Instalation auto et répéter de programme.... adw..

baptisteD378 Messages postés 3 Date d'inscription   Statut Membre Dernière intervention   -  
lilidurhone Messages postés 43355 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
bonjour au forum je suis nouveau et j'ai vraiment besoin de votre aide depuis ce quelque temps j'ai des programme qui s'instale tout seul genre bubledock winservice86, winAp, selectontool etc... sa me fait ch*** je les ais désinstalé mais il revenue rien qu'aujourdhui sa doit faire la 3' fois que je les vires.. sa commence à me gonfler pourriez vous m'aider à les virées de facon définitive?? :/
A voir également:

5 réponses

Réponse 1 / 5
lilidurhone Messages postés 43355 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 807
 
▶ Télécharge ici : FRST (de Farbar)
!!! En fonction de ta version de Windows, prends la "32-Bit Version" ou la "64-Bit Version" !!!
Aide : va dans Démarrer > Panneau de configuration > Système pour savoir si tu es sous 32 bits ou 64 bits.

▶ Double-clique sur l'icône FRST.exe pour lancer le programme. (Sous Windows Vista, 7 et 8, il faut faire un clic droit dessus, puis exécuter en tant qu'administrateur.) Clique ensuite sur Oui lorsqu'un message d'avertissement (Disclaimer) s'affiche.

▶ Sur le menu principal, clique sur le bouton Scan et patiente le temps de l'analyse.

▶ A la fin du scan, deux rapports s'affichent, FRST.txt et Addition.txt Poste les rapports dans ta prochaine réponse.

Les rapport se trouvent ici : C:\FRST\Logs

▶ Envoie-les sur https://www.cjoint.com/ et poste les liens obtenus en échange.
0
baptisteD378 Messages postés 3 Date d'inscription   Statut Membre Dernière intervention  
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by baptiste (administrator) on DOYEN-NATY on 09-03-2015 18:01:18
Running from C:\Users\baptiste\Downloads
Loaded Profiles: UpdatusUser & baptiste (Available profiles: UpdatusUser & baptiste)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Users\baptiste\AppData\Roaming\A10507A4-1424418022-0441-9A6E-D850E6A5C4AB\nsyC5DD.tmpfs
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Super PC Tools Ltd) C:\ProgramData\{42405c0b-036f-7156-4240-05c0b036702c}\SuperPcTool.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Users\baptiste\AppData\Roaming\A10507A4-1425807825-0441-9A6E-D850E6A5C4AB\nsu9211.tmp
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [fst_fr_366] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [gmsd_fr_235] => [X]
HKLM-x32\...\Run: [gmsd_fr_286] => [X]
HKLM-x32\...\RunOnce: [Update] => C:\Users\baptiste\AppData\Roaming\VOPackage\VOPackage.exe /runonce
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4038153248-28380965-1442261358-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-4038153248-28380965-1442261358-1002\...\Run: [Facebook Update] => C:\Users\baptiste\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-03-06] (Facebook Inc.)
HKU\S-1-5-21-4038153248-28380965-1442261358-1002\...\Run: [OneDrive] => C:\Users\baptiste\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281256 2015-03-07] (Microsoft Corporation)
HKU\S-1-5-21-4038153248-28380965-1442261358-1002\...\Run: [WindApp] => "C:\Users\baptiste\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-4038153248-28380965-1442261358-1002\...\Run: [Selection Tools] => "C:\Users\baptiste\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
Startup: C:\Users\baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SuperPcTool.lnk
ShortcutTarget: SuperPcTool.lnk -> C:\ProgramData\{42405c0b-036f-7156-4240-05c0b036702c}\SuperPcTool.exe (Super PC Tools Ltd)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:58976;https=127.0.0.1:58976
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1425810584&from=ill&uid=TOSHIBAXMQ01ABD075_83HBS2OCSXX83HBS2OCS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1425810584&from=ill&uid=TOSHIBAXMQ01ABD075_83HBS2OCSXX83HBS2OCS
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1425810584&from=ill&uid=TOSHIBAXMQ01ABD075_83HBS2OCSXX83HBS2OCS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1425810584&from=ill&uid=TOSHIBAXMQ01ABD075_83HBS2OCSXX83HBS2OCS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
HKU\S-1-5-21-4038153248-28380965-1442261358-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?cobrand=asus13.msn.com&ocid=ASUDHP&pc=ASU2JS
HKU\S-1-5-21-4038153248-28380965-1442261358-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=asus13.msn.com&ocid=ASUDHP&pc=ASU2JS
HKU\S-1-5-21-4038153248-28380965-1442261358-1002\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
HKU\S-1-5-21-4038153248-28380965-1442261358-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1425810584&from=ill&uid=TOSHIBAXMQ01ABD075_83HBS2OCSXX83HBS2OCS
HKU\S-1-5-21-4038153248-28380965-1442261358-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1425810584&from=ill&uid=TOSHIBAXMQ01ABD075_83HBS2OCSXX83HBS2OCS
HKU\S-1-5-21-4038153248-28380965-1442261358-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4038153248-28380965-1442261358-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4038153248-28380965-1442261358-1002 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
SearchScopes: HKU\S-1-5-21-4038153248-28380965-1442261358-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
SearchScopes: HKU\S-1-5-21-4038153248-28380965-1442261358-1002 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
SearchScopes: HKU\S-1-5-21-4038153248-28380965-1442261358-1002 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-12-02] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-03-06] (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-31] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-10-29] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\BDL.dll [319392] (BD Inc.)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\BDL.dll [319392] (BD Inc.)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\BDL.dll [319392] (BD Inc.)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\BDL.dll [319392] (BD Inc.)
Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\BDL.dll [319392] (BD Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1425810584&from=ill&uid=TOSHIBAXMQ01ABD075_83HBS2OCSXX83HBS2OCS

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-03-09] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-03-09] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4038153248-28380965-1442261358-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\baptiste\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3317919&octid=EB_ORIGINAL_CTID&ISID=M78D08FC1-97D8-42B2-A92F-3DE0A92609C7&SearchSource=55&CUI=&UM=6&UP=SP26DDDC8E-8E00-478C-BE82-E4FC79F0FDCD&SSPV=
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419541185&from=ill&uid=TOSHIBAXMQ01ABD075_83HBS2OCSXX83HBS2OCS", "hxxp://www.istartsurf.com/?type=hp&ts=1425807738&from=ill&uid=TOSHIBAXMQ01ABD075_83HBS2OCSXX83HBS2OCS", "hxxp://www.istartsurf.com/?type=hp&ts=1425808633&from=face&uid=TOSHIBAXMQ01ABD075_83HBS2OCSXX83HBS2OCS", "hxxp://www.istartsurf.com/?type=hppp&ts=1425808645&from=face&uid=TOSHIBAXMQ01ABD075_83HBS2OCSXX83HBS2OCS"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (Météo Europe) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\baampgkagbmhnlhleemfbpecfjpakffj [2013-12-28]
CHR Extension: (TV) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Facebook) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-12-28]
CHR Extension: (Adblock Plus) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-28]
CHR Extension: (Google Search) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (Pixlr-o-matic) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2013-12-28]
CHR Extension: (iPiccy Photo Editor) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhigjbpjh [2013-12-28]
CHR Extension: (Autodesk Homestyler) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2013-12-28]
CHR Extension: (Google Wallet) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR Extension: (Gmail) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR Extension: (Canvas Rider) - C:\Users\baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2013-12-28]
CHR HKLM-x32\...\Chrome\Extension: [gfkbfjcbkhnmiignagpkiijohkcdkffb] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-09] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-09] (globalUpdate) [File not signed]
S2 hokexude; C:\Users\baptiste\AppData\Roaming\A10507A4-1424418022-0441-9A6E-D850E6A5C4AB\jnsk8A9.tmp [126976 2015-02-20] () [File not signed]
S2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158848 2015-03-06] (XTab system)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 KMSServerService; C:\WINDOWS\KMSServerService\KMS Server Service.exe [211968 2014-10-29] (My Digital Life Forums) [File not signed]
S2 nytybemi; C:\Users\baptiste\AppData\Roaming\A10507A4-1425807825-0441-9A6E-D850E6A5C4AB\jnsfDEDC.tmp [173056 2015-03-08] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-11] (Electronic Arts)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [493712 2015-03-08] (SysTool PasSame LIMITED)
R2 zugowexi; C:\Users\baptiste\AppData\Roaming\A10507A4-1425807825-0441-9A6E-D850E6A5C4AB\nsu9211.tmp [140800 2015-03-08] () [File not signed]
R2 botuvixo; C:\Users\baptiste\AppData\Roaming\A10507A4-1424418022-0441-9A6E-D850E6A5C4AB\nsyC5DD.tmpfs [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-06-28] (ASUS Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S1 qrnfd_1_10_0_9; system32\drivers\qrnfd_1_10_0_9.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-09 18:01 - 2015-03-09 18:01 - 00025947 _____ () C:\Users\baptiste\Downloads\FRST.txt
2015-03-09 18:01 - 2015-03-09 18:01 - 00000000 ____D () C:\FRST
2015-03-09 18:00 - 2015-03-09 18:00 - 02095104 _____ (Farbar) C:\Users\baptiste\Downloads\FRST64.exe
2015-03-08 18:54 - 2012-10-24 20:44 - 00656048 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3256228.exe
2015-03-08 18:18 - 2015-03-08 18:18 - 00000078 _____ () C:\WINDOWS\setupact.log
2015-03-08 18:18 - 2015-03-08 18:18 - 00000000 ____D () C:\Users\baptiste\Documents\ASUS
2015-03-08 18:18 - 2015-03-08 18:18 - 00000000 ____D () C:\ProgramData\ASUS
2015-03-08 18:18 - 2015-03-08 18:18 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-08 18:00 - 2015-03-08 18:00 - 00003168 _____ () C:\WINDOWS\System32\Tasks\Run_Bobby_Browser
2015-03-08 17:48 - 2015-03-08 18:53 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\WTools
2015-03-08 17:48 - 2015-03-08 18:53 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\Store
2015-03-08 17:48 - 2015-03-08 17:48 - 00000078 _____ () C:\Users\baptiste\AppData\Roaming\WindApp.installation.log
2015-03-08 17:48 - 2015-03-08 17:48 - 00000078 _____ () C:\Users\baptiste\AppData\Roaming\Selection Tools.installation.log
2015-03-08 17:47 - 2015-03-08 18:00 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\Nosibay
2015-03-08 17:47 - 2015-03-08 17:48 - 00005729 _____ () C:\Users\baptiste\AppData\Roaming\Bubble Dock.installation.log
2015-03-08 17:47 - 2015-03-08 17:48 - 00001314 _____ () C:\Users\baptiste\AppData\Roaming\Bubble Dock.boostrap.log
2015-03-08 17:47 - 2015-03-08 17:47 - 00000097 _____ () C:\Users\baptiste\AppData\Roaming\WindApp.boostrap.log
2015-03-08 17:46 - 2015-03-09 17:58 - 00000974 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-03-08 17:46 - 2015-03-09 17:51 - 00000978 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-03-08 17:46 - 2015-03-09 17:46 - 00003950 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-03-08 17:46 - 2015-03-09 17:46 - 00003714 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-03-08 17:46 - 2015-03-08 17:46 - 00000000 ____D () C:\Users\baptiste\AppData\Local\globalUpdate
2015-03-08 17:46 - 2015-03-08 17:46 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-03-08 13:08 - 2015-03-09 17:54 - 00296623 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-08 11:41 - 2015-03-08 11:41 - 00001371 _____ () C:\Users\baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\832015105351.lnk
2015-03-08 11:30 - 2015-03-08 11:30 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-03-08 11:30 - 2015-03-08 11:30 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-03-08 11:29 - 2015-03-08 11:29 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-03-08 11:05 - 2015-03-08 21:19 - 00001370 _____ () C:\WINDOWS\Tasks\SMEUR.job
2015-03-08 11:05 - 2015-03-08 11:05 - 01854464 _____ (Cinema PlusV07.03) C:\Users\baptiste\AppData\Roaming\SMEUR.exe
2015-03-08 11:05 - 2015-03-08 11:05 - 00004388 _____ () C:\WINDOWS\System32\Tasks\SMEUR
2015-03-08 11:01 - 2015-03-08 11:01 - 00613255 _____ (CMI Limited) C:\Users\baptiste\AppData\Local\nsm5D7B.tmp
2015-03-08 10:58 - 2015-03-08 11:00 - 00008704 _____ () C:\WINDOWS\SysWOW64\BasementDusterOff.ini
2015-03-08 10:58 - 2015-03-08 11:00 - 00008704 _____ () C:\WINDOWS\system32\BasementDusterOff.ini
2015-03-08 10:57 - 2015-03-06 10:29 - 00319392 _____ (BD Inc.) C:\WINDOWS\SysWOW64\BDL.dll
2015-03-08 10:47 - 2015-03-08 10:52 - 00000000 ____D () C:\Users\baptiste\AppData\Local\A10507A4-1425811637-0441-9A6E-D850E6A5C4AB
2015-03-08 10:43 - 2015-03-08 16:21 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\A10507A4-1425807825-0441-9A6E-D850E6A5C4AB
2015-03-07 21:48 - 2015-03-07 21:48 - 02126848 _____ () C:\Users\baptiste\Downloads\adwcleaner_4.111.exe
2015-03-07 20:59 - 2015-03-07 20:59 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\java
2015-03-07 20:45 - 2015-03-07 20:46 - 00000000 ____D () C:\Users\baptiste\Documents\archive RAR
2015-03-07 20:32 - 2015-03-07 20:37 - 00000000 ____D () C:\Users\baptiste\Documents\Document Word PDF
2015-03-07 18:53 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-03-07 18:53 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-03-07 18:53 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-03-07 18:53 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-03-07 18:53 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-03-07 18:53 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-03-07 12:54 - 2015-03-07 19:10 - 00000004 _____ () C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-02 07:46 - 2015-03-02 07:46 - 00000000 ____D () C:\Program Files (x86)\30215a2f-25e0-405c-b5a6-cabd1843ece0
2015-03-02 07:44 - 2015-03-08 10:27 - 00000000 ____D () C:\ProgramData\{42405c0b-036f-7156-4240-05c0b036702c}
2015-03-02 07:40 - 2015-03-02 07:40 - 00000000 ___HD () C:\OneDriveTemp
2015-02-28 02:03 - 2015-02-28 02:03 - 00000000 __SHD () C:\Users\baptiste\AppData\Local\EmieBrowserModeList
2015-02-28 01:31 - 2015-02-28 01:31 - 00003286 _____ () C:\WINDOWS\System32\Tasks\uKXXMy2tV6LUGCw
2015-02-28 01:31 - 2015-02-28 01:31 - 00003246 _____ () C:\WINDOWS\System32\Tasks\k0QifRmKEVuD7bu
2015-02-28 01:31 - 2015-02-28 01:31 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\Yn55pyL
2015-02-28 01:31 - 2015-02-28 01:31 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\1tDbLvS
2015-02-23 08:04 - 2015-03-08 18:16 - 00000000 ____D () C:\Program Files (x86)\572eb682-33b3-4b02-bf28-0ff1a7f4da41
2015-02-21 23:34 - 2015-02-21 23:34 - 00000000 ____D () C:\Users\baptiste\AppData\Local\Steam
2015-02-21 17:45 - 2015-02-21 17:45 - 00000000 ____D () C:\Program Files (x86)\f9481e41-3246-487b-ad8a-f8aa6e65596b
2015-02-20 17:46 - 2015-03-02 07:46 - 00000000 ____D () C:\Program Files (x86)\93dabc92-2c3c-49f6-b30b-6fb9e1094381
2015-02-20 13:39 - 2015-02-20 16:44 - 00000000 ____D () C:\Program Files (x86)\Software
2015-02-20 13:39 - 2015-02-20 13:39 - 00613057 _____ (CMI Limited) C:\Users\baptiste\AppData\Local\nsw3F1B.tmp
2015-02-20 13:39 - 2015-02-20 13:39 - 00000000 ____D () C:\Users\baptiste\AppData\Local\Software
2015-02-20 13:38 - 2015-02-20 13:38 - 00000000 _____ () C:\WINDOWS\SysWOW64\Number of results
2015-02-20 08:51 - 2015-02-20 08:51 - 00628496 _____ (CMI Limited) C:\Users\baptiste\AppData\Local\nsz4C0C.tmp
2015-02-20 07:56 - 2015-02-20 07:56 - 00613057 _____ (CMI Limited) C:\Users\baptiste\AppData\Local\nsaED46.tmp
2015-02-20 07:53 - 2015-02-20 07:53 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webTinstMK_01009.Wdf
2015-02-20 07:40 - 2015-02-20 07:41 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\A10507A4-1424418022-0441-9A6E-D850E6A5C4AB
2015-02-12 18:12 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-12 18:12 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-11 17:40 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-11 17:40 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-11 17:40 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-11 17:40 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-11 17:40 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-11 17:40 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-11 17:40 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-11 17:40 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-11 17:40 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-11 17:40 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-11 16:58 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-11 16:58 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-11 16:58 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-11 16:58 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-11 16:58 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-11 16:58 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-11 16:58 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-11 16:58 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-11 16:58 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-11 16:58 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-11 16:58 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-11 16:58 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-02-11 16:58 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-02-11 16:58 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-02-11 16:58 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-02-11 16:58 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-11 16:58 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-11 16:58 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-11 16:58 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-11 16:58 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-11 16:58 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-11 16:58 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-11 16:58 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-11 16:58 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-11 16:57 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-11 16:57 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-11 16:57 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-11 16:57 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-11 16:57 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-11 16:57 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-11 16:57 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-11 16:57 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-11 16:57 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-11 16:57 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-11 16:57 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-11 16:57 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-11 16:57 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-11 16:57 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-11 16:57 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-11 16:57 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-11 16:57 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-11 16:57 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-11 16:57 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-11 16:57 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-11 16:57 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-11 16:57 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-11 16:57 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-11 16:57 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-11 16:57 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-11 16:57 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-11 16:57 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-11 16:57 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-11 16:57 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-11 16:57 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-11 16:57 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-11 16:57 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-11 16:57 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-11 16:57 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-11 16:57 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-11 16:57 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-11 16:57 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-09 18:55 - 2015-02-07 00:57 - 04044293 _____ () C:\Users\baptiste\Documents\Untitled.skb
2015-02-07 00:57 - 2015-02-09 18:55 - 04117874 _____ () C:\Users\baptiste\Documents\Untitled.skp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-09 18:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-09 17:53 - 2013-12-28 17:49 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4038153248-28380965-1442261358-1002
2015-03-09 17:47 - 2014-11-28 17:45 - 00000277 _____ () C:\Users\baptiste\AppData\Local\recently-fix.db
2015-03-09 17:42 - 2013-12-28 17:56 - 00001098 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-09 17:37 - 2014-04-01 11:34 - 00003956 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{585930F3-AEA5-4951-AFC9-4DA8C6D49035}
2015-03-09 17:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-08 19:32 - 2014-01-19 09:52 - 00005092 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DOYEN-NATY-baptiste doyen-naty
2015-03-08 19:11 - 2014-03-06 19:06 - 00000962 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4038153248-28380965-1442261358-1002UA.job
2015-03-08 19:11 - 2014-03-06 19:06 - 00000940 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4038153248-28380965-1442261358-1002Core.job
2015-03-08 18:55 - 2013-04-26 00:20 - 00000000 ____D () C:\Program Files (x86)\WildGames
2015-03-08 18:54 - 2013-04-26 00:19 - 00000000 ____D () C:\ProgramData\WildTangent
2015-03-08 18:18 - 2013-12-28 17:40 - 00000000 ____D () C:\Users\baptiste\AppData\Local\VirtualStore
2015-03-08 18:18 - 2013-12-28 17:40 - 00000000 ____D () C:\Users\baptiste\AppData\Local\Packages
2015-03-08 18:18 - 2013-12-28 17:40 - 00000000 ____D () C:\Users\baptiste\AppData\Local\ASUS
2015-03-08 18:00 - 2013-12-28 21:59 - 00009936 _____ () C:\WINDOWS\SysWOW64\${LOGFILE}
2015-03-08 13:42 - 2013-11-14 08:32 - 01824010 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-08 13:42 - 2013-11-14 08:13 - 00812350 _____ () C:\WINDOWS\system32\perfh00C.dat
2015-03-08 13:42 - 2013-11-14 08:13 - 00159412 _____ () C:\WINDOWS\system32\perfc00C.dat
2015-03-08 12:59 - 2013-12-29 18:46 - 00000000 ____D () C:\Users\baptiste\AppData\Local\Adobe
2015-03-08 11:32 - 2013-12-28 17:57 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-08 11:32 - 2013-12-28 17:41 - 00001023 _____ () C:\Users\baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-08 11:15 - 2013-12-28 18:22 - 00000000 ___DO () C:\Users\baptiste\SkyDrive
2015-03-08 11:15 - 2013-12-28 17:56 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-08 11:15 - 2013-12-28 17:41 - 00000062 _____ () C:\Users\baptiste\AppData\Roaming\sp_data.sys
2015-03-08 11:14 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-08 11:13 - 2014-07-06 19:13 - 00000000 ____D () C:\AdwCleaner
2015-03-08 11:13 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-07 21:31 - 2014-04-27 20:41 - 00000000 ____D () C:\Users\baptiste\AppData\Local\Windows Live
2015-03-07 20:59 - 2013-12-28 18:36 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\.minecraft
2015-03-07 20:54 - 2014-11-09 12:33 - 00000000 ____D () C:\Program Files\Adobe
2015-03-07 20:54 - 2014-11-09 12:28 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-07 20:51 - 2014-01-03 20:09 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-07 20:35 - 2014-12-18 19:54 - 00082432 ___SH () C:\Users\baptiste\Documents\Thumbs.db
2015-03-07 18:56 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-07 08:09 - 2014-02-26 18:09 - 00003106 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4038153248-28380965-1442261358-1002
2015-03-03 14:17 - 2014-04-10 19:25 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-02-28 02:03 - 2014-06-20 17:24 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-28 01:43 - 2014-01-19 09:46 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-28 01:31 - 2015-01-28 19:04 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\kPOvl1t
2015-02-28 01:31 - 2014-11-28 14:09 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\X6u8yMo
2015-02-21 01:34 - 2014-06-19 22:15 - 00000000 ____D () C:\Users\baptiste\AppData\Roaming\SpinTires
2015-02-21 01:11 - 2014-06-28 09:44 - 00000000 ____D () C:\Users\baptiste\Documents\Euro Truck Simulator 2
2015-02-20 17:46 - 2013-10-11 05:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-02-19 06:35 - 2014-01-25 19:37 - 00562688 ___SH () C:\Users\baptiste\Downloads\Thumbs.db
2015-02-15 10:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-13 18:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-13 18:06 - 2014-11-29 21:00 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-13 17:58 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-12 17:53 - 2013-08-22 15:44 - 05147976 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-11 20:13 - 2013-12-29 10:51 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-11 20:09 - 2014-12-14 19:37 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-11 20:09 - 2014-07-14 15:16 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-11 20:09 - 2013-12-29 10:51 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-11 17:38 - 2014-11-29 21:00 - 00000000 ____D () C:\ProgramData\Origin
2015-02-07 00:37 - 2013-12-28 17:56 - 00004070 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 00:37 - 2013-12-28 17:56 - 00003834 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2015-03-08 17:47 - 2015-03-08 17:48 - 0001314 _____ () C:\Users\baptiste\AppData\Roaming\Bubble Dock.boostrap.log
2015-03-08 17:47 - 2015-03-08 17:48 - 0005729 _____ () C:\Users\baptiste\AppData\Roaming\Bubble Dock.installation.log
2014-08-06 09:55 - 2014-08-06 09:55 - 0000021 _____ () C:\Users\baptiste\AppData\Roaming\my_intel.sys
2015-03-08 17:48 - 2015-03-08 17:48 - 0000078 _____ () C:\Users\baptiste\AppData\Roaming\Selection Tools.installation.log
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\baptiste\AppData\Roaming\SMEUR
2015-03-08 11:05 - 2015-03-08 11:05 - 1854464 _____ (Cinema PlusV07.03) C:\Users\baptiste\AppData\Roaming\SMEUR.exe
2013-12-28 17:41 - 2015-03-08 11:15 - 0000062 _____ () C:\Users\baptiste\AppData\Roaming\sp_data.sys
2015-03-08 17:47 - 2015-03-08 17:47 - 0000097 _____ () C:\Users\baptiste\AppData\Roaming\WindApp.boostrap.log
2015-03-08 17:48 - 2015-03-08 17:48 - 0000078 _____ () C:\Users\baptiste\AppData\Roaming\WindApp.installation.log
2015-02-20 07:56 - 2015-02-20 07:56 - 0613057 _____ (CMI Limited) C:\Users\baptiste\AppData\Local\nsaED46.tmp
2015-03-08 11:01 - 2015-03-08 11:01 - 0613255 _____ (CMI Limited) C:\Users\baptiste\AppData\Local\nsm5D7B.tmp
FRST
2014-08-27 19:08 - 2014-08-27 19:08 - 0575544 _____ (ClickMeIn Limited) C:\Users\baptiste\AppData\Local\nst3C60.tmp
2015-02-20 13:39 - 2015-02-20 13:39 - 0613057 _____ (CMI Limited) C:\Users\baptiste\AppData\Local\nsw3F1B.tmp
2015-02-20 08:51 - 2015-02-20 08:51 - 0628496 _____ (CMI Limited) C:\Users\baptiste\AppData\Local\nsz4C0C.tmp
2014-11-28 17:45 - 2015-03-09 17:47 - 0000277 _____ () C:\Users\baptiste\AppData\Local\recently-fix.db
2015-01-09 22:22 - 2015-01-09 22:22 - 0000770 _____ () C:\Users\baptiste\AppData\Local\recently-used.xbel
2013-04-26 00:15 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 00:15 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 00:15 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2015-03-08 18:54 - 2012-10-24 20:44 - 0656048 _____ (WildTangent, Inc.) C:\ProgramData\uninstall3256228.exe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\ProgramData\uninstall3256228.exe


Some content of TEMP:
====================
C:\Users\baptiste\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\baptiste\AppData\Local\Temp\OnlineBackup.exe
C:\Users\baptiste\AppData\Local\Temp\Quarantine.exe
C:\Users\baptiste\AppData\Local\Temp\SpOrder.dll
C:\Users\baptiste\AppData\Local\Temp\sqlite3.dll
C:\Users\baptiste\AppData\Local\Temp\TUp9783.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-08 13:33

==================== End Of Log ============================
ADDITION:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2015 03
Ran by baptiste at 2015-03-09 18:02:57
Running from C:\Users\baptiste\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.0 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Centre Souris et Claviers Microsoft (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Construction-Simulator 2012 version 1.0 (HKLM-x32\...\{AEF59382-3FF1-4EBF-A93E-CCC474DCEA3F}_is1) (Version: 1.0 - weltenbauer. Software Entwicklung GmbH)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DIG IT! - A Digger Simulator (HKLM-x32\...\Steam App 311910) (Version: - Cape Copenhagen)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
fix version 1.0.0.0 (HKLM-x32\...\{ACA88935-7188-47AD-B220-B50106DC0D9C}_is1) (Version: 1.0.0.0 - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 15.0.4693.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4038153248-28380965-1442261358-1002\...\OneDriveSetup.exe) (Version: 17.3.4724.0224 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA Graphics Driver 311.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.93 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version: - Frontier)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SimCity(TM) (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
Space Engineers Toolbox (HKLM-x32\...\{77D2422A-EA90-4D73-A8D2-B3842BEE0956}) (Version: 01.067.005.1 - Mid-Space Productions)
Spintires (HKLM-x32\...\Steam App 263280) (Version: - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Driver Package - ASUS (ATP) Mouse (05/09/2013 1.0.0.173) (HKLM\...\1016059FBF327ED9E3BAE758BD08CF10D3C6252D) (Version: 05/09/2013 1.0.0.173 - ASUS)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4038153248-28380965-1442261358-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\baptiste\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

20-02-2015 08:36:22 Point de contrôle planifié
07-03-2015 18:56:06 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0486D2CE-4870-44FF-9126-F804F2C76AFC} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-03-09] (globalUpdate) <==== ATTENTION
Task: {12242248-92EE-4461-9251-7C463BBDCF79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-28] (Google Inc.)
Task: {124246A6-8AE2-42F3-B95E-D26E1EAF36DD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-11] (Microsoft Corporation)
Task: {1FD2A0AE-1EE1-40E8-B75D-6F92CB40AA38} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-03-09] (globalUpdate) <==== ATTENTION
Task: {248E95B4-16FD-449B-AAD7-D46362E42AD1} - System32\Tasks\WIN-statsAdmin => C:\Users\baptiste\AppData\Local\Microsoft\WinU\~cnuzmzg.exe <==== ATTENTION
Task: {2CF0D5BE-8612-4026-AF9F-3A8D4E538FF3} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {32B33B7B-891A-4E65-B061-123170631C7A} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {335D712D-8883-41CC-B674-7AC31F62F236} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {434942E7-AD66-475F-887B-5C3AC1AB58E3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4038153248-28380965-1442261358-1002UA => C:\Users\baptiste\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-06] (Facebook Inc.)
Task: {46475E5E-79F1-4918-AFF9-2DEBFC3A4849} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4D980533-D614-45C1-98C9-9AA0DB1687D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-28] (Google Inc.)
Task: {511516CC-1420-4334-9BB8-B3093BFE1D38} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {5642FC75-C74E-46A9-B393-2E34F34DE949} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {5658BE60-F2DC-45B4-8E22-36AEDF15EEBB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {56B0B15D-2626-4650-86E8-651E3F7AE9F7} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {5D474185-8481-4F64-9C44-F805CBB5C5B7} - System32\Tasks\WIN-statsSystem => C:\Users\baptiste\AppData\Local\Microsoft\WinU\~hycnjur.exe
Task: {5E55D4E8-CBA4-45D8-8CCA-332C56EC023F} - System32\Tasks\Run_Bobby_Browser => C:\Users\baptiste\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {6340B192-2003-4B76-BC81-2D6C32B18F71} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\baptiste\AppData\Roaming\~aymsxuh.exe
Task: {644371A1-CA48-4507-86BC-D9C9E4437C1D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-batnismo@live.fr => C:\Program Files (x86)\Co
0
Réponse 2 / 5
lilidurhone Messages postés 43355 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 807
 

0
Réponse 3 / 5
baptisteD378 Messages postés 3 Date d'inscription   Statut Membre Dernière intervention  
 
https://www.cjoint.com/c/ECjsYIdCat7
https://www.cjoint.com/c/ECjsZzOitzp
0
Réponse 4 / 5
lilidurhone Messages postés 43355 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 807
 
Je m'occupe de toi après manger
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
lilidurhone Messages postés 43355 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 807
 
Télécharge et enregistre Zhpcleaner sur ton bureau :

https://nicolascoolman.eu

[*] Fais un clique droit dessus, lance le en tant qu'administrateur !
[*] Accepte le contrat de licence d'utilisation finale (CLUF),
[*] Clique sur "réparation"
[*] Clique sur rapport (normalement le rapport s'affiche)
[*] Enregistre le rapport sur ton bureau
[*] Héberge son rapport de modification qui se trouve sur le Bureau :

https://www.cjoint.com/ à lire => https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers

, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum </gras>


Note :
- Cet outil ne nécessite pas d'installation !
- Le rapport se trouve également dans ce répertoire "%AppData%".
0

Discussions similaires

A quoi sert l'application Bonjour?
patrick -
Ysis -

4 réponses