Rapport hijackthis

Greg3256 Messages postés 16 Statut Membre -  
lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

C'est la galère, mon Pc a le kernel avec la page bleue. Quelqu'un pourrait maiguiller s'il vous plait?

15 réponses

  1. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Pas sûr que ça soit d'origine viral
    Essaie plutôt whocrashed
    0
    1. Greg3256 Messages postés 16 Statut Membre
       
      je vais faire ca, je poste quand meme le rapport hijackthis, je dois bien avoir des saloperies dedans ;)

      merci
      0
    2. Greg3256 Messages postés 16 Statut Membre
       
      lilidurhone, que puis je faire avec le rapport whocrashed?
      0
  2. Greg3256 Messages postés 16 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 20:30:55, on 27/07/2015
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v10.0 (10.00.9200.17028)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
    C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe
    C:\Program Files (x86)\ASUS\APRP\aprp.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
    O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe
    O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\AUInstallAgent.dll,-101 (AllUserInstallAgent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
    O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: MaintainerSvc3.22.1827446 - Unknown owner - C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6\maintainer.exe
    O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
    O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
    O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: Update Mega Browse - Unknown owner - C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Util Mega Browse - Unknown owner - C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    0
  3. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Désinstalles

    Yahoo! Search

    Hijackthis n'étant plus supporté passe à FRST

    ▶ Télécharge ici : FRST (de Farbar)
    !!! En fonction de ta version de Windows, prends la "32-Bit Version" ou la "64-Bit Version" !!!
    Aide : va dans Démarrer > Panneau de configuration > Système pour savoir si tu es sous 32 bits ou 64 bits.

    ▶ Double-clique sur l'icône FRST.exe pour lancer le programme. (Sous Windows Vista, 7 et 8, il faut faire un clic droit dessus, puis exécuter en tant qu'administrateur.) Clique ensuite sur Oui lorsqu'un message d'avertissement (Disclaimer) s'affiche.

    ▶ Sur le menu principal, clique sur le bouton Scan et patiente le temps de l'analyse.

    ▶ A la fin du scan, deux rapports s'affichent, FRST.txt et Addition.txt Poste les rapports dans ta prochaine réponse.

    Les rapport se trouvent ici : C:\FRST\Logs

    ▶ Envoie-les sur https://www.cjoint.com/ et poste les liens obtenus en échange.

    Et pour whocrashed l'onglet reports fera l'affaire
    0
    1. Greg3256 Messages postés 16 Statut Membre
       
      ok, c'est en cours... merci déjà pour ton aide
      0
    2. Greg3256 Messages postés 16 Statut Membre
       
      voila, tout est dans la suite de la discussion. ca fait un paquet de lignes où je ne comprend strictement rien
      0
  4. Greg3256 Messages postés 16 Statut Membre
     
    Voici le rapport whocrashed, si quelqu'un y comprend quelque chose, je suis preneur ;) merci

    --------------------------------------------------------------------------------
    System Information (local)
    --------------------------------------------------------------------------------

    computer name: GREG
    windows version: Windows 8 , 6.2, build: 9200
    windows dir: C:\Windows
    Hardware: N56VB, ASUSTeK COMPUTER INC.
    CPU: GenuineIntel Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz Intel586, level: 6
    8 logical processors, active mask: 255
    RAM: 8470122496 total

    --------------------------------------------------------------------------------
    Crash Dump Analysis
    --------------------------------------------------------------------------------

    Crash dump directory: C:\Windows\Minidump

    Crash dumps are enabled on your computer.

    On Mon 27/07/2015 18:13:14 GMT your computer crashed
    crash dump file: C:\Windows\Minidump\072715-171078-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
    Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA80073A4010, 0xFFFFF88019FB8000)
    Error: KERNEL_DATA_INPAGE_ERROR
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

    On Mon 27/07/2015 18:13:14 GMT your computer crashed
    crash dump file: C:\Windows\memory.dmp
    This was probably caused by the following module: ntkrnlmp.exe (nt!KeBugCheckEx+0x0)
    Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA80073A4010, 0xFFFFF88019FB8000)
    Error: KERNEL_DATA_INPAGE_ERROR
    Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

    On Tue 11/11/2014 15:30:37 GMT your computer crashed
    crash dump file: C:\Windows\Minidump\111114-125390-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
    Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA80099E8A40, 0x21FD7D8)
    Error: KERNEL_DATA_INPAGE_ERROR
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

    On Mon 03/11/2014 14:26:33 GMT your computer crashed
    crash dump file: C:\Windows\Minidump\110314-144765-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
    Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA800C61D4D0, 0x64734000)
    Error: KERNEL_DATA_INPAGE_ERROR
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

    On Mon 20/10/2014 09:30:17 GMT your computer crashed
    crash dump file: C:\Windows\Minidump\102014-50250-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
    Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA8007400D30, 0x7FFB59DE190)
    Error: KERNEL_DATA_INPAGE_ERROR
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

    On Thu 18/09/2014 13:02:35 GMT your computer crashed
    crash dump file: C:\Windows\Minidump\091814-178562-01.dmp
    This was probably caused by the following module: volmgrx.sys (0xFFFFF8800119E000)
    Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA800814D2A0, 0xFFFFF8800119E000)
    Error: KERNEL_DATA_INPAGE_ERROR
    file path: C:\Windows\system32\drivers\volmgrx.sys
    product: Système d'exploitation Microsoft® Windows®
    company: Microsoft Corporation
    description: Pilote d'extension du gestionnaire de volumes
    Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
    The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.

    On Sat 06/09/2014 09:49:32 GMT your computer crashed
    crash dump file: C:\Windows\Minidump\090614-161921-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
    Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA800867A710, 0x7F85C6A3090)
    Error: KERNEL_DATA_INPAGE_ERROR
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

    On Fri 29/08/2014 17:37:44 GMT your computer crashed
    crash dump file: C:\Windows\Minidump\082914-131765-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
    Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA8007012010, 0x4D859D8)
    Error: KERNEL_DATA_INPAGE_ERROR
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

    On Tue 29/07/2014 18:41:01 GMT your computer crashed
    crash dump file: C:\Windows\Minidump\072914-192937-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
    Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA800C9692A0, 0x7F9EF9CA090)
    Error: KERNEL_DATA_INPAGE_ERROR
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

    On Mon 31/03/2014 16:55:28 GMT your computer crashed
    crash dump file: C:\Windows\Minidump\033114-75718-01.dmp
    This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
    Bugcheck code: 0x7A (0x5, 0x0, 0xC000, 0xFFFFFA8007BEC5C0)
    Error: KERNEL_DATA_INPAGE_ERROR
    file path: C:\Windows\system32\ntoskrnl.exe
    product: Microsoft® Windows® Operating System
    company: Microsoft Corporation
    description: NT Kernel & System
    Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
    The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

    --------------------------------------------------------------------------------
    Conclusion
    --------------------------------------------------------------------------------

    11 crash dumps have been found and analyzed. Only 10 are included in this report. No offending third party drivers have been found. Connsider using WhoCrashed Professional which offers more detailed analysis using symbol resolution. Also configuring your system to produce a full memory dump may help you.

    Read the topic general suggestions for troubleshooting system crashes for more information.

    Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Greg3256 Messages postés 16 Statut Membre
     
    Voici le FRST

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
    Ran by gregbriclet (administrator) on GREG (27-07-2015 21:19:01)
    Running from C:\Users\gregbriclet\Downloads
    Loaded Profiles: UpdatusUser & gregbriclet (Available Profiles: UpdatusUser & gregbriclet)
    Platform: Windows 8 (X64) Language: Français (France)
    Internet Explorer Version 10 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    () C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6\maintainer.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
    (Pay By Ads LTD) C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    () C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe
    () C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-22] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
    HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
    HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [20456 2012-02-20] (ASUS)
    HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2012-07-03] (CyberLink Corp.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
    HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Qualcomm Atheros Commnucations)
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-21-518435904-671319411-1353417391-1002\...\Run: [Yahoo! Search] => C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe [634624 2014-12-28] (Pay By Ads LTD)
    AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-01-10] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-01-10] (NVIDIA Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-518435904-671319411-1353417391-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?cobrand=asus13.msn.com&ocid=ASUDHP&pc=ASU2JS
    HKU\S-1-5-21-518435904-671319411-1353417391-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=asus13.msn.com&ocid=ASUDHP&pc=ASU2JS
    HKU\S-1-5-21-518435904-671319411-1353417391-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na
    HKU\S-1-5-21-518435904-671319411-1353417391-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=asus13.msn.com&ocid=ASUDHP&pc=ASU2JS
    SearchScopes: HKU\S-1-5-21-518435904-671319411-1353417391-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-518435904-671319411-1353417391-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-518435904-671319411-1353417391-1002 -> {B7242F71-06B0-4437-8E86-1E5D628F4B58} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=690
    BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-12-28] (Qualcomm Atheros Commnucations)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
    DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} https://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-01-28] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-01-28] (McAfee, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{C685F10E-6935-47E9-9105-C4B35ABB241C}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{E44C3583-F90F-4D2E-81F7-BA4295F06401}: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-01-28] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-01-28] ()
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-27] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-27] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-11-27]

    Chrome:
    =======
    CHR Profile: C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-17]
    CHR Extension: (Google Drive) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-17]
    CHR Extension: (YouTube) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-17]
    CHR Extension: (Google Search) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-17]
    CHR Extension: (Mega Browse) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgkmmefaeflbkbbamehfkghmmlgnpojl [2014-09-18]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-27]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-17]
    CHR Extension: (Gmail) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-17]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 0259861438022151mcinstcleanup; C:\Windows\TEMP\025986~1.EXE [836168 2014-03-13] (McAfee, Inc.)
    R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
    R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [File not signed]
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    R2 MaintainerSvc3.22.1827446; C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6\maintainer.exe [128232 2015-07-27] ()
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
    S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
    S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
    R2 mfevtp; C:\windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
    R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
    R2 Update Mega Browse; C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe [466664 2015-07-27] () <==== ATTENTION
    R2 Util Mega Browse; C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe [466664 2015-07-27] () <==== ATTENTION
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
    R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
    R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-03-17] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
    R1 {14437b83-5ae5-4966-894b-e98090a91d75}w64; C:\Windows\System32\drivers\{14437b83-5ae5-4966-894b-e98090a91d75}w64.sys [48416 2014-10-19] (StdLib)
    R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}w64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys [60704 2014-06-30] (StdLib)
    R1 {30389f51-b968-4243-8e7c-c69cde75ce4d}w64; C:\Windows\System32\drivers\{30389f51-b968-4243-8e7c-c69cde75ce4d}w64.sys [48824 2014-11-02] (StdLib)
    R1 {682528cd-df25-4625-a133-5f72ba9afe48}w64; C:\Windows\System32\drivers\{682528cd-df25-4625-a133-5f72ba9afe48}w64.sys [48416 2014-10-17] (StdLib)
    R1 {6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64; C:\Windows\System32\drivers\{6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64.sys [48416 2014-10-19] (StdLib)
    R1 {7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64; C:\Windows\System32\drivers\{7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64.sys [48824 2014-12-06] (StdLib)
    R1 {825d52d4-9952-422b-9196-39ef1e734926}w64; C:\Windows\System32\drivers\{825d52d4-9952-422b-9196-39ef1e734926}w64.sys [48416 2014-10-18] (StdLib)
    R1 {c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64; C:\Windows\System32\drivers\{c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64.sys [48416 2014-10-19] (StdLib)
    R1 {f10732e3-e4ef-4b41-89fc-ab249b166d64}w64; C:\Windows\System32\drivers\{f10732e3-e4ef-4b41-89fc-ab249b166d64}w64.sys [48416 2014-10-15] (StdLib)
    U0 msahci; No ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-07-27 21:19 - 2015-07-27 21:19 - 00020491 _____ C:\Users\gregbriclet\Downloads\FRST.txt
    2015-07-27 21:18 - 2015-07-27 21:19 - 00000000 ____D C:\FRST
    2015-07-27 21:18 - 2015-07-27 21:18 - 02146816 _____ (Farbar) C:\Users\gregbriclet\Downloads\FRST64.exe
    2015-07-27 21:06 - 2015-07-27 21:06 - 00000846 _____ C:\Users\gregbriclet\Desktop\WhoCrashed.lnk
    2015-07-27 21:05 - 2015-07-27 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
    2015-07-27 21:05 - 2015-07-27 21:06 - 00000000 ____D C:\Program Files\WhoCrashed
    2015-07-27 21:04 - 2015-07-27 21:04 - 02256152 _____ (Resplendence Software Projects Sp. ) C:\Users\gregbriclet\Downloads\whocrashed_5-50_fr_317674.exe
    2015-07-27 20:35 - 2015-07-27 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2015-07-27 20:35 - 2015-07-27 20:35 - 00000000 ____D C:\Program Files\Common Files\AV
    2015-07-27 20:30 - 2015-07-27 20:30 - 00026271 _____ C:\Users\gregbriclet\Desktop\hijackthis.log
    2015-07-27 20:27 - 2015-07-27 20:27 - 00293128 _____ C:\Windows\Minidump\072715-171078-01.dmp
    2015-07-27 20:00 - 2015-07-27 20:33 - 03671134 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-07-27 19:53 - 2015-07-27 19:53 - 00003003 _____ C:\Users\gregbriclet\Desktop\HiJackThis.lnk
    2015-07-27 19:53 - 2015-07-27 19:53 - 00000000 ____D C:\Users\gregbriclet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    2015-07-27 19:53 - 2015-07-27 19:53 - 00000000 ____D C:\Program Files (x86)\Trend Micro
    2015-07-27 19:44 - 2015-07-27 19:44 - 01402880 _____ C:\Users\gregbriclet\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.msi

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-07-27 21:18 - 2013-03-27 19:49 - 01486594 _____ C:\Windows\WindowsUpdate.log
    2015-07-27 21:18 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
    2015-07-27 21:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
    2015-07-27 20:42 - 2014-03-17 02:23 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-07-27 20:42 - 2014-03-17 02:23 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-07-27 20:37 - 2014-03-17 02:23 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-07-27 20:35 - 2012-11-27 06:11 - 00000000 ____D C:\ProgramData\McAfee
    2015-07-27 20:35 - 2012-11-27 06:11 - 00000000 ____D C:\Program Files\Common Files\mcafee
    2015-07-27 20:34 - 2014-09-01 15:05 - 00000000 ____D C:\Users\gregbriclet\AppData\Local\CrashDumps
    2015-07-27 20:34 - 2012-08-03 01:15 - 00785550 _____ C:\Windows\system32\perfh013.dat
    2015-07-27 20:34 - 2012-08-03 01:15 - 00158586 _____ C:\Windows\system32\perfc013.dat
    2015-07-27 20:34 - 2012-08-03 01:11 - 00780976 _____ C:\Windows\system32\perfh010.dat
    2015-07-27 20:34 - 2012-08-03 01:11 - 00152608 _____ C:\Windows\system32\perfc010.dat
    2015-07-27 20:34 - 2012-08-03 01:06 - 00800978 _____ C:\Windows\system32\perfh00C.dat
    2015-07-27 20:34 - 2012-08-03 01:06 - 00155650 _____ C:\Windows\system32\perfc00C.dat
    2015-07-27 20:33 - 2014-03-17 02:25 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-518435904-671319411-1353417391-1002
    2015-07-27 20:33 - 2014-03-17 02:23 - 00004058 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-07-27 20:33 - 2014-03-17 02:23 - 00003822 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-07-27 20:30 - 2014-03-20 03:37 - 00000000 ____D C:\Program Files (x86)\Mega Browse
    2015-07-27 20:28 - 2014-03-17 02:21 - 00000062 _____ C:\Users\gregbriclet\AppData\Roaming\sp_data.sys
    2015-07-27 20:27 - 2014-03-31 01:23 - 00000000 ____D C:\Windows\Minidump
    2015-07-27 20:27 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-07-27 20:27 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
    2015-07-27 20:25 - 2014-03-31 01:21 - 662049727 _____ C:\Windows\MEMORY.DMP
    2015-07-27 20:24 - 2012-08-02 15:24 - 00098148 _____ C:\Windows\PFRO.log
    2015-07-27 20:06 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
    2015-07-27 20:05 - 2014-03-17 02:15 - 00000000 ____D C:\Users\gregbriclet\AppData\Local\Packages
    2015-07-27 20:04 - 2014-10-18 16:09 - 00000000 ____D C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6
    2015-07-27 19:54 - 2014-03-17 02:15 - 00000000 ____D C:\Users\gregbriclet\AppData\Local\VirtualStore

    ==================== Files in the root of some directories =======

    2014-03-17 02:21 - 2015-07-27 20:28 - 0000062 _____ () C:\Users\gregbriclet\AppData\Roaming\sp_data.sys
    2012-11-27 06:08 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
    2012-11-27 06:08 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
    2012-11-27 06:08 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
    2013-03-27 20:13 - 2013-03-27 20:14 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    2013-03-27 20:08 - 2013-03-27 20:10 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    2013-03-27 20:11 - 2013-03-27 20:13 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
    2013-03-27 20:07 - 2013-03-27 20:08 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log

    Files to move or delete:
    ====================
    C:\ProgramData\SetStretch.VBS

    Some files in TEMP:
    ====================
    C:\Users\gregbriclet\AppData\Local\Temp\BackupSetup.exe
    C:\Users\gregbriclet\AppData\Local\Temp\vcredist_x64.exe

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2014-11-09 18:11

    ==================== End of log ============================
    0
  7. Greg3256 Messages postés 16 Statut Membre
     
    et voici le addition

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:26-07-2015
    Ran by gregbriclet at 2015-07-27 21:21:35
    Running from C:\Users\gregbriclet\Downloads
    Boot Mode: Normal
    ==========================================================

    ==================== Accounts: =============================

    Administrateur (S-1-5-21-518435904-671319411-1353417391-500 - Administrator - Disabled)
    gregbriclet (S-1-5-21-518435904-671319411-1353417391-1002 - Administrator - Enabled) => C:\Users\gregbriclet
    HomeGroupUser$ (S-1-5-21-518435904-671319411-1353417391-1004 - Limited - Enabled)
    Invité (S-1-5-21-518435904-671319411-1353417391-501 - Limited - Disabled)
    UpdatusUser (S-1-5-21-518435904-671319411-1353417391-1001 - Limited - Enabled) => C:\Users\UpdatusUser

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: McAfee Anti-Virus et Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: McAfee Anti-Virus et Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Pare-feu McAfee (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
    Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.142.62248 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader (x32 Version: 3.9.142.62248 - Alcor Micro Corp.) Hidden
    Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
    ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.0.5 - ASUS)
    ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
    ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
    ASUS N Series Demo (HKLM-x32\...\{246B4AFF-6540-4B72-93E8-B9EB86D37589}) (Version: 1.0.0003 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
    ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
    ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4712 - CyberLink Corp.)
    ASUS Video Magic (x32 Version: 6.0.4712 - CyberLink Corp.) Hidden
    ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
    ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
    ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION
    CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3019_44673 - CyberLink Corp.)
    CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4905d - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
    HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2884 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
    McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.944 - McAfee, Inc.)
    Mega Browse (HKLM\...\Mega Browse) (Version: 2014.03.20.004538 - Mega Browse) <==== ATTENTION
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
    NVIDIA Graphics Driver 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
    NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
    Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
    Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
    Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6828 - Realtek Semiconductor Corp.)
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    Spotify (HKU\S-1-5-21-518435904-671319411-1353417391-1002\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
    Telecharger et Installer Packages (HKU\S-1-5-21-518435904-671319411-1353417391-1002\...\Telecharger et Installer Packages) (Version: - ) <==== ATTENTION
    Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
    WhoCrashed 5.50 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
    Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
    Yahoo! Search (HKU\S-1-5-21-518435904-671319411-1353417391-1002\...\Yahoo! Search) (Version: - Pay-By-Ads) <==== ATTENTION

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== Restore Points =========================

    20-10-2014 11:48:51 Sauvegarde Windows
    03-11-2014 14:51:53 Sauvegarde Windows
    11-11-2014 16:37:44 Sauvegarde Windows
    07-12-2014 12:19:58 Sauvegarde Windows
    13-04-2015 16:08:42 Sauvegarde Windows
    27-07-2015 19:46:44 Installed HiJackThis
    27-07-2015 19:46:57 Sauvegarde Windows
    27-07-2015 19:48:29 Installed HiJackThis

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0091678B-FCA7-458B-98C9-C7BBD0B0D481} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS)
    Task: {2B3EBE53-A387-4352-8D82-77349DD17123} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
    Task: {4F3766F9-8E78-4632-B902-C9F6271BBADB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
    Task: {526B953A-0CC2-41ED-8725-7272AC60189F} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-24] (ASUS)
    Task: {5924BF18-DF98-4D67-B56E-73ADE1F82A75} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
    Task: {655B6B93-CE26-4E2A-9073-0E52749EA020} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
    Task: {AB56E862-30B0-43EF-A284-F154D778C0D4} - System32\Tasks\Yahoo! Search Updater => C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrsetup.exe [2014-12-28] (Pay By Ads LTD) <==== ATTENTION
    Task: {B9C48CDE-02F3-4252-B754-EF099B779A0E} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-29] ()
    Task: {C58E91B5-A845-4091-BA34-BA0C91B75419} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
    Task: {C8CF62A9-5C87-4BCB-BB6B-BEC65A5127D4} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-16] (AsusTek)
    Task: {CCA378B2-8926-4E18-B33A-BB91154FF452} - System32\Tasks\Yahoo! Search => C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe [2014-12-28] (Pay By Ads LTD) <==== ATTENTION
    Task: {EA690DAA-096D-4776-A54D-1B4B82224DFB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2014-10-18 03:26 - 2015-07-27 20:04 - 00128232 _____ () C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6\maintainer.exe
    2013-03-27 20:10 - 2009-04-17 12:01 - 00247152 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    2012-11-29 19:15 - 2012-11-29 19:15 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
    2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
    2013-01-28 09:42 - 2012-11-21 10:58 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
    2012-12-28 14:07 - 2012-12-28 14:07 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
    2012-12-28 14:04 - 2012-12-28 14:04 - 00084480 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
    2012-12-28 14:09 - 2012-12-28 14:09 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    2014-03-23 17:38 - 2015-07-27 20:30 - 00466664 _____ () C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe
    2014-03-20 02:45 - 2015-07-27 20:31 - 00466664 _____ () C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe
    2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-03-27 19:45 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2014-12-28 22:58 - 2014-12-28 22:58 - 00306176 _____ () C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\krcaiojV.dll
    2015-07-27 20:41 - 2015-07-24 00:39 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libglesv2.dll
    2015-07-27 20:41 - 2015-07-24 00:39 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libegl.dll
    2015-07-27 20:41 - 2015-07-24 00:39 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-518435904-671319411-1353417391-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{77FA44A0-0288-479D-A668-7DB1122CB865}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{9F3908B9-AF84-4AE4-AE0F-A3CA352764A1}] => (Allow) LPort=2869
    FirewallRules: [{B1BA499D-34D7-4542-BC63-2EA7AB4F38B7}] => (Allow) LPort=1900
    FirewallRules: [{57C0F666-E390-4EA9-A1C4-F5B25AC7673B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{967E2A47-828B-42F1-9994-E30081710B32}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{FDB47284-22EE-4578-9B50-748FD16E8EDA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{E8A0DE07-1CA0-4F33-8EC4-5556BEAFD390}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{9A49FA42-CBF5-4D87-8C0F-FD69966F7465}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
    FirewallRules: [{834EF065-FDA5-4F7A-94CF-29E9A48F65D2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{9C5254B3-8417-49EA-953D-47E9F4A6A1D9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{7B437913-9F21-4A72-850B-06277A595EA2}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{3F1CBF8C-F5FF-4681-AAB5-87BAB3D915B0}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{ACE9DACF-F7FE-4B4F-A776-F1A4F9B7090A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{F1B31257-2B66-415B-B4D9-31D4BE5B3C34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{F7C24712-76C8-43E1-9622-8FC0C10B4DF8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{AE4692A4-7F3B-4BC9-BACE-830138902C10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{49D10AED-51A0-47D1-8742-96A351E3DB69}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
    FirewallRules: [{F9DC8BF9-A2CC-4952-B74B-E4DEEA2F6946}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe
    FirewallRules: [{F0B62277-D085-464C-BC35-A438F6BE2065}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe
    FirewallRules: [{97A63FCB-5F43-46F8-9EDA-52996FB6E6E8}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe
    FirewallRules: [{7D43A028-D1ED-47EF-A25F-E1384026C682}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe
    FirewallRules: [{1AAC547B-9423-4C54-82AB-C96F3F4F3F62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/27/2015 08:34:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nom de l'application défaillante delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1
    Nom du module défaillant : delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1
    Code d'exception : 0xc0000005
    Décalage d'erreur : 0x000373c0
    ID du processus défaillant : 0x710
    Heure de début de l'application défaillante : 0xdelegate_execute.exe0
    Chemin d'accès de l'application défaillante : delegate_execute.exe1
    Chemin d'accès du module défaillant: delegate_execute.exe2
    ID de rapport : delegate_execute.exe3
    Nom complet du package défaillant : delegate_execute.exe4
    ID de l'application relative au package défaillant : delegate_execute.exe5

    Error: (07/27/2015 07:42:26 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nom de l'application défaillante delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1
    Nom du module défaillant : delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1
    Code d'exception : 0xc0000005
    Décalage d'erreur : 0x00036d1b
    ID du processus défaillant : 0x1bf0
    Heure de début de l'application défaillante : 0xdelegate_execute.exe0
    Chemin d'accès de l'application défaillante : delegate_execute.exe1
    Chemin d'accès du module défaillant: delegate_execute.exe2
    ID de rapport : delegate_execute.exe3
    Nom complet du package défaillant : delegate_execute.exe4
    ID de l'application relative au package défaillant : delegate_execute.exe5

    Error: (07/27/2015 07:41:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 496932733 ticks; setting correction factor to 508685050

    Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 15688

    Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 15688

    Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (04/13/2015 04:20:23 PM) (Source: Windows Backup) (EventID: 4104) (User: )
    Description: La sauvegarde a échoué. Erreur : La Sauvegarde Windows a rencontré une erreur lors de l'écriture des données sur la cible de sauvegarde. (0x80780166).

    Error: (04/13/2015 04:20:22 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: AUTORITE NT)
    Description: L'opération de sauvegarde démarrée à « 2015-04-13T14:08:42.645226000Z » a échoué avec le code d'erreur suivant : « 0x80780166 » (%%2155348326). Consultez les détails de l'événement pour trouver une solution, puis réexécutez l'opération de sauvegarde une fois le problème résolu.

    Error: (04/13/2015 04:20:23 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Erreur du service de cliché instantané des volumes : erreur lors de l'appel de la routine IVssAsync::QueryStatus. hr = 0x80010108, L'objet invoqué s'est déconnecté de ses clients.
    .

    Opération :
    Événement BackupComplete
    Opération asynchrone en cours d'exécution

    Contexte :
    État actuel: BackupComplete

    Error: (04/13/2015 04:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 160682623 ticks; setting correction factor to 1388593710

    System errors:
    =============
    Error: (07/27/2015 08:56:05 PM) (Source: iaStorA) (EventID: 4102) (User: )
    Description: Error log: Smart event occured on disk :J8110076HWMTMK

    Error: (07/27/2015 08:44:42 PM) (Source: DCOM) (EventID: 10016) (User: greg)
    Description: propres à l'applicationLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}greggregbricletS-1-5-21-518435904-671319411-1353417391-1002LocalHost (avec LRPC)Non disponibleNon disponible

    Error: (07/27/2015 08:44:42 PM) (Source: DCOM) (EventID: 10016) (User: greg)
    Description: propres à l'applicationLocalActivation{A188DB29-2ABC-46CB-9A38-40B82CF5D051}{EA022610-0748-4C24-B229-6C507EBDFDBB}greggregbricletS-1-5-21-518435904-671319411-1353417391-1002LocalHost (avec LRPC)Non disponibleNon disponible

    Error: (07/27/2015 08:34:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Le service NVIDIA Update Service Daemon est en attente de démarrage.

    Error: (07/27/2015 08:31:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Le service McAfee VirusScan Announcer est en attente de démarrage.

    Error: (07/27/2015 08:29:51 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
    Description: {209500FC-6B45-4693-8871-6296C4843751}

    Error: (07/27/2015 08:28:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Le service Fournisseur du Groupement résidentiel dépend du service Publication des ressources de découverte de fonctions qui n'a pas pu démarrer en raison de l'erreur :
    %%1070

    Error: (07/27/2015 08:28:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Le service Découverte SSDP est en attente de démarrage.

    Error: (07/27/2015 08:28:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Le service Agent de stratégie IPsec est en attente de démarrage.

    Error: (07/27/2015 08:28:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Le service Publication des ressources de découverte de fonctions est en attente de démarrage.

    Microsoft Office:
    =========================
    Error: (07/27/2015 08:34:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: delegate_execute.exe38.0.2125.111544712a1delegate_execute.exe38.0.2125.111544712a1c0000005000373c071001d0c89ad3d52804C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exe11d2c4f4-348e-11e5-be8a-6c71d92dba4e

    Error: (07/27/2015 07:42:26 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: delegate_execute.exe38.0.2125.111544712a1delegate_execute.exe38.0.2125.111544712a1c000000500036d1b1bf001d0c89392fd65b3C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exed79a689d-3486-11e5-be89-6c71d92dba4e

    Error: (07/27/2015 07:41:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 496932733 ticks; setting correction factor to 508685050

    Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 15688

    Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 15688

    Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (04/13/2015 04:20:23 PM) (Source: Windows Backup) (EventID: 4104) (User: )
    Description: La Sauvegarde Windows a rencontré une erreur lors de l'écriture des données sur la cible de sauvegarde. (0x80780166)

    Error: (04/13/2015 04:20:22 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: AUTORITE NT)
    Description: 2015-04-13T14:08:42.645226000Z0x80780166%%2155348326

    Error: (04/13/2015 04:20:23 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: IVssAsync::QueryStatus0x80010108, L'objet invoqué s'est déconnecté de ses clients.

    Opération :
    Événement BackupComplete
    Opération asynchrone en cours d'exécution

    Contexte :
    État actuel: BackupComplete

    Error: (04/13/2015 04:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 160682623 ticks; setting correction factor to 1388593710

    CodeIntegrity Error:
    ===================================
    Date: 2014-08-10 19:31:09.871
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\EhStorClass.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
    Percentage of memory in use: 31%
    Total physical RAM: 8077.74 MB
    Available physical RAM: 5570.66 MB
    Total Virtual: 16269.74 MB
    Available Virtual: 13585.6 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:279.45 GB) (Free:217.94 GB) NTFS ==>[system with boot components (obtained from reading drive)]
    Drive d: (Data) (Fixed) (Total:397.87 GB) (Free:376.19 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 698.6 GB) (Disk ID: 1FEB4A9B)

    Partition: GPT Partition Type.

    ==================== End of log ============================
    0
  8. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Bonjour
    Tu as dû installer des logiciels potentiellement indésirables

    Pour éviter ce genre de problème :

    - Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.

    - Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.

    Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires

    Télécharge cet outil simple d'utilisation

    https://toolslib.net/downloads/viewdownload/1-adwcleaner/

    Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/

    Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus

    Cliques sur scanner

    Poste le rapport de recherche C:\Adwcleaner[R]

    Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]

    Héberge le rapport sur cjoint

    Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
    0
    1. Greg3256 Messages postés 16 Statut Membre
       
      # AdwCleaner v4.208 - Rapport créé le 27/07/2015 à 21:56:32
      # Mis à jour le 09/07/2015 par Xplode
      # Base de données : 2015-07-26.2 [Serveur]
      # Système d'exploitation : Windows 8 (x64)
      # Nom d'utilisateur : gregbriclet - GREG
      # Exécuté depuis : C:\Users\gregbriclet\Downloads\adwcleaner_4.208.exe
      # Option : Scanner
              • [ Services ] *****


      Service Trouvé : {14437b83-5ae5-4966-894b-e98090a91d75}w64
      Service Trouvé : {29b136c9-938d-4d3d-8df8-d649d9b74d02}w64
      Service Trouvé : {30389f51-b968-4243-8e7c-c69cde75ce4d}w64
      Service Trouvé : {682528cd-df25-4625-a133-5f72ba9afe48}w64
      Service Trouvé : {6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64
      Service Trouvé : {7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64
      Service Trouvé : {825d52d4-9952-422b-9196-39ef1e734926}w64
      Service Trouvé : {c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64
      Service Trouvé : {f10732e3-e4ef-4b41-89fc-ab249b166d64}w64
      Service Trouvé : MaintainerSvc3.22.1827446
              • [ Fichiers / Dossiers ] *****


      Dossier Trouvé : C:\Program Files (x86)\Mega Browse
      Dossier Trouvé : C:\Users\GREGBR~1\AppData\Local\Temp\Mega Browse
      Dossier Trouvé : C:\Users\gregbriclet\AppData\Local\pay-by-ads
      Dossier Trouvé : C:\Users\gregbriclet\AppData\Roaming\0T1N1C1T1Q2Y1L2Z
      Dossier Trouvé : C:\Users\gregbriclet\AppData\Roaming\Systweak
      Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage
      Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
      Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
      Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
      Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
      Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
      Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
      Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
      Fichier Trouvé : C:\Windows\System32\drivers\{14437b83-5ae5-4966-894b-e98090a91d75}w64.sys
      Fichier Trouvé : C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys
      Fichier Trouvé : C:\Windows\System32\drivers\{30389f51-b968-4243-8e7c-c69cde75ce4d}w64.sys
      Fichier Trouvé : C:\Windows\System32\drivers\{682528cd-df25-4625-a133-5f72ba9afe48}w64.sys
      Fichier Trouvé : C:\Windows\System32\drivers\{6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64.sys
      Fichier Trouvé : C:\Windows\System32\drivers\{7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64.sys
      Fichier Trouvé : C:\Windows\System32\drivers\{825d52d4-9952-422b-9196-39ef1e734926}w64.sys
      Fichier Trouvé : C:\Windows\System32\drivers\{c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64.sys
      Fichier Trouvé : C:\Windows\System32\drivers\{f10732e3-e4ef-4b41-89fc-ab249b166d64}w64.sys
      Fichier Trouvé : C:\Windows\System32\roboot64.exe
              • [ Tâches planifiées ] *****


      Tâche Trouvée : Yahoo! Search
      Tâche Trouvée : Yahoo! Search Updater
              • [ Raccourcis ] *****
              • [ Registre ] *****


      Clé Trouvée : HKCU\Software\Classes\keepmysearch
      Clé Trouvée : HKCU\Software\InstallCore
      Clé Trouvée : HKCU\Software\Mega Browse
      Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
      Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7242F71-06B0-4437-8E86-1E5D628F4B58}
      Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Telecharger et Installer Packages
      Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
      Clé Trouvée : HKCU\Software\systweak
      Clé Trouvée : [x64] HKCU\Software\InstallCore
      Clé Trouvée : [x64] HKCU\Software\Mega Browse
      Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7242F71-06B0-4437-8E86-1E5D628F4B58}
      Clé Trouvée : [x64] HKCU\Software\systweak
      Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
      Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
      Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
      Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
      Clé Trouvée : HKLM\SOFTWARE\Mega Browse
      Clé Trouvée : HKLM\SOFTWARE\systweak
      Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
      Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
      Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
      Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mega Browse
              • [ Navigateurs ] *****


      -\\ Internet Explorer v10.0.9200.17028

      Paramètre Trouvé : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://rts.dsrlte.com?affID=na

      -\\ Google Chrome v44.0.2403.107


      AdwCleaner[R0].txt - [5369 octets] - [27/07/2015 21:56:32]

      ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5429 octets] ##########
      0
  9. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Fais nettoyer
    0
  10. Greg3256 Messages postés 16 Statut Membre
     
    # AdwCleaner v4.208 - Rapport créé le 27/07/2015 à 22:09:36
    # Mis à jour le 09/07/2015 par Xplode
    # Base de données : 2015-07-26.2 [Serveur]
    # Système d'exploitation : Windows 8 (x64)
    # Nom d'utilisateur : gregbriclet - GREG
    # Exécuté depuis : C:\Users\gregbriclet\Downloads\adwcleaner_4.208.exe
    # Option : Nettoyer
            • [ Services ] *****


    Service Supprimé : {14437b83-5ae5-4966-894b-e98090a91d75}w64
    Service Supprimé : {29b136c9-938d-4d3d-8df8-d649d9b74d02}w64
    Service Supprimé : {30389f51-b968-4243-8e7c-c69cde75ce4d}w64
    Service Supprimé : {682528cd-df25-4625-a133-5f72ba9afe48}w64
    Service Supprimé : {6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64
    Service Supprimé : {7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64
    Service Supprimé : {825d52d4-9952-422b-9196-39ef1e734926}w64
    Service Supprimé : {c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64
    Service Supprimé : {f10732e3-e4ef-4b41-89fc-ab249b166d64}w64
    [#] Service Supprimé : MaintainerSvc3.22.1827446
            • [ Fichiers / Dossiers ] *****


    Dossier Supprimé : C:\Program Files (x86)\Mega Browse
    Dossier Supprimé : C:\Users\GREGBR~1\AppData\Local\Temp\Mega Browse
    Dossier Supprimé : C:\Users\gregbriclet\AppData\Local\pay-by-ads
    Dossier Supprimé : C:\Users\gregbriclet\AppData\Roaming\Systweak
    Dossier Supprimé : C:\Users\gregbriclet\AppData\Roaming\0T1N1C1T1Q2Y1L2Z
    Fichier Supprimé : C:\Windows\System32\roboot64.exe
    Fichier Supprimé : C:\Windows\System32\drivers\{14437b83-5ae5-4966-894b-e98090a91d75}w64.sys
    Fichier Supprimé : C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys
    Fichier Supprimé : C:\Windows\System32\drivers\{30389f51-b968-4243-8e7c-c69cde75ce4d}w64.sys
    Fichier Supprimé : C:\Windows\System32\drivers\{682528cd-df25-4625-a133-5f72ba9afe48}w64.sys
    Fichier Supprimé : C:\Windows\System32\drivers\{6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64.sys
    Fichier Supprimé : C:\Windows\System32\drivers\{7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64.sys
    Fichier Supprimé : C:\Windows\System32\drivers\{825d52d4-9952-422b-9196-39ef1e734926}w64.sys
    Fichier Supprimé : C:\Windows\System32\drivers\{c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64.sys
    Fichier Supprimé : C:\Windows\System32\drivers\{f10732e3-e4ef-4b41-89fc-ab249b166d64}w64.sys
    Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
    Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
    Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
    Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
    Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage
    Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
            • [ Tâches planifiées ] *****


    Tâche Supprimée : Yahoo! Search
    Tâche Supprimée : Yahoo! Search Updater
            • [ Raccourcis ] *****
            • [ Registre ] *****


    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
    Clé Supprimée : HKCU\Software\Classes\keepmysearch
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
    Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7242F71-06B0-4437-8E86-1E5D628F4B58}
    Clé Supprimée : HKCU\Software\InstallCore
    Clé Supprimée : HKCU\Software\Mega Browse
    Clé Supprimée : HKCU\Software\systweak
    Clé Supprimée : HKLM\SOFTWARE\Mega Browse
    Clé Supprimée : HKLM\SOFTWARE\systweak
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Telecharger et Installer Packages
    Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
    Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mega Browse
            • [ Navigateurs ] *****


    -\\ Internet Explorer v10.0.9200.17028

    Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

    -\\ Google Chrome v44.0.2403.107

    AdwCleaner[R0].txt - [5541 octets] - [27/07/2015 21:56:32]
    AdwCleaner[S0].txt - [4976 octets] - [27/07/2015 22:09:36]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5036 octets] ##########
    0
  11. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    On continue demain
    0
    1. Greg3256 Messages postés 16 Statut Membre
       
      ok, déjà un grand merci, bonne soirée
      0
  12. Greg3256
     
    salut a tous, pouvez vous me dire ce que je dois faire ensuite? lilidurhone, peux tu continuer à m'aider?

    merci d'avance
    0
  13. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Toujours des écrans bleus?
    0
    1. Greg3256 Messages postés 16 Statut Membre
       
      non, ca va, je pense que c'est bon a ce niveau
      0
  14. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Refais frst
    0
    1. Greg3256
       
      http://www.cjoint.com/c/EGFlBAwHEwn
      0
  15. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage,

    0
    1. Greg3256 Messages postés 16 Statut Membre
       
      voila qui est fait pour chrome, je n'utilise que celui la
      0
  16. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Tu peux passer zhpcleaner
    0