Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Trojan.win32.generic bt

crashstop

Par crashstop
dans Analyses et éradication malwares

 Partager

Messages recommandés

crashstop Member

crashstop

Posté(e)
Posté(e) (modifié)

Bonsoir

Il semble que mon ordinateur est infecte par Trojan.win32.generic bt (c'est ce qu'un logiciel anti malware m'a indiqué). J'ai donc des pages de pub qui s'ouvrent intempestivement

Est ce que quelqu'un aurait l'amabilité de m'aider?

Merci d'avance

A+

Modifié par crashstop

pear Devil Member !

pear

Posté(e)
Posté(e)

Choisissez la version 32 ou 64 bits en fonction de votre système
Télécharger sur le Bureau
FRST 64 de Farbar
Frst 32 de Farbar
Fermez toutes les applications, y compris le navigateur
Double-clic sur FRST64.exe et sur Oui pour accepter le Disclaimer
Sous Vista, Windows 7 et 8, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur


Sur le menu principal,
FRST2Offic.gif
clic sur Scan
A la fin du scan, un rapport FRST.txt s'ouvre.
Au premier lancement, un fichier nommé Addition.txt sera créé

crashstop Member

crashstop

Posté(e)
  • Auteur
Posté(e)

Bonjour

Tout d'abord un grand merci pour prendre mon cas en consideration

 

Ci dessous le rapport FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-09-2013
Ran by Sébastien (administrator) on SÉBASTIEN-HP on 08-09-2013 10:44:25
Running from C:\Users\Sébastien\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
() C:\Program Files (x86)\tuto4pc_fr_60\tuto4pc_fr_60.exe
() C:\Users\Sébastien\AppData\Local\tuto4pc_fr_60\upt4pc_fr_60.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(lucky leap) C:\Program Files (x86)\lucky leap\updateluckyleap.exe
() C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
() C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-10-01] (Synaptics Incorporated)
HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-01-04] (IDT, Inc.)
HKLM\...\Run: [setDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Runonce: [Del1787537] - cmd.exe /Q /D /c del "C:\Users\SBASTI~1\AppData\Local\Temp\0.del" [x]
HKLM-x32\...\RunOnce: [upt4pc_fr_60.exe] - C:\Users\Sébastien\AppData\Local\tuto4pc_fr_60\upt4pc_fr_60.exe -runonce [3154416 2013-08-29] ()
HKLM-x32\...\Runonce: [Del15946562] - cmd.exe /Q /D /c del "C:\Users\SBASTI~1\AppData\Local\Temp\0.del" [x]
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Runonce: [Del1787537] - cmd.exe /Q /D /c del "C:\Users\SBASTI~1\AppData\Local\Temp\0.del"
HKCU\...\Runonce: [Del15946562] - cmd.exe /Q /D /c del "C:\Users\SBASTI~1\AppData\Local\Temp\0.del"
HKLM-x32\...\Run: [uSB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2011-12-05] (Intel Corporation)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [576568 2011-11-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [tuto4pc_fr_60] - C:\Program Files (x86)\tuto4pc_fr_60\tuto4pc_fr_60.exe [3965936 2013-08-29] ()
AppInit_DLLs-x32: c:\progra~3\browse~1\261562~1.220\{c16c1~1\browse~1.dll [2699216 2013-08-13] ()
Startup: C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=DEA2C018854473AF&affID=121136&tsp=4998
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=DEA2C018854473AF&affID=121136&tsp=4998
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=solimmsd&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDyEyEyBtA0A0FtAtA0D0CtN0D0Tzu0CyCtCyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=94443444&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=solimmsd&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDyEyEyBtA0A0FtAtA0D0CtN0D0Tzu0CyCtCyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=94443444&ir=
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {9BEA2108-27FF-4806-9309-09B32ABCD8AC} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=solimmsd&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDyEyEyBtA0A0FtAtA0D0CtN0D0Tzu0CyCtCyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=94443444&ir=
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=solimmsd&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDyEyEyBtA0A0FtAtA0D0CtN0D0Tzu0CyCtCyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=94443444&ir=
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {9BEA2108-27FF-4806-9309-09B32ABCD8AC} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=solimmsd&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDyEyEyBtA0A0FtAtA0D0CtN0D0Tzu0CyCtCyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=94443444&ir=
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=solimmsd&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyDyEyEyBtA0A0FtAtA0D0CtN0D0Tzu0CyCtCyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=94443444&ir=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://mixidj.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=DEA2C018854473AF&affID=121136&tsp=4998
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {9BEA2108-27FF-4806-9309-09B32ABCD8AC} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://www.ebay.fr/sch/i.html?_nkw={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll (MixiDJ)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: lucky leap - {d77aa852-def3-43cb-a3f5-bd679de72f32} - C:\Program Files (x86)\lucky leap\luckyleapbho.dll (luckyleap)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\bh\mysearchdial.dll (Ironsource Israel (2011) LTD)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\mysearchdialTlbr.dll (Ironsource Israel (2011) LTD)
Toolbar: HKLM-x32 - MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll (MixiDJ)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2012-03-30] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 172.16.233.229
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\SBASTI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\SBASTI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\SBASTI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\SBASTI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: () - C:\Users\SBASTI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.14
CHR Extension: (MixiDj Chrome Toolbar) - C:\Users\SBASTI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn\1.0
CHR Extension: (Chrome In-App Payments service) - C:\Users\SBASTI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\SBASTI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [boipimhfjpakfgckhbljjengakjhkcbp] - C:\Users\Sébastien\AppData\Roaming\BabSolution\CR\mixiDj.crx
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Sébastien\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx
CHR HKLM-x32\...\Chrome\Extension: [eiimolhnbbbdagljikeckdkldgemmmlj] - C:\Program Files (x86)\lucky leap\eiimolhnbbbdagljikeckdkldgemmmlj.crx
CHR HKLM-x32\...\Chrome\Extension: [kpepfkjapeclaafmhoelccknpfedainn] - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx
==================== Services (Whitelisted) =================
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [32808 2013-07-01] (Just Develop It)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2838480 2013-08-13] ()
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-07] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-07] (DealPly Technologies Ltd)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 Update lucky leap; C:\Program Files (x86)\lucky leap\updateluckyleap.exe [206624 2013-08-30] (lucky leap)
==================== Drivers (Whitelisted) ====================
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [258664 2011-09-22] (Realtek Semiconductor Corp.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-08 10:39 - 2013-09-08 10:42 - 01948988 _____ (Farbar) C:\Users\Sébastien\Desktop\FRST64.exe
2013-09-08 10:35 - 2013-09-08 10:35 - 00000000 ____D C:\Program Files\PostgreSQL
2013-09-08 10:34 - 2013-09-08 10:34 - 00000000 ____D C:\Program Files (x86)\PostgreSQL
2013-09-08 09:31 - 2013-09-08 10:35 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\PokerTracker 4
2013-09-08 09:31 - 2013-09-08 09:31 - 00004925 _____ C:\ProgramData\flwjycbm.bab
2013-09-08 09:31 - 2013-09-08 09:31 - 00001074 _____ C:\Users\Sébastien\Desktop\PokerTracker 4.lnk
2013-09-08 09:31 - 2013-09-08 09:31 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2013-09-08 09:31 - 2013-09-08 09:31 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4
2013-09-08 01:36 - 2013-09-08 02:20 - 46977154 _____ C:\Users\Sébastien\Downloads\PT-Install-v4.09.1.exe
2013-09-07 23:42 - 2013-09-07 23:43 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\RadioSure
2013-09-07 23:42 - 2013-09-07 23:42 - 00001118 _____ C:\Users\Sébastien\Desktop\RadioSure.lnk
2013-09-07 23:42 - 2013-09-07 23:42 - 00001087 _____ C:\Users\Sébastien\Desktop\MyPC Backup.lnk
2013-09-07 23:42 - 2013-09-07 23:42 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RadioSure
2013-09-07 23:42 - 2013-09-07 23:42 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-09-07 23:42 - 2013-09-07 23:42 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-09-07 23:40 - 2013-09-07 23:40 - 00000000 ____D C:\Program Files (x86)\mixidj
2013-09-07 23:39 - 2013-09-07 23:39 - 00003442 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-09-07 23:39 - 2013-09-07 23:39 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-07 23:39 - 2013-09-07 23:39 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-07 23:39 - 2013-09-07 23:39 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\mixidj
2013-09-07 23:39 - 2013-09-07 23:39 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\avgchrome
2013-09-07 23:39 - 2013-09-07 23:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-07 23:38 - 2013-09-07 23:39 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-09-07 23:38 - 2013-09-07 23:38 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-09-07 23:35 - 2013-09-08 02:04 - 00003410 _____ C:\Windows\System32\Tasks\EPUpdater
2013-09-07 23:35 - 2013-09-07 23:35 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\BabSolution
2013-09-07 23:33 - 2013-09-07 23:42 - 05521199 _____ (TheBestWare Studio) C:\Users\Sébastien\Downloads\RadioSure-2.2.1036-setup.exe
2013-09-07 23:33 - 2013-09-07 23:33 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Babylon
2013-09-07 23:33 - 2013-09-07 23:33 - 00000000 ____D C:\ProgramData\Babylon
2013-09-07 23:32 - 2013-09-08 10:37 - 00000912 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-09-07 23:32 - 2013-09-07 23:37 - 00000908 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-09-07 23:32 - 2013-09-07 23:32 - 00003908 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-09-07 23:32 - 2013-09-07 23:32 - 00003656 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-09-07 23:31 - 2013-09-08 10:31 - 00000304 _____ C:\Windows\Tasks\Dealply.job
2013-09-07 23:31 - 2013-09-07 23:31 - 00003260 _____ C:\Windows\System32\Tasks\Dealply
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Dealply
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\DealPlyLive
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\ProgramData\DealPlyLive
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\Program Files (x86)\DealPlyLive
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-09-07 23:30 - 2013-09-07 23:30 - 00000000 ____D C:\Program Files (x86)\lucky leap
2013-09-07 23:24 - 2013-09-07 23:25 - 00584600 _____ C:\Users\Sébastien\Downloads\cbsidlm-tr1_14-RadioSure-ORG-10911517.exe
2013-09-07 22:38 - 2013-09-08 01:47 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\PokerStars.FR
2013-09-07 22:38 - 2013-09-07 22:38 - 00001084 _____ C:\Users\Public\Desktop\PokerStars.fr.lnk
2013-09-07 22:38 - 2013-09-07 22:38 - 00000000 ____D C:\Program Files (x86)\PokerStars.FR
2013-09-07 22:20 - 2013-09-07 22:37 - 26619648 _____ (PokerStars) C:\Users\Sébastien\Downloads\PokerStarsInstallFR (2).exe
2013-09-07 20:45 - 2013-09-07 20:55 - 01774332 _____ C:\Users\Sébastien\Downloads\PokerStarsInstallFR (1).exe
2013-09-07 19:43 - 2013-09-07 19:49 - 02747232 _____ C:\Users\Sébastien\Downloads\PokerStarsInstallFR.exe
2013-09-07 19:42 - 2013-09-08 02:03 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\tuto4pc_fr_60
2013-09-07 19:42 - 2013-09-07 19:42 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\eorezo
2013-09-07 19:42 - 2013-09-07 19:42 - 00000000 ____D C:\Program Files (x86)\tuto4pc_fr_60
2013-09-07 19:35 - 2013-09-08 10:35 - 00000306 _____ C:\Windows\Tasks\MySearchDial.job
2013-09-07 19:35 - 2013-09-07 19:36 - 00000000 ____D C:\Program Files (x86)\Mysearchdial
2013-09-07 19:35 - 2013-09-07 19:35 - 00003262 _____ C:\Windows\System32\Tasks\MySearchDial
2013-09-07 19:35 - 2013-09-07 19:35 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\mysearchdial
2013-09-07 19:28 - 2013-09-07 19:28 - 00232760 _____ (Firser) C:\Users\Sébastien\Downloads\PokerStars.exe
2013-09-07 19:08 - 2013-09-07 19:08 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSÉBASTIEN-HP$
2013-09-07 19:08 - 2013-09-07 19:08 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForSÉBASTIEN-HP$.job
2013-09-07 18:48 - 2013-09-08 02:02 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\vlc
2013-09-07 18:11 - 2013-09-07 18:11 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-07 17:45 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-09-07 17:45 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-09-07 17:45 - 2012-02-17 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-09-07 17:45 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-09-07 17:28 - 2013-09-08 10:33 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-07 17:28 - 2013-09-07 19:07 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-07 17:28 - 2013-09-07 18:26 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\Google
2013-09-07 17:28 - 2013-09-07 18:26 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-07 17:28 - 2013-09-07 17:28 - 00004070 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-07 17:28 - 2013-09-07 17:28 - 00003818 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-07 17:27 - 2013-09-07 17:28 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\Deployment
2013-09-07 17:27 - 2013-09-07 17:27 - 00000000 ____D C:\Users\Sébastien\AppData\Local\Apps\2.0
2013-09-07 17:16 - 2013-09-07 17:16 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Macromedia
2013-09-07 17:16 - 2013-09-07 17:16 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Adobe
2013-09-07 17:15 - 2013-09-07 23:42 - 00000000 ___RD C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-07 17:15 - 2013-09-07 19:06 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForSébastien.job
2013-09-07 17:15 - 2013-09-07 17:23 - 00003968 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{43130126-3B80-4227-8C4A-A8501436C1C7}
2013-09-07 17:15 - 2013-09-07 17:15 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSébastien
2013-09-07 17:15 - 2013-09-07 17:15 - 00001459 _____ C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-07 17:15 - 2013-09-07 17:15 - 00001425 _____ C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-09-07 17:15 - 2013-09-07 17:15 - 00000000 ___RD C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-07 17:15 - 2013-09-07 17:15 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Synaptics
2013-09-07 17:13 - 2013-09-07 17:13 - 00057560 _____ C:\Users\SBASTI~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-07 17:13 - 2013-09-07 17:13 - 00000000 ____D C:\Users\Sébastien\Documents\Youcam
2013-09-07 17:13 - 2013-09-07 17:13 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\CyberLink
2013-09-07 17:13 - 2013-09-07 17:13 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\CyberLink
2013-09-07 17:11 - 2013-09-07 19:09 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Skype
2013-09-07 17:10 - 2013-09-07 23:39 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Hewlett-Packard
2013-09-07 17:10 - 2013-09-07 17:15 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\Hewlett-Packard
2013-09-07 17:10 - 2013-09-07 17:10 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\hpqlog
2013-09-07 17:09 - 2013-09-07 17:15 - 00003584 _____ C:\Windows\System32\Tasks\Registration
2013-09-07 17:09 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-07 17:09 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-07 17:09 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-07 17:09 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-07 17:09 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-07 17:09 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-07 17:09 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-07 17:09 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-07 17:09 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-07 17:08 - 2013-09-07 17:08 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\VirtualStore
2013-09-07 17:08 - 2013-09-07 17:08 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\RemEngine
2013-09-07 17:08 - 2013-09-07 17:08 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\Hewlett-Packard_Company
2013-09-07 17:07 - 2013-09-08 10:44 - 01465398 _____ C:\Windows\WindowsUpdate.log
2013-09-07 17:07 - 2013-09-07 17:15 - 00000000 ____D C:\Users\Sébastien
2013-09-07 17:07 - 2013-09-07 17:07 - 00000020 ___SH C:\Users\Sébastien\ntuser.ini
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Voisinage réseau
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Voisinage d'impression
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Modèles
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Menu Démarrer
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Documents\Mes vidéos
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Documents\Mes images
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Documents\Ma musique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\SBASTI~1\AppData\Local\Historique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Public\Documents\Mes vidéos
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Public\Documents\Mes images
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Public\Documents\Ma musique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Modèles
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Documents\Mes images
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\ProgramData\Modèles
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\ProgramData\Menu Démarrer
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\ProgramData\Favoris
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\ProgramData\Bureau
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Program Files\Fichiers communs
2013-09-07 17:07 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-07 17:07 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-07 17:06 - 2013-09-07 17:06 - 00000056 ____H C:\Windows\SysWOW64\ezsidmv.dat
==================== One Month Modified Files and Folders =======
2013-09-08 10:44 - 2013-09-07 17:07 - 01465398 _____ C:\Windows\WindowsUpdate.log
2013-09-08 10:44 - 2009-07-14 06:45 - 00031248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-08 10:44 - 2009-07-14 06:45 - 00031248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-08 10:42 - 2013-09-08 10:39 - 01948988 _____ (Farbar) C:\Users\Sébastien\Desktop\FRST64.exe
2013-09-08 10:37 - 2013-09-07 23:32 - 00000912 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-09-08 10:35 - 2013-09-08 10:35 - 00000000 ____D C:\Program Files\PostgreSQL
2013-09-08 10:35 - 2013-09-08 09:31 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\PokerTracker 4
2013-09-08 10:35 - 2013-09-07 19:35 - 00000306 _____ C:\Windows\Tasks\MySearchDial.job
2013-09-08 10:34 - 2013-09-08 10:34 - 00000000 ____D C:\Program Files (x86)\PostgreSQL
2013-09-08 10:33 - 2013-09-07 17:28 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-08 10:31 - 2013-09-07 23:31 - 00000304 _____ C:\Windows\Tasks\Dealply.job
2013-09-08 10:14 - 2012-02-09 19:42 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-08 10:14 - 2012-02-09 19:42 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-08 09:32 - 2012-02-10 04:10 - 00695004 _____ C:\Windows\system32\perfh00C.dat
2013-09-08 09:32 - 2012-02-10 04:10 - 00127684 _____ C:\Windows\system32\perfc00C.dat
2013-09-08 09:32 - 2009-07-14 07:13 - 01524562 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-08 09:31 - 2013-09-08 09:31 - 00004925 _____ C:\ProgramData\flwjycbm.bab
2013-09-08 09:31 - 2013-09-08 09:31 - 00001074 _____ C:\Users\Sébastien\Desktop\PokerTracker 4.lnk
2013-09-08 09:31 - 2013-09-08 09:31 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2013-09-08 09:31 - 2013-09-08 09:31 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4
2013-09-08 03:01 - 2009-07-14 07:38 - 00029696 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-09-08 03:01 - 2009-07-14 07:32 - 00032768 _____ C:\Windows\system32\config\BCD-Template
2013-09-08 02:20 - 2013-09-08 01:36 - 46977154 _____ C:\Users\Sébastien\Downloads\PT-Install-v4.09.1.exe
2013-09-08 02:04 - 2013-09-07 23:35 - 00003410 _____ C:\Windows\System32\Tasks\EPUpdater
2013-09-08 02:03 - 2013-09-07 19:42 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\tuto4pc_fr_60
2013-09-08 02:02 - 2013-09-07 18:48 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\vlc
2013-09-08 01:47 - 2013-09-07 22:38 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\PokerStars.FR
2013-09-07 23:43 - 2013-09-07 23:42 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\RadioSure
2013-09-07 23:42 - 2013-09-07 23:42 - 00001118 _____ C:\Users\Sébastien\Desktop\RadioSure.lnk
2013-09-07 23:42 - 2013-09-07 23:42 - 00001087 _____ C:\Users\Sébastien\Desktop\MyPC Backup.lnk
2013-09-07 23:42 - 2013-09-07 23:42 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RadioSure
2013-09-07 23:42 - 2013-09-07 23:42 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-09-07 23:42 - 2013-09-07 23:42 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-09-07 23:42 - 2013-09-07 23:33 - 05521199 _____ (TheBestWare Studio) C:\Users\Sébastien\Downloads\RadioSure-2.2.1036-setup.exe
2013-09-07 23:42 - 2013-09-07 17:15 - 00000000 ___RD C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-07 23:40 - 2013-09-07 23:40 - 00000000 ____D C:\Program Files (x86)\mixidj
2013-09-07 23:39 - 2013-09-07 23:39 - 00003442 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-09-07 23:39 - 2013-09-07 23:39 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-07 23:39 - 2013-09-07 23:39 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-07 23:39 - 2013-09-07 23:39 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\mixidj
2013-09-07 23:39 - 2013-09-07 23:39 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\avgchrome
2013-09-07 23:39 - 2013-09-07 23:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-07 23:39 - 2013-09-07 23:38 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-09-07 23:39 - 2013-09-07 17:10 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Hewlett-Packard
2013-09-07 23:38 - 2013-09-07 23:38 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-09-07 23:37 - 2013-09-07 23:32 - 00000908 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-09-07 23:35 - 2013-09-07 23:35 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\BabSolution
2013-09-07 23:33 - 2013-09-07 23:33 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Babylon
2013-09-07 23:33 - 2013-09-07 23:33 - 00000000 ____D C:\ProgramData\Babylon
2013-09-07 23:32 - 2013-09-07 23:32 - 00003908 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-09-07 23:32 - 2013-09-07 23:32 - 00003656 _____ C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-09-07 23:31 - 2013-09-07 23:31 - 00003260 _____ C:\Windows\System32\Tasks\Dealply
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Dealply
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\DealPlyLive
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\ProgramData\DealPlyLive
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\Program Files (x86)\DealPlyLive
2013-09-07 23:31 - 2013-09-07 23:31 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-09-07 23:30 - 2013-09-07 23:30 - 00000000 ____D C:\Program Files (x86)\lucky leap
2013-09-07 23:25 - 2013-09-07 23:24 - 00584600 _____ C:\Users\Sébastien\Downloads\cbsidlm-tr1_14-RadioSure-ORG-10911517.exe
2013-09-07 23:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2013-09-07 22:38 - 2013-09-07 22:38 - 00001084 _____ C:\Users\Public\Desktop\PokerStars.fr.lnk
2013-09-07 22:38 - 2013-09-07 22:38 - 00000000 ____D C:\Program Files (x86)\PokerStars.FR
2013-09-07 22:37 - 2013-09-07 22:20 - 26619648 _____ (PokerStars) C:\Users\Sébastien\Downloads\PokerStarsInstallFR (2).exe
2013-09-07 20:55 - 2013-09-07 20:45 - 01774332 _____ C:\Users\Sébastien\Downloads\PokerStarsInstallFR (1).exe
2013-09-07 20:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-07 20:21 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\system32\WCN
2013-09-07 20:21 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-09-07 20:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\MUI
2013-09-07 20:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2013-09-07 20:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2013-09-07 19:49 - 2013-09-07 19:43 - 02747232 _____ C:\Users\Sébastien\Downloads\PokerStarsInstallFR.exe
2013-09-07 19:42 - 2013-09-07 19:42 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\eorezo
2013-09-07 19:42 - 2013-09-07 19:42 - 00000000 ____D C:\Program Files (x86)\tuto4pc_fr_60
2013-09-07 19:36 - 2013-09-07 19:35 - 00000000 ____D C:\Program Files (x86)\Mysearchdial
2013-09-07 19:35 - 2013-09-07 19:35 - 00003262 _____ C:\Windows\System32\Tasks\MySearchDial
2013-09-07 19:35 - 2013-09-07 19:35 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\mysearchdial
2013-09-07 19:28 - 2013-09-07 19:28 - 00232760 _____ (Firser) C:\Users\Sébastien\Downloads\PokerStars.exe
2013-09-07 19:09 - 2013-09-07 17:11 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Skype
2013-09-07 19:08 - 2013-09-07 19:08 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSÉBASTIEN-HP$
2013-09-07 19:08 - 2013-09-07 19:08 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForSÉBASTIEN-HP$.job
2013-09-07 19:07 - 2013-09-07 17:28 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-07 19:06 - 2013-09-07 17:15 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForSébastien.job
2013-09-07 19:06 - 2012-03-30 02:55 - 00000000 ____D C:\ProgramData\Norton
2013-09-07 19:06 - 2010-11-21 05:47 - 00571870 _____ C:\Windows\PFRO.log
2013-09-07 19:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-07 19:06 - 2009-07-14 06:51 - 00048198 _____ C:\Windows\setupact.log
2013-09-07 18:26 - 2013-09-07 17:28 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\Google
2013-09-07 18:26 - 2013-09-07 17:28 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-07 18:11 - 2013-09-07 18:11 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-07 18:00 - 2012-02-09 19:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-07 18:00 - 2012-02-09 19:53 - 00000000 ____D C:\ProgramData\Skype
2013-09-07 17:50 - 2011-11-30 04:23 - 00000000 ___HD C:\HP
2013-09-07 17:28 - 2013-09-07 17:28 - 00004070 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-07 17:28 - 2013-09-07 17:28 - 00003818 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-07 17:28 - 2013-09-07 17:27 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\Deployment
2013-09-07 17:27 - 2013-09-07 17:27 - 00000000 ____D C:\Users\Sébastien\AppData\Local\Apps\2.0
2013-09-07 17:23 - 2013-09-07 17:15 - 00003968 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{43130126-3B80-4227-8C4A-A8501436C1C7}
2013-09-07 17:16 - 2013-09-07 17:16 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Macromedia
2013-09-07 17:16 - 2013-09-07 17:16 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Adobe
2013-09-07 17:15 - 2013-09-07 17:15 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSébastien
2013-09-07 17:15 - 2013-09-07 17:15 - 00001459 _____ C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-07 17:15 - 2013-09-07 17:15 - 00001425 _____ C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-09-07 17:15 - 2013-09-07 17:15 - 00000000 ___RD C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-07 17:15 - 2013-09-07 17:15 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\Synaptics
2013-09-07 17:15 - 2013-09-07 17:10 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\Hewlett-Packard
2013-09-07 17:15 - 2013-09-07 17:09 - 00003584 _____ C:\Windows\System32\Tasks\Registration
2013-09-07 17:15 - 2013-09-07 17:07 - 00000000 ____D C:\Users\Sébastien
2013-09-07 17:15 - 2011-02-10 21:23 - 00000000 ____D C:\SWSetup
2013-09-07 17:13 - 2013-09-07 17:13 - 00057560 _____ C:\Users\SBASTI~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-07 17:13 - 2013-09-07 17:13 - 00000000 ____D C:\Users\Sébastien\Documents\Youcam
2013-09-07 17:13 - 2013-09-07 17:13 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\CyberLink
2013-09-07 17:13 - 2013-09-07 17:13 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\CyberLink
2013-09-07 17:10 - 2013-09-07 17:10 - 00000000 ____D C:\Users\Sébastien\AppData\Roaming\hpqlog
2013-09-07 17:09 - 2012-02-09 19:59 - 00000000 ___RD C:\Program Files\Online Services
2013-09-07 17:09 - 2012-02-09 19:42 - 00000000 ___RD C:\Program Files (x86)\Online Services
2013-09-07 17:09 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-09-07 17:09 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-09-07 17:09 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-09-07 17:08 - 2013-09-07 17:08 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\VirtualStore
2013-09-07 17:08 - 2013-09-07 17:08 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\RemEngine
2013-09-07 17:08 - 2013-09-07 17:08 - 00000000 ____D C:\Users\SBASTI~1\AppData\Local\Hewlett-Packard_Company
2013-09-07 17:08 - 2011-02-10 21:23 - 00000000 ___HD C:\SYSTEM.SAV
2013-09-07 17:08 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2013-09-07 17:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Recovery
2013-09-07 17:08 - 2007-01-02 03:32 - 00000000 __SHD C:\Recovery
2013-09-07 17:07 - 2013-09-07 17:07 - 00000020 ___SH C:\Users\Sébastien\ntuser.ini
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Voisinage réseau
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Voisinage d'impression
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Modèles
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Menu Démarrer
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Documents\Mes vidéos
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Documents\Mes images
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\Documents\Ma musique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Sébastien\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\SBASTI~1\AppData\Local\Historique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Public\Documents\Mes vidéos
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Public\Documents\Mes images
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Public\Documents\Ma musique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Modèles
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Documents\Mes images
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\ProgramData\Modèles
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\ProgramData\Menu Démarrer
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\ProgramData\Favoris
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\ProgramData\Bureau
2013-09-07 17:07 - 2013-09-07 17:07 - 00000000 _SHDL C:\Program Files\Fichiers communs
2013-09-07 17:07 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2013-09-07 17:07 - 2007-01-02 03:25 - 00000000 ____D C:\Windows\Panther
2013-09-07 17:06 - 2013-09-07 17:06 - 00000056 ____H C:\Windows\SysWOW64\ezsidmv.dat
2013-09-07 17:03 - 2009-07-14 06:46 - 00005838 _____ C:\Windows\DtcInstall.log
2013-09-07 17:03 - 2007-01-02 03:29 - 00008246 _____ C:\Windows\TSSysprep.log
Files to move or delete:
====================
C:\Users\SBASTI~1\AppData\Local\Temp\BackupSetup.exe
C:\Users\SBASTI~1\AppData\Local\Temp\setup.exe
C:\Users\SBASTI~1\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-07 20:12
==================== End Of Log ============================

Et voici le rapport addition:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2013
Ran by Sébastien at 2013-09-08 10:45:03
Running from C:\Users\Sébastien\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Reader X (10.1.0) MUI (x32 Version: 10.1.0)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.3.633)
Babylon Chrome Toolbar (x32)
be Flash Player 11 ActiveX 64-bit (Version: 11.2.202.160)
Bejeweled 3 (x32 Version: 2.2.0.98)
Bing Bar (x32 Version: 7.1.391.0)
BrowserDefender (x32)
Cake Mania (x32 Version: 2.2.0.98)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Cradle of Rome 2 (x32 Version: 2.2.0.98)
CyberLink YouCam (x32 Version: 3.5.2.4725)
D3DX10 (x32 Version: 15.4.2368.0902)
Dealply (HKCU)
DealPly (remove only) (x32 Version: 4.8.7.2)
ESU for Microsoft Windows 7 SP1 (x32 Version: 4.1.2)
Evernote v. 4.5.2 (x32 Version: 4.5.2.5904)
Farm Frenzy (x32 Version: 2.2.0.98)
Farmscapes (x32 Version: 2.2.0.98)
FATE (x32 Version: 2.2.0.97)
Final Drive Fury (x32 Version: 2.2.0.95)
Fishdom 2 (x32 Version: 2.2.0.98)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 29.0.1547.66)
Google Update Helper (x32 Version: 1.3.21.153)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.10.1)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP CoolSense (x32 Version: 2.10.3)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8)
HP Documentation (x32 Version: 1.1.0.0)
HP Games (x32 Version: 1.0.2.5)
HP Launch Box (Version: 1.1.5)
HP On Screen Display (x32 Version: 1.3.5)
HP Power Manager (x32 Version: 1.4.7)
HP Quick Launch (x32 Version: 2.6.2)
HP Recovery Manager (x32 Version: 2.0.0)
HP Security Assistant (Version: 2.0.2)
HP Setup (x32 Version: 9.0.15109.3899)
HP Setup Manager (x32 Version: 1.2.14901.3869)
HP Software Framework (x32 Version: 4.5.4.1)
HP Support Assistant (x32 Version: 6.1.12.1)
IDT Audio (x32 Version: 1.0.6381.0)
Insaniquarium Deluxe (x32 Version: 2.2.0.97)
Intel® Control Center (x32 Version: 1.2.1.1007)
Intel® Management Engine Components (x32 Version: 8.0.0.1351)
Intel® OpenCL CPU Runtime (x32)
Intel® Processor Graphics (x32 Version: 8.15.10.2618)
Intel® Rapid Storage Technology (x32 Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.0.199)
Intel® Trusted Connect Service Client (Version: 1.23.216.0)
Jewel Match 3 (x32 Version: 2.2.0.98)
Jewel Quest II (x32 Version: 2.2.0.97)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
lucky leap 3.0.0 (Version: 3.0.0)
Magic Desktop (x32 Version: 3.0)
Mahjongg Artifacts (x32 Version: 2.2.0.95)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (x32 Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
MixiDJ chrome Toolbar (x32)
MixiDJ Toolbar (x32 Version: 1.8.18.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MyPC Backup (Version: )
Mysearchdial (x32)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)
opensource (x32 Version: 1.0.14960.3876)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
PokerStars.fr (x32)
PokerTracker 4 (remove only) (x32)
Polar Bowler (x32 Version: 2.2.0.97)
PostgreSQL 9.0 (Version: 9.0)
RadioSure (HKCU)
Ralink RT5390R 802.11b/g/n 1x1 Wi-Fi Adapter (x32 Version: 3.02.07.0)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98)
Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.29004)
Skype 6.6 (x32 Version: 6.6.106)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.27.1)
Torchlight (x32 Version: 2.2.0.98)
tuto4pc_fr_60 (x32)
Update Installer for WildTangent Games App (x32)
Virtual Families (x32 Version: 2.2.0.98)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Wedding Dash (x32 Version: 2.2.0.95)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32)
Windows Live (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Zuma's Revenge (x32 Version: 2.2.0.98)
==================== Restore Points =========================
07-09-2013 15:08:39 Windows Update
07-09-2013 15:45:42 Windows Update
07-09-2013 18:19:24 Suppression du module linguistique
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {16BA4FFF-2235-4618-A0DA-98104527C1D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {188C817E-FE42-46D5-9227-C8F8AA4D1888} - System32\Tasks\Dealply => C:\Users\Sébastien\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe [2013-09-07] ()
Task: {32729F9E-CCF2-49A9-A79E-382DB86082AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-07] (Google Inc.)
Task: {42E5A5F3-5AC7-47F3-B947-21D74B997DF9} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert
Task: {457A4625-3FCB-48A7-A1E3-C845DFF4E297} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {4855598F-C18A-41FE-968A-D53133CA491E} - System32\Tasks\EPUpdater => C:\Users\Sébastien\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] ()
Task: {4C1E29B7-6FDA-4266-B889-7552C82224FC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {51E8B324-4A4D-4EC7-BC09-0D111368BA78} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2011-10-06] ()
Task: {66E2ED98-6F16-4CA6-BDEB-FDB17F2668E1} - System32\Tasks\MySearchDial => C:\Users\Sébastien\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-09-07] ()
Task: {7D0E94F9-A7C6-4A77-975B-6327DCA2EA46} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {7E5A5F1D-FD7F-426F-A41F-33C9490E023C} - System32\Tasks\User_Feed_Synchronization-{43130126-3B80-4227-8C4A-A8501436C1C7} => C:\Windows\system32\msfeedssync.exe [2012-02-09] (Microsoft Corporation)
Task: {7ED8772C-B0F8-46B9-88D0-CE667455E66B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {95415EA3-2932-4BB2-83D2-3FD8F1EB8190} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-09-07] (DealPly Technologies Ltd)
Task: {9687447B-E39D-4B31-A0B7-968F675F9A5A} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-09-07] (DealPly Technologies Ltd)
Task: {9F7961C8-531F-4DC2-8578-CA4FE2984B56} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {9FBB0147-530D-4089-A82B-34AA1EA11FA5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-09] (Adobe Systems Incorporated)
Task: {B8038C76-C133-443E-AFE6-229D64D9A515} - System32\Tasks\HPCeeScheduleForSÉBASTIEN-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {C400BA24-4AA8-4A36-B38C-0613BBF92534} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {C9E3539C-43E3-4126-8123-2B6EAD425AD4} - System32\Tasks\HPCeeScheduleForSébastien => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {CBF26831-2437-4B55-B6BA-50EFBA34BE63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-07] (Google Inc.)
Task: {D92A371F-6245-403A-9DD0-7919886FBCC7} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\SYSTEM32\OOBE\SETUPSQM.EXE [2009-07-14] (Microsoft Corporation)
Task: {FC1BD2F5-3A70-4645-80FC-3F36C5A5C06A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-11-28] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\SBASTI~1\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSÉBASTIEN-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSébastien.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\SBASTI~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE
==================== Loaded Modules (whitelisted) =============
2009-07-14 02:18 - 2009-07-14 03:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\imaadp32.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\msg711.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\msgsm32.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm
2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2012-01-06 03:31 - 2012-01-06 03:31 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrFRA.lrc
2012-01-06 03:24 - 2012-01-06 03:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-10-01 19:14 - 2011-10-01 19:14 - 00415528 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2011-10-01 19:14 - 2011-10-01 19:14 - 00226600 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2011-10-01 19:14 - 2011-10-01 19:14 - 10572072 _____ (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPRes.dll
2012-03-30 02:45 - 2012-01-04 10:37 - 04444672 _____ (IDT, Inc.) C:\Program Files\IDT\WDM\STLang64.dll
2012-03-30 02:45 - 2012-01-04 10:37 - 00654336 _____ (IDT, Inc.) C:\Windows\system32\stapi64.dll
2013-07-01 19:48 - 2013-07-01 19:48 - 02772992 _____ (mypcbackup.com) C:\Program Files (x86)\MyPC Backup\Shared Stack.dll
2013-07-01 19:47 - 2013-07-01 19:47 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-07-01 19:43 - 2013-07-01 19:43 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2013-07-01 19:43 - 2013-07-01 19:43 - 03483136 _____ (Amazon.com, Inc) C:\Program Files (x86)\MyPC Backup\AWSSDK.dll
2012-03-30 02:51 - 2010-04-23 12:00 - 00588472 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezsvc7x.dll
2012-03-30 02:51 - 2012-03-30 02:51 - 00052920 _____ (EasyBits Software Corp.) C:\Windows\SysWow64\EZUPBH~1.DLL
2012-03-30 02:45 - 2012-03-30 02:45 - 00019968 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\51694f36a8a968fb3d8ca98152caf4ef\IAStorDataMgrSvc.ni.exe
2012-03-30 02:45 - 2012-03-30 02:45 - 00225280 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\1428876b9bee0b7d7ced9462111719b8\IAStorDataMgr.ni.dll
2012-03-30 02:45 - 2012-03-30 02:45 - 00487424 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\f1f0231b32dee581dcab0b26d83b02ca\IAStorUtil.ni.dll
2012-03-30 02:45 - 2012-03-30 02:45 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\a21ece5c049c9f429756fd1a3fe55ccd\IsdiInterop.ni.dll
2012-03-30 02:45 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-03-30 02:45 - 2012-03-30 02:45 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ca11c3c4c5560bf7aafa094599128200\IAStorCommon.ni.dll
2012-03-30 02:44 - 2011-12-16 20:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-09-07 23:38 - 2013-08-13 16:40 - 02699216 _____ () C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/08/2013 02:03:26 AM) (Source: Application Hang) (User: )
Description: Le programme package_addlyrics_offer_multilang.tmp version 51.52.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.
ID de processus : 1a3c
Heure de début : 01ceac26c5e1035f
Heure de fin : 31
Chemin d’accès de l’application : C:\Users\SBASTI~1\AppData\Local\Temp\is-81I22.tmp\package_addlyrics_offer_multilang.tmp
ID de rapport :
Error: (09/07/2013 11:32:20 PM) (Source: MsiInstaller) (User: Sébastien-HP)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\GoogleUpdateHelper.msi
Error: (09/07/2013 07:08:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/07/2013 06:02:21 PM) (Source: MsiInstaller) (User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 06:02:20 PM) (Source: MsiInstaller) (User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 06:02:18 PM) (Source: MsiInstaller) (User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 06:01:55 PM) (Source: MsiInstaller) (User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 06:01:54 PM) (Source: MsiInstaller) (User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 06:01:53 PM) (Source: MsiInstaller) (User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 05:15:56 PM) (Source: Application Error) (User: )
Description: Nom de l’application défaillante HPWMISVC.exe, version : 2.5.3.0, horodatage : 0x4ed4a2e7
Nom du module défaillant : HPWMISVC.exe, version : 2.5.3.0, horodatage : 0x4ed4a2e7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000018ae
ID du processus défaillant : 0x608
Heure de début de l’application défaillante : 0xHPWMISVC.exe0
Chemin d’accès de l’application défaillante : HPWMISVC.exe1
Chemin d’accès du module défaillant: HPWMISVC.exe2
ID de rapport : HPWMISVC.exe3
System errors:
=============
Error: (09/07/2013 05:16:00 PM) (Source: Service Control Manager) (User: )
Description: Le service HPWMISVC s’est terminé de façon inattendue pour la 1ème fois.
Microsoft Office Sessions:
=========================
Error: (09/08/2013 02:03:26 AM) (Source: Application Hang)(User: )
Description: package_addlyrics_offer_multilang.tmp51.52.0.01a3c01ceac26c5e1035f31C:\Users\SBASTI~1\AppData\Local\Temp\is-81I22.tmp\package_addlyrics_offer_multilang.tmp
Error: (09/07/2013 11:32:20 PM) (Source: MsiInstaller)(User: Sébastien-HP)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\GoogleUpdateHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 07:08:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/07/2013 06:02:21 PM) (Source: MsiInstaller)(User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 06:02:20 PM) (Source: MsiInstaller)(User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 06:02:18 PM) (Source: MsiInstaller)(User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 06:01:55 PM) (Source: MsiInstaller)(User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 06:01:54 PM) (Source: MsiInstaller)(User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 06:01:53 PM) (Source: MsiInstaller)(User: Sébastien-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 05:15:56 PM) (Source: Application Error)(User: )
Description: HPWMISVC.exe2.5.3.04ed4a2e7HPWMISVC.exe2.5.3.04ed4a2e7c0000005000018ae60801ceabdbb75493bbC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe6435502e-17d0-11e3-aae4-80c16e61f3e3
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 3992.36 MB
Available physical RAM: 2078.04 MB
Total Pagefile: 7982.91 MB
Available Pagefile: 6031.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:277.88 GB) (Free:243 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.92 GB) (Free:2.1 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (DVD72_2) (CDROM) (Total:7.71 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: F2BD51B8)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=278 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End Of Log ============================
pear Devil Member !

pear

Posté(e)
Posté(e)

Comment poster les rapports
Aller sur le site :Ci-Jointicne2cjoint.png
Appuyez sur Parcourir et chercher les rapports sur le disque,
Cliquer sur Ouvrir
Cliquer sur Créer le lien CJoint,
>> dans la page suivante --> ,,
une adresse http//.. sera créée
Copier /coller cette adresse dans votre prochain message.

1)Si vous avez Adwcleaner depuis quelque temps, désinstallez le et installez la dernière version

Télécharger AdwCleaner
Sous Vista et Windows 7_ 8-> Exécuter en tant qu'administrateur
Afin de ne pas fausser les rapports,Scanner et Nettoyer ne doivent être lancés qu'une seule fois
Cliquez sur Scanner et postez le rapport généré C:\AdwCleaner[R1].txt
89871620130820171756.jpg

NettoyageA faire sans délai
Relancez AdwCleaner avec droits administrateur
Cliquez sur Nettoyer et postez le rapport C:\AdwCleaner[s1].txt

2)Télécharger Junkware Removal Tool de thisisu
OS:Windows XP/Vista/7/8
Utilisable sur systèmes 32-bits et 64-bits

Clquez sur Jrt.exe avec droits administrateur.
Si votre antvirus râle,Vous le signalez comme acceptable dans les exceptions de votre antivirus
Une fenêtre noire s'ouvre qui vous dit de cliquer une touche pour lancer le scan.

L'outil va prendre quelques minutes pour fouiller votre machine.
Patientez jusqu'à l'apparition de Jrt.txt dont vous posterez le contenu.

3)

Téléchargez MBAM
Avant de lancer Mbam
Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire
Cliquer ici
Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)
Exécuter avec droits d'administrateur.
Sous Vista/7/8 , désactiver l'Uac

Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.
Enregistrez le sur le bureau .
Fermer toutes les fenêtres et programmes
Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)
N'apportez aucune modification aux réglages par défaut et, en fin d'installation,
Vérifiez que les options Update/Mises à jour et Launch/Exécuter soient cochées

MBAM démarrera automatiquement et enverra un message demandant de mettre à jour le programme avant de lancer une analyse.
cliquer sur OK pour fermer la boîte de dialogue..
Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:
mbam.jpg
Si le pare-feu demande l'autorisation de connecter MBAM, acceptez

Une fois la mise à jour terminée, allez dans l'onglet Recherche.

Sélectionnez "Exécuter un examen complet"
Cliquez sur "Rechercher"
.L' analyse prendra un certain temps, soyez patient !
A la fin , un message affichera :
L'examen s'est terminé normalement.
Et un fichier Mbam.log apparaitra


Sélectionnez tout et cliquez sur Supprimer la sélection ,
MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.
Copiez-collez ce rapport dans la prochaine réponse.


4)reinitialiser-son-navigateur

5) rapport Zhpdiag
Téchargement de Zhpdiag

Double-cliquer sur ZHPDiag.exe pour installer l'outil
Il devrait y avoir 3 icônes sur le bureau ou dans le fichier d'installation de Zhpdiag.
zhp0710.png


Sous XP, double clic sur l'icône ZhpDiag
Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

50312920130802113656.jpg
Cliquer Configurer

Cliquez sur le bouton12040309492645704.jpg
120403104704343592.jpg
et choisissez Tous

Cliquer Rechercher
Le rapport ZhpDiag.txt apparait sur le bureau

crashstop Member

crashstop

Posté(e)
  • Auteur
Posté(e)

ci dessous le rapport d'analyse de MBAM apres nettoyage:

 

Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.09.08.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sébastien :: SÉBASTIEN-HP [administrateur]
Protection: Activé
08/09/2013 15:37:31
mbam-log-2013-09-08 (15-37-31).txt
Type d'examen: Examen complet (C:\|D:\|E:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 353065
Temps écoulé: 26 minute(s), 6 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 18
HKCR\AppID\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756} (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\TypeLib\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756} (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\CLSID\{2C141B4C-B5BA-4E89-BE73-F71ED4A208CF} (PUP.Optional.MixiDJToolbar.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\CLSID\{7D0EE142-0642-4FDD-AF73-7399C04E1041} (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\esrv.mixidjESrvc.1 (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\esrv.mixidjESrvc (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\CLSID\{C3F978C3-0594-4397-B8E6-3F9D9BE6A7B9} (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\CLSID\{F9221CC8-22DF-4CEF-B8ED-BA87F1F09878} (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\m (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\Typelib\{8BA772A8-AC4F-4954-9B5E-433CA6DC506F} (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\Interface\{108F5878-71F9-4B5C-9EC0-58CEC29E8124} (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A105B30B-D103-4781-B18C-E8DF93B6EBD0} (PUP.Optional.MixiDJ.A) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 3
C:\Users\Sébastien\AppData\Local\Temp\mt_ffx\mixidj (PUP.Optional.MixiDJ.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\AppData\Local\Temp\mt_ffx\mixidj\mixidj (PUP.Optional.MixiDJ.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\AppData\Local\Temp\mt_ffx\mixidj\mixidj\1.8.18.8 (PUP.Optional.MixiDJ.A) -> Mis en quarantaine et supprimé avec succès.
Fichier(s) détecté(s): 23
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyIE.dll.vir (PUP.DealPly) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateVer.exe.vir (PUP.DealPly.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\lucky leap\luckyleapBHO.dll.vir (PUP.Optional.LuckyLeap.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\mixidj\mixidj\1.8.18.8\uninstall.exe.vir (PUP.Optional.MixiDJ.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\mysearchdialApp.dll.vir (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\mysearchdialEng.dll.vir (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\mysearchdialsrv.exe.vir (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\mysearchdialTlbr.dll.vir (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\bh\mysearchdial.dll.vir (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\tuto4pc_fr_60\tuto4pc_fr_60.exe.vir (Adware.Tuto4PC) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Users\Sébastien\AppData\Local\tuto4pc_fr_60\Download\majt4pcfr.exe.vir (Adware.Eorezo) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Users\Sébastien\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir (PUP.Optional.Babylon.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Users\Sébastien\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe.vir (PUP.DealPly.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQ4S4GT6\Setup[1].exe (PUP.Optional.LuckyLeap.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HS2BHJNW\pack[1].7z (PUP.Optional.BrowserProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\AppData\Local\Temp\setup.exe (PUP.Optional.Babylon.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\AppData\Local\Temp\400C5229-BAB0-7891-911F-1A152719AF99\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\AppData\Local\Temp\400C5229-BAB0-7891-911F-1A152719AF99\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\AppData\Local\Temp\7C35755B-BAB0-7891-9C39-532A013F2AB4\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\AppData\Local\Temp\7C35755B-BAB0-7891-9C39-532A013F2AB4\Latest\MyMixiTB.exe (PUP.Optional.MixiDJ.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\AppData\Local\Temp\7C35755B-BAB0-7891-9C39-532A013F2AB4\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\AppData\Local\Temp\is-3A9SV.tmp\babylon_download.exe (PUP.Optional.Babylon.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Sébastien\Downloads\PokerStars.exe (PUP.Optional.Firser.A) -> Mis en quarantaine et supprimé avec succès.
(fin)

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...