02-12 20:49 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 20:49 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 20:49 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-12 20:49 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-12 20:49 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 20:49 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 20:49 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 20:49 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 20:49 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 20:48 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 20:48 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 20:48 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 20:48 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32
toskrnl.exe
2015-02-12 20:48 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32
tdll.dll
2015-02-12 20:48 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64
tdll.dll
2015-02-12 20:48 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 20:48 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 20:48 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-12 20:48 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 20:48 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-12 20:48 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-12 20:48 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32
tvdm64.dll
2015-02-12 20:48 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64
tvdm64.dll
2015-02-12 20:48 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-12 20:48 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-12 20:48 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-12 20:48 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-12 20:47 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 20:47 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 20:47 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 20:47 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-12 20:47 - 2015-01-12 03:32 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 20:47 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 20:47 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 20:47 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 20:47 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 20:47 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 20:47 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 20:47 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-12 20:47 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-12 20:47 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-12 20:47 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 20:47 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 20:47 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 20:47 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 20:47 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 20:47 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 20:47 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-12 20:47 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-12 20:47 - 2015-01-12 02:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 20:47 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-12 20:47 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 20:47 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-12 20:47 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 20:47 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 20:47 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 20:47 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 20:47 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 20:47 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 20:47 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 20:47 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 20:47 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 20:47 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 20:41 - 2015-02-12 20:41 - 00001984 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-12 20:40 - 2014-12-27 10:20 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-12 18:13 - 2015-02-12 18:13 - 00000197 _____ () C:\Windows\system32\2015-02-12-17-13-21.023-AvastVBoxSVC.exe-3208.log
2015-02-12 17:36 - 2015-02-12 17:37 - 00000197 _____ () C:\Windows\system32\2015-02-12-16-36-44.012-AvastVBoxSVC.exe-3080.log
2015-02-12 17:31 - 2015-02-12 17:32 - 00000197 _____ () C:\Windows\system32\2015-02-12-16-31-32.032-AvastVBoxSVC.exe-2904.log
2015-02-12 09:37 - 2015-02-12 09:37 - 00000000 ____D () C:\Users
icolas\AppData\Local\Google
2015-02-12 08:05 - 2015-02-12 08:11 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\Apple Computer
2015-02-12 08:05 - 2015-02-12 08:05 - 00000000 ____D () C:\Users
icolas\AppData\Local\Apple Computer
2015-02-12 08:04 - 2015-02-12 20:33 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-12 08:04 - 2015-02-12 20:33 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-02-12 08:04 - 2015-02-12 20:33 - 00000000 ____D () C:\Program Files\iTunes
2015-02-12 08:04 - 2015-02-12 20:33 - 00000000 ____D () C:\Program Files\iPod
2015-02-12 08:04 - 2015-02-12 20:33 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-12 08:02 - 2015-02-12 08:02 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Users
icolas\AppData\Local\Apple
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Program Files\Bonjour
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-02-12 08:02 - 2015-02-12 08:02 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-02-12 08:01 - 2015-02-12 08:02 - 00000000 ____D () C:\ProgramData\Apple
2015-02-12 07:55 - 2015-02-12 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader
2015-02-12 07:55 - 2015-02-12 20:33 - 00000000 ____D () C:\ProgramData\{5BB9B37A-0B3B-62FC-BABD-127E6A3FC1F0}
2015-02-12 07:55 - 2015-02-12 20:33 - 00000000 ____D () C:\Program Files\WinPcap
2015-02-12 07:55 - 2010-01-26 11:11 - 00444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2015-02-12 07:47 - 2015-02-12 07:48 - 00000197 _____ () C:\Windows\system32\2015-02-12-06-47-59.036-AvastVBoxSVC.exe-3448.log
2015-02-05 20:30 - 2015-02-05 20:30 - 00504112 _____ () C:\Users
icolas\Downloads\cacaoweb.exe
2015-01-30 12:05 - 2015-01-30 12:06 - 00000197 _____ () C:\Windows\system32\2015-01-30-11-05-52.006-AvastVBoxSVC.exe-4840.log
2015-01-30 12:05 - 2015-01-30 12:05 - 00000000 ____D () C:\Program Files\McAfee
2015-01-30 11:55 - 2015-01-30 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-30 11:55 - 2015-01-30 11:55 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-30 11:55 - 2015-01-30 11:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-30 11:54 - 2015-02-13 00:27 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-30 11:54 - 2015-02-05 09:27 - 00003890 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-26 18:12 - 2015-01-26 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 18:04 - 2015-01-25 18:04 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-01-25 16:48 - 2015-01-25 16:48 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-18 10:55 - 2015-01-18 10:56 - 00000000 ____D () C:\Users
icolas\Documents\Winamax Poker
2015-01-18 10:54 - 2015-01-18 10:54 - 00000949 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamax Poker.lnk
2015-01-18 10:54 - 2015-01-18 10:54 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
2015-01-18 10:54 - 2015-01-18 10:54 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\wam
2015-01-18 10:54 - 2015-01-18 10:54 - 00000000 ____D () C:\Program Files (x86)\Winamax Poker
2015-01-18 10:52 - 2015-01-25 16:57 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-18 10:52 - 2015-01-25 16:47 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-18 10:52 - 2015-01-18 10:52 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-18 10:52 - 2015-01-18 10:52 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-16 10:30 - 2015-01-16 10:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-01-15 10:07 - 2015-01-15 10:08 - 00000197 _____ () C:\Windows\system32\2015-01-15-09-07-57.037-AvastVBoxSVC.exe-3204.log
2015-01-14 23:06 - 2015-01-14 23:06 - 00000000 ____D () C:\ProgramData\Avanquest Software
2015-01-14 23:02 - 2015-02-12 08:19 - 00000000 ____D () C:\Users
icolas\Desktop\CM2

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-13 08:55 - 2014-12-24 14:03 - 00000000 ____D () C:\Users
icolas\AppData\Local\CrashDumps
2015-02-13 08:55 - 2014-12-24 14:00 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-801284242-1192935596-3800551885-1002
2015-02-13 08:52 - 2014-12-24 14:02 - 00000000 __RDO () C:\Users
icolas\OneDrive
2015-02-13 08:50 - 2014-10-26 08:42 - 01213456 _____ () C:\Windows\WindowsUpdate.log
2015-02-13 08:50 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-13 00:44 - 2013-08-22 15:46 - 00031822 _____ () C:\Windows\setupact.log
2015-02-13 00:44 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-13 00:44 - 2013-08-22 15:44 - 00492912 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-13 00:43 - 2014-03-18 10:54 - 00440726 _____ () C:\Windows\PFRO.log
2015-02-13 00:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-13 00:42 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-13 00:38 - 2015-01-02 15:09 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-13 00:38 - 2015-01-02 15:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 23:37 - 2014-12-24 13:54 - 00000000 ____D () C:\Users
icolas\AppData\Local\Pokki
2015-02-12 22:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-12 21:01 - 2014-12-24 13:54 - 00000000 ____D () C:\Users
icolas
2015-02-12 20:40 - 2014-12-27 10:20 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-12 20:40 - 2014-12-27 10:20 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-12 20:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-12 20:33 - 2014-12-27 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-12 20:33 - 2014-12-27 10:18 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-12 20:33 - 2014-12-27 10:17 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-12 20:33 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2015-02-12 20:33 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2015-02-12 20:33 - 2014-07-25 22:27 - 00000000 ____D () C:\ProgramData\Pokki
2015-02-12 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-12 20:33 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-02-12 20:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windowsegistration
2015-02-12 20:23 - 2015-01-06 23:18 - 00000000 __RHD () C:\MSOCache
2015-02-12 18:40 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-12 12:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-12 07:56 - 2015-01-02 14:47 - 00001151 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-12 07:44 - 2014-07-25 22:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-09 16:56 - 2014-12-24 13:58 - 00002296 _____ () C:\Users
icolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-03 20:31 - 2015-01-02 17:12 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2015-01-02 17:12 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 12:03 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-30 12:01 - 2015-01-02 14:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-30 11:59 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-30 11:57 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\Administrator
2015-01-30 11:54 - 2015-01-02 15:15 - 00000000 ____D () C:\Users
icolas\AppData\Local\Adobe
2015-01-29 14:39 - 2014-10-26 15:56 - 00812350 _____ () C:\Windows\system32\perfh00C.dat
2015-01-29 14:39 - 2014-10-26 15:56 - 00159412 _____ () C:\Windows\system32\perfc00C.dat
2015-01-29 14:39 - 2014-03-18 11:03 - 01824010 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-29 12:42 - 2014-12-24 13:55 - 00000000 ____D () C:\Users
icolas\AppData\Local\Packages
2015-01-25 16:56 - 2014-12-24 13:55 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\Adobe
2015-01-25 16:41 - 2014-07-25 22:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-15 10:10 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-15 10:10 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-15 10:07 - 2014-12-24 13:56 - 00000000 ____D () C:\Users
icolas\AppData\Local\clear.fi
2015-01-14 23:06 - 2015-01-08 08:49 - 00000000 ____D () C:\Users
icolas\AppData\Roaming\PDF Pro 10 9
2015-01-14 23:05 - 2015-01-07 23:46 - 00000000 ____D () C:\Users
icolas\Desktop\CM1

==================== Files in the root of some directories =======

2015-02-12 07:55 - 2010-01-26 11:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2014-10-26 07:57 - 2014-10-26 07:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users
icolas\AppData\Local\Temp\0147711422615973mcinst.exe
C:\Users
icolas\AppData\Local\Temp\14060uninstall.exe
C:\Users
icolas\AppData\Local\Temp\BNKStubSetup.exe
C:\Users
icolas\AppData\Local\Temp\FoxitUpdater.exe
C:\Users
icolas\AppData\Local\Temp\LMkRstPt.exe
C:\Users
icolas\AppData\Local\Temp\oct925A.tmp.exe
C:\Users
icolas\AppData\Local\Temp\octB7C3.tmp.exe
C:\Users
icolas\AppData\Local\Temp\octC867.tmp.exe
C:\Users
icolas\AppData\Local\Temp\octE098.tmp.exe
C:\Users
icolas\AppData\Local\Temp\octEB1D.tmp.exe
C:\Users
icolas\AppData\Local\Temp\Quarantine.exe
C:\Users
icolas\AppData\Local\Temp\sqlite3.dll
C:\Users
icolas\AppData\Local\Temp\VDownloaderSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32pcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-05 20:48

==================== End Of Log ============================

Nicolas168 · Answer

https://www.cjoint.com/c/EBnjhZ2CsWj 

Voilà pour le lien cjoint

lilidurhone · Answer

À priori plus de Binkiland :-)

Nicolas168 · Answer

Sinon ben j'applique tes 7 points dans le futur

https://forums.commentcamarche.net/forum/affich-31552623-binkiland-encore-et-encore

Avast j'en fais quoi ? c'est utile pour windows 8? windows defender suffit-il?

lilidurhone · Answer

Garde avast :)

Nicolas168 · Answer

OK OK je garde:)

Merci encore pour ton aide précieuse ! 
Bonne journée à toi !

Binkiland & Strong signal !

36 réponses

Discussions similaires

Newsletters