Sujet Précédent Sujet Suivant

Rapport hijackthis

Fermé
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015 - 27 juil. 2015 à 20:46
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 - 31 juil. 2015 à 16:40
Bonjour,

C'est la galère, mon Pc a le kernel avec la page bleue. Quelqu'un pourrait maiguiller s'il vous plait?

15 réponses

Réponse 1 / 15
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
27 juil. 2015 à 20:49
Pas sûr que ça soit d'origine viral
Essaie plutôt whocrashed
0
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 20:53
je vais faire ca, je poste quand meme le rapport hijackthis, je dois bien avoir des saloperies dedans ;)

merci
0
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 20:59
lilidurhone, que puis je faire avec le rapport whocrashed?
0
Réponse 2 / 15
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 20:53
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:30:55, on 27/07/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe
C:\Program Files (x86)\ASUS\APRP\aprp.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\System32\AUInstallAgent.dll,-101 (AllUserInstallAgent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MaintainerSvc3.22.1827446 - Unknown owner - C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6\maintainer.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Mega Browse - Unknown owner - C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Util Mega Browse - Unknown owner - C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
0
Réponse 3 / 15
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
27 juil. 2015 à 21:03
Désinstalles

Yahoo! Search

Hijackthis n'étant plus supporté passe à FRST

▶ Télécharge ici : FRST (de Farbar)
!!! En fonction de ta version de Windows, prends la "32-Bit Version" ou la "64-Bit Version" !!!
Aide : va dans Démarrer > Panneau de configuration > Système pour savoir si tu es sous 32 bits ou 64 bits.

▶ Double-clique sur l'icône FRST.exe pour lancer le programme. (Sous Windows Vista, 7 et 8, il faut faire un clic droit dessus, puis exécuter en tant qu'administrateur.) Clique ensuite sur Oui lorsqu'un message d'avertissement (Disclaimer) s'affiche.

▶ Sur le menu principal, clique sur le bouton Scan et patiente le temps de l'analyse.

▶ A la fin du scan, deux rapports s'affichent, FRST.txt et Addition.txt Poste les rapports dans ta prochaine réponse.

Les rapport se trouvent ici : C:\FRST\Logs

▶ Envoie-les sur https://www.cjoint.com/ et poste les liens obtenus en échange.

Et pour whocrashed l'onglet reports fera l'affaire
0
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 21:10
ok, c'est en cours... merci déjà pour ton aide
0
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 21:24
voila, tout est dans la suite de la discussion. ca fait un paquet de lignes où je ne comprend strictement rien
0
Réponse 4 / 15
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 21:04
Voici le rapport whocrashed, si quelqu'un y comprend quelque chose, je suis preneur ;) merci


--------------------------------------------------------------------------------
System Information (local)
--------------------------------------------------------------------------------

computer name: GREG
windows version: Windows 8 , 6.2, build: 9200
windows dir: C:\Windows
Hardware: N56VB, ASUSTeK COMPUTER INC.
CPU: GenuineIntel Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz Intel586, level: 6
8 logical processors, active mask: 255
RAM: 8470122496 total




--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

On Mon 27/07/2015 18:13:14 GMT your computer crashed
crash dump file: C:\Windows\Minidump\072715-171078-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA80073A4010, 0xFFFFF88019FB8000)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Mon 27/07/2015 18:13:14 GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: ntkrnlmp.exe (nt!KeBugCheckEx+0x0)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA80073A4010, 0xFFFFF88019FB8000)
Error: KERNEL_DATA_INPAGE_ERROR
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Tue 11/11/2014 15:30:37 GMT your computer crashed
crash dump file: C:\Windows\Minidump\111114-125390-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA80099E8A40, 0x21FD7D8)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Mon 03/11/2014 14:26:33 GMT your computer crashed
crash dump file: C:\Windows\Minidump\110314-144765-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA800C61D4D0, 0x64734000)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Mon 20/10/2014 09:30:17 GMT your computer crashed
crash dump file: C:\Windows\Minidump\102014-50250-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA8007400D30, 0x7FFB59DE190)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Thu 18/09/2014 13:02:35 GMT your computer crashed
crash dump file: C:\Windows\Minidump\091814-178562-01.dmp
This was probably caused by the following module: volmgrx.sys (0xFFFFF8800119E000)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA800814D2A0, 0xFFFFF8800119E000)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\drivers\volmgrx.sys
product: Système d'exploitation Microsoft® Windows®
company: Microsoft Corporation
description: Pilote d'extension du gestionnaire de volumes
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.



On Sat 06/09/2014 09:49:32 GMT your computer crashed
crash dump file: C:\Windows\Minidump\090614-161921-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA800867A710, 0x7F85C6A3090)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Fri 29/08/2014 17:37:44 GMT your computer crashed
crash dump file: C:\Windows\Minidump\082914-131765-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA8007012010, 0x4D859D8)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Tue 29/07/2014 18:41:01 GMT your computer crashed
crash dump file: C:\Windows\Minidump\072914-192937-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
Bugcheck code: 0x7A (0x4, 0x0, 0xFFFFFA800C9692A0, 0x7F9EF9CA090)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Mon 31/03/2014 16:55:28 GMT your computer crashed
crash dump file: C:\Windows\Minidump\033114-75718-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x5A440)
Bugcheck code: 0x7A (0x5, 0x0, 0xC000, 0xFFFFFA8007BEC5C0)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.





--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

11 crash dumps have been found and analyzed. Only 10 are included in this report. No offending third party drivers have been found. Connsider using WhoCrashed Professional which offers more detailed analysis using symbol resolution. Also configuring your system to produce a full memory dump may help you.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 21:16
Voici le FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
Ran by gregbriclet (administrator) on GREG (27-07-2015 21:19:01)
Running from C:\Users\gregbriclet\Downloads
Loaded Profiles: UpdatusUser & gregbriclet (Available Profiles: UpdatusUser & gregbriclet)
Platform: Windows 8 (X64) Language: Français (France)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6\maintainer.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Pay By Ads LTD) C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe
() C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [20456 2012-02-20] (ASUS)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2012-07-03] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Qualcomm Atheros Commnucations)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-518435904-671319411-1353417391-1002\...\Run: [Yahoo! Search] => C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe [634624 2014-12-28] (Pay By Ads LTD)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-01-10] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-518435904-671319411-1353417391-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?cobrand=asus13.msn.com&ocid=ASUDHP&pc=ASU2JS
HKU\S-1-5-21-518435904-671319411-1353417391-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=asus13.msn.com&ocid=ASUDHP&pc=ASU2JS
HKU\S-1-5-21-518435904-671319411-1353417391-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na
HKU\S-1-5-21-518435904-671319411-1353417391-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=asus13.msn.com&ocid=ASUDHP&pc=ASU2JS
SearchScopes: HKU\S-1-5-21-518435904-671319411-1353417391-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-518435904-671319411-1353417391-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-518435904-671319411-1353417391-1002 -> {B7242F71-06B0-4437-8E86-1E5D628F4B58} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=690
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-12-28] (Qualcomm Atheros Commnucations)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} https://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-01-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-01-28] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C685F10E-6935-47E9-9105-C4B35ABB241C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E44C3583-F90F-4D2E-81F7-BA4295F06401}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-01-28] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-01-28] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-11-27]

Chrome:
=======
CHR Profile: C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-17]
CHR Extension: (Google Drive) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-17]
CHR Extension: (YouTube) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-17]
CHR Extension: (Google Search) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-17]
CHR Extension: (Mega Browse) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgkmmefaeflbkbbamehfkghmmlgnpojl [2014-09-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-17]
CHR Extension: (Gmail) - C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0259861438022151mcinstcleanup; C:\Windows\TEMP\025986~1.EXE [836168 2014-03-13] (McAfee, Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MaintainerSvc3.22.1827446; C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6\maintainer.exe [128232 2015-07-27] ()
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 Update Mega Browse; C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe [466664 2015-07-27] () <==== ATTENTION
R2 Util Mega Browse; C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe [466664 2015-07-27] () <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
R1 {14437b83-5ae5-4966-894b-e98090a91d75}w64; C:\Windows\System32\drivers\{14437b83-5ae5-4966-894b-e98090a91d75}w64.sys [48416 2014-10-19] (StdLib)
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}w64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys [60704 2014-06-30] (StdLib)
R1 {30389f51-b968-4243-8e7c-c69cde75ce4d}w64; C:\Windows\System32\drivers\{30389f51-b968-4243-8e7c-c69cde75ce4d}w64.sys [48824 2014-11-02] (StdLib)
R1 {682528cd-df25-4625-a133-5f72ba9afe48}w64; C:\Windows\System32\drivers\{682528cd-df25-4625-a133-5f72ba9afe48}w64.sys [48416 2014-10-17] (StdLib)
R1 {6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64; C:\Windows\System32\drivers\{6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64.sys [48416 2014-10-19] (StdLib)
R1 {7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64; C:\Windows\System32\drivers\{7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64.sys [48824 2014-12-06] (StdLib)
R1 {825d52d4-9952-422b-9196-39ef1e734926}w64; C:\Windows\System32\drivers\{825d52d4-9952-422b-9196-39ef1e734926}w64.sys [48416 2014-10-18] (StdLib)
R1 {c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64; C:\Windows\System32\drivers\{c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64.sys [48416 2014-10-19] (StdLib)
R1 {f10732e3-e4ef-4b41-89fc-ab249b166d64}w64; C:\Windows\System32\drivers\{f10732e3-e4ef-4b41-89fc-ab249b166d64}w64.sys [48416 2014-10-15] (StdLib)
U0 msahci; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-27 21:19 - 2015-07-27 21:19 - 00020491 _____ C:\Users\gregbriclet\Downloads\FRST.txt
2015-07-27 21:18 - 2015-07-27 21:19 - 00000000 ____D C:\FRST
2015-07-27 21:18 - 2015-07-27 21:18 - 02146816 _____ (Farbar) C:\Users\gregbriclet\Downloads\FRST64.exe
2015-07-27 21:06 - 2015-07-27 21:06 - 00000846 _____ C:\Users\gregbriclet\Desktop\WhoCrashed.lnk
2015-07-27 21:05 - 2015-07-27 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2015-07-27 21:05 - 2015-07-27 21:06 - 00000000 ____D C:\Program Files\WhoCrashed
2015-07-27 21:04 - 2015-07-27 21:04 - 02256152 _____ (Resplendence Software Projects Sp. ) C:\Users\gregbriclet\Downloads\whocrashed_5-50_fr_317674.exe
2015-07-27 20:35 - 2015-07-27 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-07-27 20:35 - 2015-07-27 20:35 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-27 20:30 - 2015-07-27 20:30 - 00026271 _____ C:\Users\gregbriclet\Desktop\hijackthis.log
2015-07-27 20:27 - 2015-07-27 20:27 - 00293128 _____ C:\Windows\Minidump\072715-171078-01.dmp
2015-07-27 20:00 - 2015-07-27 20:33 - 03671134 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-27 19:53 - 2015-07-27 19:53 - 00003003 _____ C:\Users\gregbriclet\Desktop\HiJackThis.lnk
2015-07-27 19:53 - 2015-07-27 19:53 - 00000000 ____D C:\Users\gregbriclet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2015-07-27 19:53 - 2015-07-27 19:53 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2015-07-27 19:44 - 2015-07-27 19:44 - 01402880 _____ C:\Users\gregbriclet\Downloads\hijackthis_hijackthis_2.0.4_anglais_17891.msi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-27 21:18 - 2013-03-27 19:49 - 01486594 _____ C:\Windows\WindowsUpdate.log
2015-07-27 21:18 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-07-27 21:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-07-27 20:42 - 2014-03-17 02:23 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-27 20:42 - 2014-03-17 02:23 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-27 20:37 - 2014-03-17 02:23 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-27 20:35 - 2012-11-27 06:11 - 00000000 ____D C:\ProgramData\McAfee
2015-07-27 20:35 - 2012-11-27 06:11 - 00000000 ____D C:\Program Files\Common Files\mcafee
2015-07-27 20:34 - 2014-09-01 15:05 - 00000000 ____D C:\Users\gregbriclet\AppData\Local\CrashDumps
2015-07-27 20:34 - 2012-08-03 01:15 - 00785550 _____ C:\Windows\system32\perfh013.dat
2015-07-27 20:34 - 2012-08-03 01:15 - 00158586 _____ C:\Windows\system32\perfc013.dat
2015-07-27 20:34 - 2012-08-03 01:11 - 00780976 _____ C:\Windows\system32\perfh010.dat
2015-07-27 20:34 - 2012-08-03 01:11 - 00152608 _____ C:\Windows\system32\perfc010.dat
2015-07-27 20:34 - 2012-08-03 01:06 - 00800978 _____ C:\Windows\system32\perfh00C.dat
2015-07-27 20:34 - 2012-08-03 01:06 - 00155650 _____ C:\Windows\system32\perfc00C.dat
2015-07-27 20:33 - 2014-03-17 02:25 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-518435904-671319411-1353417391-1002
2015-07-27 20:33 - 2014-03-17 02:23 - 00004058 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-27 20:33 - 2014-03-17 02:23 - 00003822 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-27 20:30 - 2014-03-20 03:37 - 00000000 ____D C:\Program Files (x86)\Mega Browse
2015-07-27 20:28 - 2014-03-17 02:21 - 00000062 _____ C:\Users\gregbriclet\AppData\Roaming\sp_data.sys
2015-07-27 20:27 - 2014-03-31 01:23 - 00000000 ____D C:\Windows\Minidump
2015-07-27 20:27 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-27 20:27 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-07-27 20:25 - 2014-03-31 01:21 - 662049727 _____ C:\Windows\MEMORY.DMP
2015-07-27 20:24 - 2012-08-02 15:24 - 00098148 _____ C:\Windows\PFRO.log
2015-07-27 20:06 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-07-27 20:05 - 2014-03-17 02:15 - 00000000 ____D C:\Users\gregbriclet\AppData\Local\Packages
2015-07-27 20:04 - 2014-10-18 16:09 - 00000000 ____D C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6
2015-07-27 19:54 - 2014-03-17 02:15 - 00000000 ____D C:\Users\gregbriclet\AppData\Local\VirtualStore

==================== Files in the root of some directories =======

2014-03-17 02:21 - 2015-07-27 20:28 - 0000062 _____ () C:\Users\gregbriclet\AppData\Roaming\sp_data.sys
2012-11-27 06:08 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2012-11-27 06:08 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-11-27 06:08 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2013-03-27 20:13 - 2013-03-27 20:14 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2013-03-27 20:08 - 2013-03-27 20:10 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2013-03-27 20:11 - 2013-03-27 20:13 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2013-03-27 20:07 - 2013-03-27 20:08 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log

Files to move or delete:
====================
C:\ProgramData\SetStretch.VBS


Some files in TEMP:
====================
C:\Users\gregbriclet\AppData\Local\Temp\BackupSetup.exe
C:\Users\gregbriclet\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-09 18:11

==================== End of log ============================
0
Réponse 6 / 15
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 21:16
et voici le addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version:26-07-2015
Ran by gregbriclet at 2015-07-27 21:21:35
Running from C:\Users\gregbriclet\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-518435904-671319411-1353417391-500 - Administrator - Disabled)
gregbriclet (S-1-5-21-518435904-671319411-1353417391-1002 - Administrator - Enabled) => C:\Users\gregbriclet
HomeGroupUser$ (S-1-5-21-518435904-671319411-1353417391-1004 - Limited - Enabled)
Invité (S-1-5-21-518435904-671319411-1353417391-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-518435904-671319411-1353417391-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus et Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus et Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Pare-feu McAfee (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.142.62248 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.9.142.62248 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.0.5 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS N Series Demo (HKLM-x32\...\{246B4AFF-6540-4B72-93E8-B9EB86D37589}) (Version: 1.0.0003 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4712 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.4712 - CyberLink Corp.) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3019_44673 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4905d - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2884 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.944 - McAfee, Inc.)
Mega Browse (HKLM\...\Mega Browse) (Version: 2014.03.20.004538 - Mega Browse) <==== ATTENTION
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA Graphics Driver 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6828 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKU\S-1-5-21-518435904-671319411-1353417391-1002\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Telecharger et Installer Packages (HKU\S-1-5-21-518435904-671319411-1353417391-1002\...\Telecharger et Installer Packages) (Version: - ) <==== ATTENTION
Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WhoCrashed 5.50 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
Yahoo! Search (HKU\S-1-5-21-518435904-671319411-1353417391-1002\...\Yahoo! Search) (Version: - Pay-By-Ads) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

20-10-2014 11:48:51 Sauvegarde Windows
03-11-2014 14:51:53 Sauvegarde Windows
11-11-2014 16:37:44 Sauvegarde Windows
07-12-2014 12:19:58 Sauvegarde Windows
13-04-2015 16:08:42 Sauvegarde Windows
27-07-2015 19:46:44 Installed HiJackThis
27-07-2015 19:46:57 Sauvegarde Windows
27-07-2015 19:48:29 Installed HiJackThis

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0091678B-FCA7-458B-98C9-C7BBD0B0D481} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS)
Task: {2B3EBE53-A387-4352-8D82-77349DD17123} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
Task: {4F3766F9-8E78-4632-B902-C9F6271BBADB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
Task: {526B953A-0CC2-41ED-8725-7272AC60189F} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-24] (ASUS)
Task: {5924BF18-DF98-4D67-B56E-73ADE1F82A75} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {655B6B93-CE26-4E2A-9073-0E52749EA020} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {AB56E862-30B0-43EF-A284-F154D778C0D4} - System32\Tasks\Yahoo! Search Updater => C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrsetup.exe [2014-12-28] (Pay By Ads LTD) <==== ATTENTION
Task: {B9C48CDE-02F3-4252-B754-EF099B779A0E} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-29] ()
Task: {C58E91B5-A845-4091-BA34-BA0C91B75419} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {C8CF62A9-5C87-4BCB-BB6B-BEC65A5127D4} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-16] (AsusTek)
Task: {CCA378B2-8926-4E18-B33A-BB91154FF452} - System32\Tasks\Yahoo! Search => C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe [2014-12-28] (Pay By Ads LTD) <==== ATTENTION
Task: {EA690DAA-096D-4776-A54D-1B4B82224DFB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-10-18 03:26 - 2015-07-27 20:04 - 00128232 _____ () C:\ProgramData\06154ba7-7ceb-4959-a6bd-bf38bdec8cc6\maintainer.exe
2013-03-27 20:10 - 2009-04-17 12:01 - 00247152 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-11-29 19:15 - 2012-11-29 19:15 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-01-28 09:42 - 2012-11-21 10:58 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2012-12-28 14:07 - 2012-12-28 14:07 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 14:04 - 2012-12-28 14:04 - 00084480 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 14:09 - 2012-12-28 14:09 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-03-23 17:38 - 2015-07-27 20:30 - 00466664 _____ () C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe
2014-03-20 02:45 - 2015-07-27 20:31 - 00466664 _____ () C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-27 19:45 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-28 22:58 - 2014-12-28 22:58 - 00306176 _____ () C:\Users\gregbriclet\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\krcaiojV.dll
2015-07-27 20:41 - 2015-07-24 00:39 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libglesv2.dll
2015-07-27 20:41 - 2015-07-24 00:39 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libegl.dll
2015-07-27 20:41 - 2015-07-24 00:39 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-518435904-671319411-1353417391-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{77FA44A0-0288-479D-A668-7DB1122CB865}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9F3908B9-AF84-4AE4-AE0F-A3CA352764A1}] => (Allow) LPort=2869
FirewallRules: [{B1BA499D-34D7-4542-BC63-2EA7AB4F38B7}] => (Allow) LPort=1900
FirewallRules: [{57C0F666-E390-4EA9-A1C4-F5B25AC7673B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{967E2A47-828B-42F1-9994-E30081710B32}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{FDB47284-22EE-4578-9B50-748FD16E8EDA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{E8A0DE07-1CA0-4F33-8EC4-5556BEAFD390}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9A49FA42-CBF5-4D87-8C0F-FD69966F7465}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{834EF065-FDA5-4F7A-94CF-29E9A48F65D2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9C5254B3-8417-49EA-953D-47E9F4A6A1D9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{7B437913-9F21-4A72-850B-06277A595EA2}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{3F1CBF8C-F5FF-4681-AAB5-87BAB3D915B0}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{ACE9DACF-F7FE-4B4F-A776-F1A4F9B7090A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F1B31257-2B66-415B-B4D9-31D4BE5B3C34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F7C24712-76C8-43E1-9622-8FC0C10B4DF8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AE4692A4-7F3B-4BC9-BACE-830138902C10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{49D10AED-51A0-47D1-8742-96A351E3DB69}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{F9DC8BF9-A2CC-4952-B74B-E4DEEA2F6946}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe
FirewallRules: [{F0B62277-D085-464C-BC35-A438F6BE2065}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe
FirewallRules: [{97A63FCB-5F43-46F8-9EDA-52996FB6E6E8}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe
FirewallRules: [{7D43A028-D1ED-47EF-A25F-E1384026C682}] => (Allow) C:\Program Files (x86)\Mega Browse\bin\MegaBrowse.BRT.Helper.exe
FirewallRules: [{1AAC547B-9423-4C54-82AB-C96F3F4F3F62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/27/2015 08:34:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1
Nom du module défaillant : delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1
Code d'exception : 0xc0000005
Décalage d'erreur : 0x000373c0
ID du processus défaillant : 0x710
Heure de début de l'application défaillante : 0xdelegate_execute.exe0
Chemin d'accès de l'application défaillante : delegate_execute.exe1
Chemin d'accès du module défaillant: delegate_execute.exe2
ID de rapport : delegate_execute.exe3
Nom complet du package défaillant : delegate_execute.exe4
ID de l'application relative au package défaillant : delegate_execute.exe5

Error: (07/27/2015 07:42:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1
Nom du module défaillant : delegate_execute.exe, version : 38.0.2125.111, horodatage : 0x544712a1
Code d'exception : 0xc0000005
Décalage d'erreur : 0x00036d1b
ID du processus défaillant : 0x1bf0
Heure de début de l'application défaillante : 0xdelegate_execute.exe0
Chemin d'accès de l'application défaillante : delegate_execute.exe1
Chemin d'accès du module défaillant: delegate_execute.exe2
ID de rapport : delegate_execute.exe3
Nom complet du package défaillant : delegate_execute.exe4
ID de l'application relative au package défaillant : delegate_execute.exe5

Error: (07/27/2015 07:41:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 496932733 ticks; setting correction factor to 508685050

Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15688

Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15688

Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 04:20:23 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: La sauvegarde a échoué. Erreur : La Sauvegarde Windows a rencontré une erreur lors de l'écriture des données sur la cible de sauvegarde. (0x80780166).

Error: (04/13/2015 04:20:22 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: AUTORITE NT)
Description: L'opération de sauvegarde démarrée à « 2015-04-13T14:08:42.645226000Z » a échoué avec le code d'erreur suivant : « 0x80780166 » (%%2155348326). Consultez les détails de l'événement pour trouver une solution, puis réexécutez l'opération de sauvegarde une fois le problème résolu.

Error: (04/13/2015 04:20:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l'appel de la routine IVssAsync::QueryStatus. hr = 0x80010108, L'objet invoqué s'est déconnecté de ses clients.
.


Opération :
Événement BackupComplete
Opération asynchrone en cours d'exécution

Contexte :
État actuel: BackupComplete

Error: (04/13/2015 04:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 160682623 ticks; setting correction factor to 1388593710


System errors:
=============
Error: (07/27/2015 08:56:05 PM) (Source: iaStorA) (EventID: 4102) (User: )
Description: Error log: Smart event occured on disk :J8110076HWMTMK

Error: (07/27/2015 08:44:42 PM) (Source: DCOM) (EventID: 10016) (User: greg)
Description: propres à l'applicationLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}greggregbricletS-1-5-21-518435904-671319411-1353417391-1002LocalHost (avec LRPC)Non disponibleNon disponible

Error: (07/27/2015 08:44:42 PM) (Source: DCOM) (EventID: 10016) (User: greg)
Description: propres à l'applicationLocalActivation{A188DB29-2ABC-46CB-9A38-40B82CF5D051}{EA022610-0748-4C24-B229-6C507EBDFDBB}greggregbricletS-1-5-21-518435904-671319411-1353417391-1002LocalHost (avec LRPC)Non disponibleNon disponible

Error: (07/27/2015 08:34:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service NVIDIA Update Service Daemon est en attente de démarrage.

Error: (07/27/2015 08:31:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service McAfee VirusScan Announcer est en attente de démarrage.

Error: (07/27/2015 08:29:51 PM) (Source: DCOM) (EventID: 10010) (User: AUTORITE NT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (07/27/2015 08:28:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Le service Fournisseur du Groupement résidentiel dépend du service Publication des ressources de découverte de fonctions qui n'a pas pu démarrer en raison de l'erreur :
%%1070

Error: (07/27/2015 08:28:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Découverte SSDP est en attente de démarrage.

Error: (07/27/2015 08:28:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Agent de stratégie IPsec est en attente de démarrage.

Error: (07/27/2015 08:28:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Publication des ressources de découverte de fonctions est en attente de démarrage.


Microsoft Office:
=========================
Error: (07/27/2015 08:34:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: delegate_execute.exe38.0.2125.111544712a1delegate_execute.exe38.0.2125.111544712a1c0000005000373c071001d0c89ad3d52804C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exe11d2c4f4-348e-11e5-be8a-6c71d92dba4e

Error: (07/27/2015 07:42:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: delegate_execute.exe38.0.2125.111544712a1delegate_execute.exe38.0.2125.111544712a1c000000500036d1b1bf001d0c89392fd65b3C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\delegate_execute.exed79a689d-3486-11e5-be89-6c71d92dba4e

Error: (07/27/2015 07:41:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 496932733 ticks; setting correction factor to 508685050

Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15688

Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15688

Error: (04/25/2015 03:37:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 04:20:23 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: La Sauvegarde Windows a rencontré une erreur lors de l'écriture des données sur la cible de sauvegarde. (0x80780166)

Error: (04/13/2015 04:20:22 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: AUTORITE NT)
Description: 2015-04-13T14:08:42.645226000Z0x80780166%%2155348326

Error: (04/13/2015 04:20:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: IVssAsync::QueryStatus0x80010108, L'objet invoqué s'est déconnecté de ses clients.


Opération :
Événement BackupComplete
Opération asynchrone en cours d'exécution

Contexte :
État actuel: BackupComplete

Error: (04/13/2015 04:06:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 160682623 ticks; setting correction factor to 1388593710


CodeIntegrity Error:
===================================
Date: 2014-08-10 19:31:09.871
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\EhStorClass.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 31%
Total physical RAM: 8077.74 MB
Available physical RAM: 5570.66 MB
Total Virtual: 16269.74 MB
Available Virtual: 13585.6 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:279.45 GB) (Free:217.94 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:397.87 GB) (Free:376.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 1FEB4A9B)

Partition: GPT Partition Type.

==================== End of log ============================
0
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 21:23
https://www.cjoint.com/c/EGBtvFzSXDh

https://www.cjoint.com/c/EGBtwL4JMDh

voici les deux liens
0
Réponse 7 / 15
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
27 juil. 2015 à 21:35
Bonjour
Tu as dû installer des logiciels potentiellement indésirables


Pour éviter ce genre de problème :

- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.


- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.

Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires

Télécharge cet outil simple d'utilisation

https://toolslib.net/downloads/viewdownload/1-adwcleaner/


Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/


Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus


Cliques sur scanner


Poste le rapport de recherche C:\Adwcleaner[R]


Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]


Héberge le rapport sur cjoint


Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
0
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 21:50
# AdwCleaner v4.208 - Rapport créé le 27/07/2015 à 21:56:32
# Mis à jour le 09/07/2015 par Xplode
# Base de données : 2015-07-26.2 [Serveur]
# Système d'exploitation : Windows 8 (x64)
# Nom d'utilisateur : gregbriclet - GREG
# Exécuté depuis : C:\Users\gregbriclet\Downloads\adwcleaner_4.208.exe
# Option : Scanner
          • [ Services ] *****


Service Trouvé : {14437b83-5ae5-4966-894b-e98090a91d75}w64
Service Trouvé : {29b136c9-938d-4d3d-8df8-d649d9b74d02}w64
Service Trouvé : {30389f51-b968-4243-8e7c-c69cde75ce4d}w64
Service Trouvé : {682528cd-df25-4625-a133-5f72ba9afe48}w64
Service Trouvé : {6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64
Service Trouvé : {7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64
Service Trouvé : {825d52d4-9952-422b-9196-39ef1e734926}w64
Service Trouvé : {c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64
Service Trouvé : {f10732e3-e4ef-4b41-89fc-ab249b166d64}w64
Service Trouvé : MaintainerSvc3.22.1827446
          • [ Fichiers / Dossiers ] *****


Dossier Trouvé : C:\Program Files (x86)\Mega Browse
Dossier Trouvé : C:\Users\GREGBR~1\AppData\Local\Temp\Mega Browse
Dossier Trouvé : C:\Users\gregbriclet\AppData\Local\pay-by-ads
Dossier Trouvé : C:\Users\gregbriclet\AppData\Roaming\0T1N1C1T1Q2Y1L2Z
Dossier Trouvé : C:\Users\gregbriclet\AppData\Roaming\Systweak
Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage
Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
Fichier Trouvé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
Fichier Trouvé : C:\Windows\System32\drivers\{14437b83-5ae5-4966-894b-e98090a91d75}w64.sys
Fichier Trouvé : C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys
Fichier Trouvé : C:\Windows\System32\drivers\{30389f51-b968-4243-8e7c-c69cde75ce4d}w64.sys
Fichier Trouvé : C:\Windows\System32\drivers\{682528cd-df25-4625-a133-5f72ba9afe48}w64.sys
Fichier Trouvé : C:\Windows\System32\drivers\{6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64.sys
Fichier Trouvé : C:\Windows\System32\drivers\{7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64.sys
Fichier Trouvé : C:\Windows\System32\drivers\{825d52d4-9952-422b-9196-39ef1e734926}w64.sys
Fichier Trouvé : C:\Windows\System32\drivers\{c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64.sys
Fichier Trouvé : C:\Windows\System32\drivers\{f10732e3-e4ef-4b41-89fc-ab249b166d64}w64.sys
Fichier Trouvé : C:\Windows\System32\roboot64.exe
          • [ Tâches planifiées ] *****


Tâche Trouvée : Yahoo! Search
Tâche Trouvée : Yahoo! Search Updater
          • [ Raccourcis ] *****
          • [ Registre ] *****


Clé Trouvée : HKCU\Software\Classes\keepmysearch
Clé Trouvée : HKCU\Software\InstallCore
Clé Trouvée : HKCU\Software\Mega Browse
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7242F71-06B0-4437-8E86-1E5D628F4B58}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Telecharger et Installer Packages
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Clé Trouvée : HKCU\Software\systweak
Clé Trouvée : [x64] HKCU\Software\InstallCore
Clé Trouvée : [x64] HKCU\Software\Mega Browse
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7242F71-06B0-4437-8E86-1E5D628F4B58}
Clé Trouvée : [x64] HKCU\Software\systweak
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Clé Trouvée : HKLM\SOFTWARE\Mega Browse
Clé Trouvée : HKLM\SOFTWARE\systweak
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mega Browse
          • [ Navigateurs ] *****


-\\ Internet Explorer v10.0.9200.17028

Paramètre Trouvé : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://rts.dsrlte.com?affID=na

-\\ Google Chrome v44.0.2403.107


AdwCleaner[R0].txt - [5369 octets] - [27/07/2015 21:56:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5429 octets] ##########
0
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 21:52
https://www.cjoint.com/c/EGBt0GSRVeh
0
Réponse 8 / 15
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
27 juil. 2015 à 21:54
Fais nettoyer
0
Réponse 9 / 15
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 22:08
# AdwCleaner v4.208 - Rapport créé le 27/07/2015 à 22:09:36
# Mis à jour le 09/07/2015 par Xplode
# Base de données : 2015-07-26.2 [Serveur]
# Système d'exploitation : Windows 8 (x64)
# Nom d'utilisateur : gregbriclet - GREG
# Exécuté depuis : C:\Users\gregbriclet\Downloads\adwcleaner_4.208.exe
# Option : Nettoyer
          • [ Services ] *****


Service Supprimé : {14437b83-5ae5-4966-894b-e98090a91d75}w64
Service Supprimé : {29b136c9-938d-4d3d-8df8-d649d9b74d02}w64
Service Supprimé : {30389f51-b968-4243-8e7c-c69cde75ce4d}w64
Service Supprimé : {682528cd-df25-4625-a133-5f72ba9afe48}w64
Service Supprimé : {6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64
Service Supprimé : {7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64
Service Supprimé : {825d52d4-9952-422b-9196-39ef1e734926}w64
Service Supprimé : {c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64
Service Supprimé : {f10732e3-e4ef-4b41-89fc-ab249b166d64}w64
[#] Service Supprimé : MaintainerSvc3.22.1827446
          • [ Fichiers / Dossiers ] *****


Dossier Supprimé : C:\Program Files (x86)\Mega Browse
Dossier Supprimé : C:\Users\GREGBR~1\AppData\Local\Temp\Mega Browse
Dossier Supprimé : C:\Users\gregbriclet\AppData\Local\pay-by-ads
Dossier Supprimé : C:\Users\gregbriclet\AppData\Roaming\Systweak
Dossier Supprimé : C:\Users\gregbriclet\AppData\Roaming\0T1N1C1T1Q2Y1L2Z
Fichier Supprimé : C:\Windows\System32\roboot64.exe
Fichier Supprimé : C:\Windows\System32\drivers\{14437b83-5ae5-4966-894b-e98090a91d75}w64.sys
Fichier Supprimé : C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys
Fichier Supprimé : C:\Windows\System32\drivers\{30389f51-b968-4243-8e7c-c69cde75ce4d}w64.sys
Fichier Supprimé : C:\Windows\System32\drivers\{682528cd-df25-4625-a133-5f72ba9afe48}w64.sys
Fichier Supprimé : C:\Windows\System32\drivers\{6a86ad4e-d1ee-4703-baff-f697dcc0f883}w64.sys
Fichier Supprimé : C:\Windows\System32\drivers\{7c18b119-d64a-4b8f-90db-d1c5b5ad5acf}w64.sys
Fichier Supprimé : C:\Windows\System32\drivers\{825d52d4-9952-422b-9196-39ef1e734926}w64.sys
Fichier Supprimé : C:\Windows\System32\drivers\{c5443894-a06c-4f6d-8a2d-642fa543dbaa}w64.sys
Fichier Supprimé : C:\Windows\System32\drivers\{f10732e3-e4ef-4b41-89fc-ab249b166d64}w64.sys
Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage
Fichier Supprimé : C:\Users\gregbriclet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
          • [ Tâches planifiées ] *****


Tâche Supprimée : Yahoo! Search
Tâche Supprimée : Yahoo! Search Updater
          • [ Raccourcis ] *****
          • [ Registre ] *****


Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Clé Supprimée : HKCU\Software\Classes\keepmysearch
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7242F71-06B0-4437-8E86-1E5D628F4B58}
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\Mega Browse
Clé Supprimée : HKCU\Software\systweak
Clé Supprimée : HKLM\SOFTWARE\Mega Browse
Clé Supprimée : HKLM\SOFTWARE\systweak
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Telecharger et Installer Packages
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mega Browse
          • [ Navigateurs ] *****


-\\ Internet Explorer v10.0.9200.17028

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v44.0.2403.107


AdwCleaner[R0].txt - [5541 octets] - [27/07/2015 21:56:32]
AdwCleaner[S0].txt - [4976 octets] - [27/07/2015 22:09:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5036 octets] ##########
0
Réponse 10 / 15
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
27 juil. 2015 à 22:11
On continue demain
0
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
27 juil. 2015 à 22:13
ok, déjà un grand merci, bonne soirée
0
Réponse 11 / 15
Greg3256
31 juil. 2015 à 10:22
salut a tous, pouvez vous me dire ce que je dois faire ensuite? lilidurhone, peux tu continuer à m'aider?

merci d'avance
0
Réponse 12 / 15
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
31 juil. 2015 à 12:02
Toujours des écrans bleus?
0
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
31 juil. 2015 à 13:03
non, ca va, je pense que c'est bon a ce niveau
0
Réponse 13 / 15
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
31 juil. 2015 à 13:16
Refais frst
0
Greg3256
31 juil. 2015 à 13:28
http://www.cjoint.com/c/EGFlBAwHEwn
0
Réponse 14 / 15
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
31 juil. 2015 à 14:56
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage,

0
Greg3256 Messages postés 16 Date d'inscription lundi 27 juillet 2015 Statut Membre Dernière intervention 31 juillet 2015
31 juil. 2015 à 15:29
voila qui est fait pour chrome, je n'utilise que celui la
0
Réponse 15 / 15
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
31 juil. 2015 à 16:40
Tu peux passer zhpcleaner
0

Discussions similaires

Jet x avis : arnaque casino en ligne
Amaury34190 -
lb -

49 réponses
Iptv
Marlboro1978 -
ben -

9 réponses
voisinssolitaires : attention, site frauduleux
shuteu -
JDalmon -

131 réponses
Boitier TV Superboost Avis
micre13600 -
Nono84 -

38 réponses
trouver des chat gratuit
chris57 -
sexybition -

9 réponses